VIRY.CZ

Dobrý den, níže přikládám výpis z logu RSIT. Mám problémy se zpomalováním pc a v současně v prohlížeči CHROME mě vyskakují okna a reklamy od společnosti AKAMAIHD.
Zde je log RSIT

------------------------------------------------------------------------

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kamila at 2014-07-09 10:10:36
Microsoft Windows 8.1
System drive C: has 419 GB (91%) free of 460 GB
Total RAM: 3979 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:10:50, on 9. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kamila.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0048292 - {11111111-1111-1111-1111-110411821192} - C:\Program Files (x86)\Sense\Sense-bho.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-18\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series" (User 'Default user')
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem59.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: lmab_device - - C:\Windows\system32\LMabcoms.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: ShopperPro Update (SPBIUpd) - ShopperPro - C:\Program Files\Common Files\ShopperPro\spbiu.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13624 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
dashost.exe {8bbe872a-ae36-4a83-92e52606bfd5dfe0}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\LMabcoms.exe -service
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files\Common Files\ShopperPro\spbiu.exe" /service
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\vcsFPService.exe

C:\Windows\system32\EscSvc64.exe
C:\WINDOWS\SysWOW64\svchost.exe -k MbnExt
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3b4ce520-074d-48d5-80b4-8e2c94480315 -SystemEventPortName:HostProcess-b9cfa17f-3b3d-4b91-95b4-ef6128b5d323 -IoCancelEventPortName:HostProcess-39303c2e-1507-4772-b369-422ca2f829e6 -NonStateChangingEventPortName:HostProcess-54ac87ec-8ebb-46d1-a1c2-30ffc8000b20 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:87230f87-a645-448e-a51a-32e53030d6ff -DeviceGroupId:

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9edce2c8-7566-49ec-8886-b1556bc66aff -SystemEventPortName:HostProcess-1fa495ce-8fba-4137-b7d3-6753aba2fc34 -IoCancelEventPortName:HostProcess-cacc916a-d66e-481c-95f7-e99b5fa720d0 -NonStateChangingEventPortName:HostProcess-4f23c4f1-47b6-404f-9ce3-4d4690ef050b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d753f0e4-cded-4576-afb9-3bf108e6501c -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {40170093-1859-49C1-B297-FF0595B1FD01}
C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3
C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Sense\Sense-nova.exe" /QKznSGga='Sense' /bVBjfdNQ=48292 /kQSbsKe='000803' /gzMygfn='0' /LKiWVdB='eyJkYXRhIjp7ImRhdGUiOiJFNzR6YWRrYywwNGU4ZjI2Yi0xMTYxLTQ0MDQtYjBiNC1kNjM0Y2NlZGE4YWIsIiwidW5xIjoiMDRlOGYyNmItMTE2MS00NDA0LWIwYjQtZDYzNGNjZWRhOGFiIn19' /LgRGCP=2463E5F5D1304B9AB8061A3FE045D2E8IE /axcjFnQ=f1ad30abe208f47df40ffb3ce44b0a79 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404479060 /RnpoOm=http://stats.demogensrv.com /nevRquvFu=http://errors.demogensrv.com /XwkgZpB=http://js.demogensrv.com /mAHikT=ch /VyqoDMi /pjbTgehYw=Sense /GwamWkgE='nova' /eJPVqQJEd=http://js.clientdemocloud.com /nzJPxyFiY='{"asw":[0, 257, 0]}' /LgXrNxBX='http://update.demogensrv.com/novarun/{C ... pdate.json' /IZSOsP='task' /EIAIMMIR=''
taskhostex.exe
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
"C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE" /EPT "EPLTarget\P0000000000000000" /M "L355 Series"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5472.0.1431068062\1031262232" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5472.3.1161434747\553539680" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5472.6.52287791\873639800" /prefetch:673131151
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5472.39.1390266360\1531727702" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5472.53.1850614903\361600813" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5472.56.704483580\1446338899" /prefetch:673131151
taskhostex.exe Regular
C:\WINDOWS\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\WINDOWS\system32\msfeedssync.exe sync
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5472.65.665456147\1298063327" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5472.68.833611636\394291064" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5472.77.967197320\238050245" /prefetch:673131151

C:\WINDOWS\System32\sdclt.exe /CONFIGNOTIFICATION
taskeng.exe {E615713C-C702-4FCD-A052-F9340D48898E}
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5472.99.834072825\574905116" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe31_ Global\UsGthrCtrlFltPipeMssGthrPipe31 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 592 596 604 65536 600
"C:\Users\Kamila\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\4b2c416e-f468-4649-a776-70905f3ac508-1.job - C:\Program Files (x86)\Sense\Sense-codedownloader.exe# /iNlXQ /IZSOsP=task /QKznSGga='Sense' /bVBjfdNQ=48292 /kQSbsKe='000803' /gzMygfn='0' /LKiWVdB='eyJkYXRhIjp7ImRhdGUiOiJFNzR6YWRrYywwNGU4ZjI2Yi0xMTYxLTQ0MDQtYjBiNC1kNjM0Y2NlZGE4YWIsIiwidW5xIjoiMDRlOGYyNmItMTE2MS00NDA0LWIwYjQtZDYzNGNjZWRhOGFiIn19' /LgRGCP=2463E5F5D1304B9AB8061A3FE045D2E8IE /axcjFnQ=f1ad30abe208f47df40ffb3ce44b0a79 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404479060 /RnpoOm=http://stats.demogensrv.com /nevRquvFu=http://errors.demogensrv.com /XwkgZpB=http://js.demogensrv.com /mAHikT=ch /pjbTgehYw='Sense' /eJPVqQJEd=http://js.clientdemocloud.com /ZmxvjFWYH /nzJPxyFiY='{"asw":[0, 257, 0]}' /LgXrNxBX='http://update.demogensrv.com/ie_code_ag ... pdate.json' /IZSOsP='task' /EIAIMMIR=''#
C:\WINDOWS\tasks\4b2c416e-f468-4649-a776-70905f3ac508-11.job - C:\Program Files (x86)\Sense\4b2c416e-f468-4649-a776-70905f3ac508-11.exe# /YFEwml=uCMuz7NFGewpxOo9LAJjPgllJzjMJ0YofnEM0mWZZ7PGuarqdh9dEh5jutqvQUH/+qtZd1ZT9MysBvhU+aVuzV4JIcElWR6j5pLJR5k8KKiBkobTwGEGnR9eurXichwlOC52KbQOgX1hgq3kIF7PpBGt7tncxzD/HPX+9+Edn9eS3IjxIbKxdquNTcFTvWUtkSFhVWFNRr/fGZ62aYQPMM/vETQpApa7kysezs6JW/PN58m/ALLsZOgm/fS5IoocpLtZCTaDuBHJM3Ci2g/9U5Vfd7Bz501SGMVI9qjxTP+46Xzjwctv+kKNVgq069IpACV8gcorjBbRYUroOsTjUSxP8RIHx1E72FhopTM71POWYGyFvHjyYAGwKhRLULeXFfsLNEWuKId6wz8glo8A+FOhPaCp6evSksTfFUbwaGrZTrvSIA8VDrQQP2hAeFdapXzUdPE3P0D7bSLTt93uB6NiqCvyR5RA+dUA+ktScmtEVTEmOAphif+VlRrSmPcbj5QPt8rHd+yMoWC+XvCT/AZNj1STx1nR70UswqJ1chyhBshYpBqNudl0rsTa36e4eaOdnV8nqYgJBJdffd5JDfp2ncQeiY5ii+FbwI7OY+y9KwaJuaRI7BkAzggO6uHkCjPmkh2mlI3A40lV/opVD2ictVEwcgYHqsgTVOhzhs1BovvB5wrI70zxBny+BnMEZhwRrXBLO+9qR97zNtwtbnUi+gTINDjedjCG5YLWACsrotryzrgZ3ebEjSW9Lx4e7kzP2lHp3CTjIgcpKsXqefzwzwVS6oM1OqIGN8AuUIp+xk3a812Lo3rMBM+DLI1kPAbHdtHQvtxa+xgyd53XRFiolfpNshbGOotizCeOqSCRBppiYE+dM0/HSx8G99DJuyET30krP8uP6HPNWq5fcSdSg2/xUYpvjLknpcjd8cq/AMTVusFj8MTrDb1C5QQuff62Wdz3M9wlrohATnbWBp6jBdoX2hC1tTOPkWztTit/bY50vD3MINIme5OD4hr3f/jVc0ntYnecAMJyYLodJujrLlhuCUUWR7LoW0vq6GfNdNBOmbOEy3+GshT1LXAneKyD6nww/veABfIHbRurvg4IEv4JgMWLXtOow+BXvYOglymzON2+JS95UOSeG4N1g+wXhRLElVexbVMxFJ2rP35+D9SpzCLerF89WaUezSWFrfvpx4iy7A6yKdhvY6kV0wrXVNqhRtx/ogUKbODJC1Kw1Vi0PITHgvh91FD2fx6caMkjSVd37qa9jVEEQSqTahA6tzXpvRg7yQrDbZaU+Kp4q2sgYZtQLO+OcT0g7MqM32bA0riK0UILi12LAI9ONX9mk1RVmJkj0w+GBaeLp2jkkHZm4JO/sqj0nwCaRMi39CCO4ztVya3bD2O3hhDpR7aAW1WiFG1cPAKMxo8RdI8Rw+Qkb7ZaUVGY1mBHK/k9cQWBNINjMpO9RBCcTyKKedgaiy8Fcu3kzd0hdq8Q9l/Z1bOfQs9OoLnkeliSnHLqXalh20hcUyxfvQpnS0Xkv7Tj8NscSXcmdyf1bkpB3ksA6bgKWTImR3FZXPn1FPhPpIEW6zTLqJD02Cz2gr1TkSlY/vOn1NtVMx9LxXlVHhqVAuW52jy4UNlmqTSiCwv0gm28Xu3rc2UVrW3OS0eL5WNGStYQ2+E1nhM5IxuGYFWJv36NKwMVbZvb+bzU2uxV4LP97cJpHvP8PBVpIt1DukCV3nOzcUIZCefvNjnvuDqGCu1aCGcRBGm0IGspeFJsn7KBs0yDJSEFQF3kKulAItsEqmxcFMuxqpSidBRT+rK9iHlNV5wTSVXC8FzE1F9sEvw8Tob6eCUj2LiTCs6htaRzw2QsOrr4P+QPY9wZjw==#
C:\WINDOWS\tasks\4b2c416e-f468-4649-a776-70905f3ac508-2.job - C:\Program Files (x86)\Sense\4b2c416e-f468-4649-a776-70905f3ac508-2.exe# /RSGlzJJ /QKznSGga='Sense' /bVBjfdNQ=48292 /kQSbsKe='000803' /gzMygfn='0' /LKiWVdB='eyJkYXRhIjp7ImRhdGUiOiJFNzR6YWRrYywwNGU4ZjI2Yi0xMTYxLTQ0MDQtYjBiNC1kNjM0Y2NlZGE4YWIsIiwidW5xIjoiMDRlOGYyNmItMTE2MS00NDA0LWIwYjQtZDYzNGNjZWRhOGFiIn19' /LgRGCP=2463E5F5D1304B9AB8061A3FE045D2E8IE /axcjFnQ=f1ad30abe208f47df40ffb3ce44b0a79 /crxHkjy=1_34_07_01 /PymIVkWe=1404479060 /RnpoOm=http://stats.demogensrv.com /nevRquvFu=http://errors.demogensrv.com /mrSPztd=11111111-1111-1111-1111-110411821192 /mAHikT=ch /ZmxvjFWYH /LgXrNxBX='http://update.demogensrv.com/ie_enable_ ... pdate.json' /IZSOsP='task' /EIAIMMIR=''#
C:\WINDOWS\tasks\4b2c416e-f468-4649-a776-70905f3ac508-4.job - C:\Program Files (x86)\Sense\4b2c416e-f468-4649-a776-70905f3ac508-4.exe# /lhmWTQtHR /QKznSGga='Sense' /GCypiblgD='C:\Program Files (x86)\Sense\48292.xpi' /bVBjfdNQ=48292 /kQSbsKe='000803' /gzMygfn='0' /LKiWVdB='eyJkYXRhIjp7ImRhdGUiOiJFNzR6YWRrYywwNGU4ZjI2Yi0xMTYxLTQ0MDQtYjBiNC1kNjM0Y2NlZGE4YWIsIiwidW5xIjoiMDRlOGYyNmItMTE2MS00NDA0LWIwYjQtZDYzNGNjZWRhOGFiIn19' /LgRGCP=2463E5F5D1304B9AB8061A3FE045D2E8IE /axcjFnQ=f1ad30abe208f47df40ffb3ce44b0a79 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404479060 /RnpoOm=http://stats.demogensrv.com /nevRquvFu=http://errors.demogensrv.com /UOEXBoMoc=300 /Ogmvo=143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com /XhHWnQGUk=0.94 /WifGDThA=a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292 /RqQkQc=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /48292.rdf /kpdUhhFgO='Sense' /eyzOJ='.' /YZyHu='Object Browser' /mAHikT=ch /nzJPxyFiY='{"asw":[0, 257, 0]}' /ZmxvjFWYH /lQpUGoTHm /RUyzNYJ /LgXrNxBX='http://update.demogensrv.com/ff_agent_u ... pdate.json' /IZSOsP='task' /EIAIMMIR=''#
C:\WINDOWS\tasks\4b2c416e-f468-4649-a776-70905f3ac508-5.job - C:\Program Files (x86)\Sense\4b2c416e-f468-4649-a776-70905f3ac508-5.exe# /DplMAPRMI /QKznSGga='Sense' /bVBjfdNQ=48292 /kQSbsKe='000803' /gzMygfn='0' /LKiWVdB='eyJkYXRhIjp7ImRhdGUiOiJFNzR6YWRrYywwNGU4ZjI2Yi0xMTYxLTQ0MDQtYjBiNC1kNjM0Y2NlZGE4YWIsIiwidW5xIjoiMDRlOGYyNmItMTE2MS00NDA0LWIwYjQtZDYzNGNjZWRhOGFiIn19' /LgRGCP=2463E5F5D1304B9AB8061A3FE045D2E8IE /axcjFnQ=f1ad30abe208f47df40ffb3ce44b0a79 /crxHkjy=1_34_07_01 /PymIVkWe=1404479060 /RnpoOm=http://stats.demogensrv.com /nevRquvFu=http://errors.demogensrv.com /ZkhxjVpda=http://ipgeoapi.com/ /wGlHrCD=http://update.demogensrv.com /kbOtJ=2 /COnYWTE=http://logs.demogensrv.com /LgXrNxBX='http://update.demogensrv.com/updater_ag ... pdate.json' /IZSOsP='task' /EIAIMMIR=''#
C:\WINDOWS\tasks\4b2c416e-f468-4649-a776-70905f3ac508-5_user.job - C:\Program Files (x86)\Sense\4b2c416e-f468-4649-a776-70905f3ac508-5.exe# /DplMAPRMI /QKznSGga='Sense' /bVBjfdNQ=48292 /kQSbsKe='000803' /gzMygfn='0' /LKiWVdB='eyJkYXRhIjp7ImRhdGUiOiJFNzR6YWRrYywwNGU4ZjI2Yi0xMTYxLTQ0MDQtYjBiNC1kNjM0Y2NlZGE4YWIsIiwidW5xIjoiMDRlOGYyNmItMTE2MS00NDA0LWIwYjQtZDYzNGNjZWRhOGFiIn19' /LgRGCP=2463E5F5D1304B9AB8061A3FE045D2E8IE /axcjFnQ=f1ad30abe208f47df40ffb3ce44b0a79 /crxHkjy=1_34_07_01 /PymIVkWe=1404479060 /RnpoOm=http://stats.demogensrv.com /nevRquvFu=http://errors.demogensrv.com /ZkhxjVpda=http://ipgeoapi.com/ /wGlHrCD=http://update.demogensrv.com /kbOtJ=2 /COnYWTE=http://logs.demogensrv.com /LgXrNxBX='http://update.demogensrv.com/updater_ag ... pdate.json' /zkLRd /IZSOsP='task' /EIAIMMIR=''#
C:\WINDOWS\tasks\4b2c416e-f468-4649-a776-70905f3ac508-6.job - C:\Program Files (x86)\Sense\Sense-novainstaller.exe# /bepdIGamD /QKznSGga='Sense' /bVBjfdNQ=48292 /kQSbsKe='000803' /gzMygfn='0' /LKiWVdB='eyJkYXRhIjp7ImRhdGUiOiJFNzR6YWRrYywwNGU4ZjI2Yi0xMTYxLTQ0MDQtYjBiNC1kNjM0Y2NlZGE4YWIsIiwidW5xIjoiMDRlOGYyNmItMTE2MS00NDA0LWIwYjQtZDYzNGNjZWRhOGFiIn19' /LgRGCP=2463E5F5D1304B9AB8061A3FE045D2E8IE /axcjFnQ=f1ad30abe208f47df40ffb3ce44b0a79 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404479060 /RnpoOm=http://stats.demogensrv.com /nevRquvFu=http://errors.demogensrv.com /XwkgZpB=http://js.demogensrv.com /mAHikT=ch /VyqoDMi /pjbTgehYw=Sense /GwamWkgE='nova' /eJPVqQJEd=http://js.clientdemocloud.com /nzJPxyFiY='{"asw":[0, 257, 0]}' /IZSOsP=task /LgXrNxBX='http://update.demogensrv.com/novacode/{ ... pdate.json' /IZSOsP='task' /EIAIMMIR=''#
C:\WINDOWS\tasks\4b2c416e-f468-4649-a776-70905f3ac508-7.job - C:\Program Files (x86)\Sense\Sense-nova.exe# /QKznSGga='Sense' /bVBjfdNQ=48292 /kQSbsKe='000803' /gzMygfn='0' /LKiWVdB='eyJkYXRhIjp7ImRhdGUiOiJFNzR6YWRrYywwNGU4ZjI2Yi0xMTYxLTQ0MDQtYjBiNC1kNjM0Y2NlZGE4YWIsIiwidW5xIjoiMDRlOGYyNmItMTE2MS00NDA0LWIwYjQtZDYzNGNjZWRhOGFiIn19' /LgRGCP=2463E5F5D1304B9AB8061A3FE045D2E8IE /axcjFnQ=f1ad30abe208f47df40ffb3ce44b0a79 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404479060 /RnpoOm=http://stats.demogensrv.com /nevRquvFu=http://errors.demogensrv.com /XwkgZpB=http://js.demogensrv.com /mAHikT=ch /VyqoDMi /pjbTgehYw=Sense /GwamWkgE='nova' /eJPVqQJEd=http://js.clientdemocloud.com /nzJPxyFiY='{"asw":[0, 257, 0]}' /LgXrNxBX='http://update.demogensrv.com/novarun/{C ... pdate.json' /IZSOsP='task' /EIAIMMIR=''#
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe# /c#
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe# /ua /installsource scheduler#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#
C:\WINDOWS\tasks\HPCeeScheduleForKamila.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe# HPCeeScheduleForKamila (null)#

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}]
Sense - C:\Program Files (x86)\Sense\Sense-bho64.dll [2014-07-04 894976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro64.dll [2014-06-26 524136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}]
Sense - C:\Program Files (x86)\Sense\Sense-bho.dll [2014-07-04 655872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll [2014-06-26 435560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LMPSSDMON"=C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe [2010-09-16 753664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-02-26 1664000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-04-22 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [2012-02-28 283232]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe [2014-06-26 3211776]
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2014-04-25 4566984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-07-17 684064]
"BtTray"=c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-16 364032]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-24 491120]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe [2014-06-26 3211776]
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-09 10:10:36 ----D---- C:\rsit
2014-07-09 10:10:36 ----D---- C:\Program Files\trend micro
2014-07-07 14:57:17 ----A---- C:\WINDOWS\wininit.ini
2014-07-07 13:57:49 ----A---- C:\WINDOWS\system32\sdnclean64.exe
2014-07-07 13:57:48 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-07-07 13:57:39 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-07 13:48:48 ----D---- C:\Program Files\CCleaner
2014-07-04 15:20:23 ----D---- C:\ProgramData\Norton
2014-07-04 15:20:20 ----D---- C:\ProgramData\NortonInstaller
2014-07-04 15:20:20 ----D---- C:\Program Files (x86)\NortonInstaller
2014-07-04 15:06:40 ----D---- C:\Program Files (x86)\7-Zip
2014-07-04 15:06:32 ----D---- C:\Users\Kamila\AppData\Roaming\JGArcadeApp
2014-07-04 15:04:31 ----D---- C:\Program Files (x86)\Sense
2014-07-04 15:04:30 ----D---- C:\Program Files (x86)\globalUpdate
2014-07-04 15:04:08 ----D---- C:\ProgramData\ShopperPro
2014-07-04 15:04:03 ----D---- C:\Program Files\Common Files\ShopperPro
2014-07-04 15:03:56 ----D---- C:\Program Files (x86)\ShopperPro
2014-06-11 09:01:04 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2014-06-11 07:12:44 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 07:12:43 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-06-11 07:12:42 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-06-11 07:12:41 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-06-11 07:12:41 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-06-11 07:12:39 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-06-11 07:12:38 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-06-11 07:12:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-06-11 07:12:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-06-11 07:12:37 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-06-11 07:12:37 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-06-11 07:12:36 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-06-11 07:12:36 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-06-11 07:12:34 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-06-11 07:12:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-06-11 07:12:33 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-06-11 07:12:33 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 07:12:32 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-06-11 07:12:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-06-11 07:12:30 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-06-11 07:12:29 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-06-11 07:12:28 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-06-11 07:12:27 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-06-11 07:12:26 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 07:12:26 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-06-11 07:12:25 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-06-11 07:12:25 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 07:12:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-06-11 07:12:23 ----A---- C:\WINDOWS\system32\wininet.dll
2014-06-11 07:12:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-06-11 07:12:19 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-06-11 07:12:19 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 07:12:15 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-06-11 07:12:15 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-06-11 07:12:12 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-06-11 07:12:11 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-06-11 07:12:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 07:12:11 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-06-11 07:12:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 07:11:53 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-06-11 07:11:52 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-06-11 07:11:51 ----A---- C:\WINDOWS\system32\twinui.dll
2014-06-11 07:11:50 ----A---- C:\WINDOWS\system32\shell32.dll
2014-06-11 07:11:48 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 07:11:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-06-11 07:11:45 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 07:11:44 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 07:11:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-06-11 07:11:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-06-11 07:11:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-06-11 07:11:40 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-06-11 07:11:40 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 07:11:39 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-06-11 07:11:39 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-06-11 07:11:39 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-06-11 07:11:38 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 07:11:38 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 07:11:38 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 07:11:38 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-06-11 07:11:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-06-11 07:11:37 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-06-11 07:11:37 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-06-11 07:11:37 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-06-11 07:11:37 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 07:11:37 ----A---- C:\WINDOWS\system32\win32k.sys
2014-06-11 07:11:37 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 07:11:37 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-06-11 07:11:37 ----A---- C:\WINDOWS\system32\localspl.dll
2014-06-11 07:11:36 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2014-06-11 07:11:36 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-06-11 07:11:36 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-06-11 07:11:36 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 07:11:36 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-06-11 07:11:36 ----A---- C:\WINDOWS\system32\winmde.dll
2014-06-11 07:11:36 ----A---- C:\WINDOWS\system32\services.exe
2014-06-11 07:11:36 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-06-11 07:11:36 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-06-11 07:11:35 ----AC---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-06-11 07:11:35 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-06-11 07:11:35 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 07:11:35 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 07:11:35 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-06-11 07:11:35 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 07:11:35 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-06-11 07:11:35 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-06-11 07:11:35 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 07:11:34 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-06-11 07:11:34 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-06-11 07:11:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-06-11 07:11:34 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-06-11 07:11:34 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 07:11:34 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-06-11 07:11:34 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-06-11 07:11:34 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-06-11 07:11:33 ----AC---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-06-11 07:11:33 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\swprv.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\resutils.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-06-11 07:11:33 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-06-11 07:11:32 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-06-11 07:11:32 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-06-11 07:11:32 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\propsys.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\mf.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-06-11 07:11:32 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-06-11 07:11:31 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\srcore.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\mfps.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-06-11 07:11:31 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-06-11 07:11:30 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\system32\mispace.dll
2014-06-11 07:11:30 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\srclient.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 07:11:29 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 07:11:28 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-06-11 07:11:28 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 07:10:45 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2014-06-11 07:10:45 ----A---- C:\WINDOWS\SYSWOW64\drvinst.exe
2014-06-11 07:10:45 ----A---- C:\WINDOWS\system32\FntCache.dll
2014-06-11 07:10:45 ----A---- C:\WINDOWS\system32\DWrite.dll
2014-06-11 07:10:45 ----A---- C:\WINDOWS\system32\drvinst.exe
2014-06-11 07:10:45 ----A---- C:\WINDOWS\system32\drvcfg.exe
2014-06-11 07:10:43 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 07:10:43 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-06-11 07:10:43 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-06-11 07:10:42 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-06-11 07:10:42 ----A---- C:\WINDOWS\system32\wpccpl.dll
2014-06-11 07:10:41 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2014-06-11 07:08:17 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-06-11 07:07:22 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-06-11 07:07:22 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-06-11 07:07:17 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-06-11 07:07:17 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-06-11 07:07:17 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 07:07:17 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 07:07:17 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 07:07:17 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 07:07:16 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-06-11 07:07:16 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-06-11 07:07:16 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-06-11 07:07:14 ----A---- C:\WINDOWS\system32\msrating.dll

======List of files/folders modified in the last 1 month======

2014-07-09 10:10:36 ----RD---- C:\Program Files
2014-07-09 10:10:33 ----D---- C:\WINDOWS\Prefetch
2014-07-09 10:09:01 ----D---- C:\Users\Kamila\AppData\Roaming\Skype
2014-07-09 10:00:00 ----D---- C:\WINDOWS\system32\sru
2014-07-09 09:05:15 ----D---- C:\WINDOWS\Temp
2014-07-09 09:04:56 ----D---- C:\WINDOWS\system32\Tasks
2014-07-09 09:02:05 ----D---- C:\WINDOWS\Microsoft.NET
2014-07-09 08:10:08 ----D---- C:\WINDOWS\system32\FxsTmp
2014-07-09 07:45:50 ----D---- C:\ProgramData\PDFC
2014-07-09 07:30:10 ----D---- C:\WINDOWS\AppReadiness
2014-07-09 07:12:31 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2014-07-09 07:12:13 ----D---- C:\WINDOWS\system32\config
2014-07-09 07:09:29 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2014-07-09 07:09:26 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2014-07-08 10:52:43 ----SHD---- C:\System Volume Information
2014-07-08 09:54:08 ----HD---- C:\Program Files\WindowsApps
2014-07-08 09:42:30 ----A---- C:\WINDOWS\SYSWOW64\REMOTEDEVICE.INI
2014-07-08 07:49:53 ----D---- C:\WINDOWS\debug
2014-07-08 07:08:27 ----D---- C:\Windows
2014-07-08 07:08:22 ----D---- C:\WINDOWS\SoftwareDistribution
2014-07-07 15:39:22 ----RD---- C:\Program Files (x86)
2014-07-07 15:39:22 ----D---- C:\WINDOWS\Tasks
2014-07-07 15:39:02 ----SHD---- C:\WINDOWS\Installer
2014-07-07 15:39:01 ----SHD---- C:\Config.Msi
2014-07-07 15:37:02 ----D---- C:\WINDOWS\system32\drivers
2014-07-07 15:35:52 ----RD---- C:\WINDOWS\System32
2014-07-07 15:35:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-07 15:35:51 ----D---- C:\WINDOWS\Inf
2014-07-07 15:31:54 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-07-07 13:58:01 ----SD---- C:\ProgramData\Microsoft
2014-07-07 13:57:48 ----HD---- C:\ProgramData
2014-07-07 13:51:29 ----DC---- C:\WINDOWS\Panther
2014-07-07 13:51:29 ----D---- C:\WINDOWS\ModemLogs
2014-07-07 13:51:27 ----D---- C:\WINDOWS\Minidump
2014-07-04 15:33:02 ----D---- C:\Program Files (x86)\Common Files
2014-07-04 15:04:24 ----D---- C:\Program Files\Common Files\System
2014-07-04 15:04:03 ----D---- C:\Program Files\Common Files
2014-07-03 07:20:02 ----D---- C:\Users\Kamila\AppData\Roaming\XnView
2014-06-26 07:41:45 ----D---- C:\WINDOWS\CbsTemp
2014-06-26 07:41:42 ----D---- C:\WINDOWS\WinSxS
2014-06-12 09:09:07 ----D---- C:\WINDOWS\system32\DriverStore
2014-06-12 08:37:15 ----D---- C:\WINDOWS\system32\catroot2
2014-06-12 08:27:39 ----D---- C:\WINDOWS\rescache
2014-06-11 15:48:47 ----RD---- C:\WINDOWS\ToastData
2014-06-11 15:48:47 ----D---- C:\WINDOWS\WinStore
2014-06-11 15:48:47 ----D---- C:\WINDOWS\SysWOW64
2014-06-11 15:48:45 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-06-11 15:48:44 ----D---- C:\WINDOWS\system32\oobe
2014-06-11 15:48:44 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-06-11 15:48:43 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-06-11 15:48:43 ----D---- C:\WINDOWS\system32\wbem
2014-06-11 15:48:43 ----D---- C:\WINDOWS\system32\migration
2014-06-11 15:48:43 ----D---- C:\WINDOWS\system32\cs-CZ
2014-06-11 15:48:43 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-11 15:48:42 ----D---- C:\Program Files\Internet Explorer
2014-06-11 09:25:09 ----D---- C:\WINDOWS\system32\MRT
2014-06-11 09:23:08 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;@oem59.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-08-22 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 SPDRIVER_1.37.1.189;SPDRIVER_1.37.1.189; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.sys [2014-06-26 52584]
R3 Accelerometer;@oem59.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-08-22 43328]
R3 BtAudioBusSrv;@oem8.inf,%SvcDesc%;IVT Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-20 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-08-14 48736]
R3 HpqKbFiltr;@oem66.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2012-08-27 26504]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2012-04-23 90112]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2012-07-31 175928]
R3 MEIx64;@oem64.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2014-02-26 62784]
R3 netr28x;@oem1.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 rtbth;@oem63.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;Služba Reflektor UMDF pro knihovnu SensorsServiceDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2013-08-22 230912]
R3 SNP2UVC;@oem15.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2012-07-28 1862536]
R3 SPBIUpdd;ShopperPro UpdateD; \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys [2014-06-26 41856]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-02-26 543744]
R3 SynTP;@oem54.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 dg_ssudbus;@oem53.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-15 41272]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-08-15 43832]
S3 ssudmdm;@oem52.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-10-28 204568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-15 1578496]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 hpsrv;@oem59.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-08-22 33600]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-02-26 131032]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-02-26 165336]
R2 lmab_device;lmab_device; C:\Windows\system32\LMabcoms.exe [2012-09-28 1048576]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-02-26 279000]
R2 MbnExt;Mobile Broadband Extension Service; C:\WINDOWS\syswow64\svchost.exe [2013-08-22 31552]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-07-17 1134624]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 SPBIUpd;ShopperPro Update; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2014-06-26 2346880]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-02-26 327680]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-02-26 366040]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-08-15 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-04 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-04 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 116648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2013-08-22 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------

Zdravim

Odinstalujte Spybota, program je zastaraly a v podstate k nicemu.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Márty84 píše:Zdravim

Odinstalujte Spybota, program je zastaraly a v podstate k nicemu.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Zdravím, tak tady to máte Nebo snad je to ono

# AdwCleaner v3.215 - Report created 09/07/2014 at 14:31:25
# Updated 09/07/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Kamila - IAG_NOTEBOOK_4
# Running from : C:\Users\Kamila\Downloads\adwcleaner_3.215.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Sense
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Users\Kamila\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Public\Documents\ShopperPro
File Deleted : C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Deleted : C:\WINDOWS\System32\Tasks\ShopperPro
File Deleted : C:\WINDOWS\System32\Tasks\ShopperProJSUpd
File Deleted : C:\WINDOWS\System32\Tasks\SMupdate1
File Deleted : C:\WINDOWS\System32\Tasks\SPDriver
File Deleted : C:\WINDOWS\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-1.job
File Deleted : C:\WINDOWS\System32\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-1
File Deleted : C:\WINDOWS\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-11.job
File Deleted : C:\WINDOWS\System32\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-11
File Deleted : C:\WINDOWS\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-2.job
File Deleted : C:\WINDOWS\System32\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-2
File Deleted : C:\WINDOWS\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-4.job
File Deleted : C:\WINDOWS\System32\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-4
File Deleted : C:\WINDOWS\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-5.job
File Deleted : C:\WINDOWS\System32\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-5
File Deleted : C:\WINDOWS\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-5_user.job
File Deleted : C:\WINDOWS\System32\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-5_user
File Deleted : C:\WINDOWS\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-6.job
File Deleted : C:\WINDOWS\System32\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-6
File Deleted : C:\WINDOWS\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-7.job
File Deleted : C:\WINDOWS\System32\Tasks\4b2c416e-f468-4649-a776-70905f3ac508-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048292.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048292.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048292.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0048292.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422822292}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444824492}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422822292}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455825592}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466826692}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : HKLM\Software\Sense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6944 octets] - [09/07/2014 14:30:23]
AdwCleaner[S0].txt - [6047 octets] - [09/07/2014 14:31:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6107 octets] ##########

hanach.k píše:Nebo snad je to ono

Je to ono


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Hotovo MBAM...
__________________________


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10. 7. 2014
Scan Time: 8:09:09
Logfile: log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.09.13
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Kamila

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321540
Time Elapsed: 14 min, 31 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [91f079242c4f2b0b01020ccd7f83b14f],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 5
PUP.Optional.OptimumInstaller.A, C:\Users\Kamila\Downloads\Setup.exe, , [bbc69c013b40a19553288ec6e0214ab6],
PUP.Optional.Ciuvo.A, C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage, , [dea3fca1512a38fe382c536b53af0cf4],
PUP.Optional.Ciuvo.A, C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage-journal, , [1968c8d598e3e4528ed61f9fee149c64],
PUP.Optional.Superfish.A, C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [ee93534a7efda78f75edf2d307fb10f0],
PUP.Optional.Superfish.A, C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [631ed8c5661500361e44596cce34f808],

Physical Sectors: 0
(No malicious items detected)


(end)

Hotovo sice je, ale vy jste nenastavila ten sken tak, jak je v tom navodu, cili program nekontroloval komplet cele disky. Takze nalezy nechte odstranit a zopakujte test, tentokrat se spravnym nastavenim

Napiste vysledek a podle nej zvolim dalsi postup.

Márty84 píše:Hotovo sice je, ale vy jste nenastavila ten sken tak, jak je v tom navodu, cili program nekontroloval komplet cele disky. Takze nalezy nechte odstranit a zopakujte test, tentokrat se spravnym nastavenim

Napiste vysledek a podle nej zvolim dalsi postup.

Pokusím se. Akorát tam je to nějaký jiný a já jsem na tohle trubka. No jdu studovat

http://forum.viry.cz/viewtopic.php?f=29&t=137928

Musite dat "Vlastni sken" a tam zvolit vsechny disky

Márty84 píše:http://forum.viry.cz/viewtopic.php?f=29&t=137928

Musite dat "Vlastni sken" a tam zvolit vsechny disky

Tak, scan se mi udělal ale já byla mimo kancelář a pc se restartoval a nevím, kam se mi uložil ten log. Když to udělám znovu, tak už mi to nic nenajde... resp. nevím kde je ten původní. Jsem Vám říkala, že jsem tele

Ale nejste tele, v klidu Pokud uz nic nenachazi, nepotrebuju videt ten puvodni vysledek.

A to je firemni pocitac?

Dejte novy log z RSIT

ZDE: RSIT ale ještě to tam pár chyb hodilo jenže se mi to restartovalo dřív, než jsem stihla uložit log - má zbrklost, nejdřív jsem to měla uložit... A ano, je to služební pc... :/



Logfile of random's system information tool 1.10 (written by random/random)
Run by Kamila at 2014-07-11 09:53:35
Microsoft Windows 8.1
System drive C: has 417 GB (91%) free of 460 GB
Total RAM: 3979 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:53:39, on 11. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kamila.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKUS\S-1-5-18\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series" (User 'Default user')
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem59.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: lmab_device - - C:\Windows\system32\LMabcoms.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: ShopperPro Update (SPBIUpd) - ShopperPro - C:\Program Files\Common Files\ShopperPro\spbiu.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12349 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {97b17840-cc71-4379-bf54b54b4ce100f1}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\LMabcoms.exe -service
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\ShopperPro\spbiu.exe" /service
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\vcsFPService.exe

C:\Windows\system32\EscSvc64.exe
C:\WINDOWS\SysWOW64\svchost.exe -k MbnExt
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0f32e842-f48b-4215-b6f8-9fb267541b50 -SystemEventPortName:HostProcess-bcddb7c6-f2bb-4667-8f81-b500bfa97126 -IoCancelEventPortName:HostProcess-3c99f021-3430-4e51-bed1-7889400308bd -NonStateChangingEventPortName:HostProcess-e98a8c3b-b71e-48ba-9d2a-574786d0dce5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:208c4eab-b271-4900-9c52-83a24d8c1efe -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-11e2c03b-8fe3-4626-b26e-577166071eb0 -SystemEventPortName:HostProcess-e5875c5d-66e9-4af0-8635-73579793bac7 -IoCancelEventPortName:HostProcess-d6642948-c0b8-44f8-aedc-e20dfe1ca66c -NonStateChangingEventPortName:HostProcess-642ed295-1729-4e52-95b5-cab04c930980 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e09b44b0-2471-434a-a1d9-2beb73929915 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\Explorer.EXE
wmiadap.exe /F /T /R
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\skydrive.exe -Embedding
taskeng.exe {C9465B9D-038E-4A26-95E1-B81F695FDD8E}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
taskeng.exe {A5D43260-7C1C-4E48-82CB-B10042FF2DCA}
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4604.0.1499071022\130284222" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --instant-process --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4604.1.718028955\1286364776" /prefetch:673131151
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
"C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE" /EPT "EPLTarget\P0000000000000000" /M "L355 Series"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4604.3.1827506807\22567297" /prefetch:673131151
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4604.5.158228930\461707266" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe"
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_54/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="4604.6.1321808157\248523720" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4604.7.1522254646\542770602" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Users\Kamila\Downloads\RSITx64 (2).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#
C:\WINDOWS\tasks\HPCeeScheduleForKamila.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe# HPCeeScheduleForKamila (null)#

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"LMPSSDMON"=C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe [2010-09-16 753664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-02-26 1664000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-04-22 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [2012-02-28 283232]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe []
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-07-17 684064]
"BtTray"=c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-16 364032]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-24 491120]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"SPDriver"=C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe []
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-10 08:31:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-07-10 08:28:13 ----SD---- C:\WINDOWS\system32\CompatTel
2014-07-10 08:07:59 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-07-10 08:06:52 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-07-10 08:06:51 ----D---- C:\ProgramData\Malwarebytes
2014-07-10 08:06:51 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-10 08:06:51 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-07-10 08:06:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-07-10 08:03:17 ----A---- C:\WINDOWS\system32\termsrv.dll
2014-07-10 07:21:41 ----A---- C:\WINDOWS\system32\win32k.sys
2014-07-10 07:21:40 ----A---- C:\WINDOWS\SYSWOW64\osk.exe
2014-07-10 07:21:40 ----A---- C:\WINDOWS\system32\osk.exe
2014-07-10 07:21:36 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-07-10 07:21:28 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-07-10 07:21:28 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-07-10 07:21:26 ----A---- C:\WINDOWS\system32\certcli.dll
2014-07-10 07:21:25 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-07-10 07:21:24 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-07-10 07:21:24 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-07-10 07:21:09 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-07-10 07:21:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-07-10 07:21:09 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-07-10 07:21:07 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-07-10 07:20:57 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-07-10 07:20:55 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-07-10 07:20:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-07-10 07:20:51 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-07-10 07:20:49 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-07-10 07:20:49 ----A---- C:\WINDOWS\system32\wininet.dll
2014-07-10 07:20:49 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-07-10 07:20:49 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-07-10 07:20:48 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-07-10 07:20:47 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-07-10 07:20:47 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-07-10 07:20:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-07-10 07:20:37 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2014-07-10 07:20:37 ----A---- C:\WINDOWS\system32\qedit.dll
2014-07-10 07:20:34 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-07-10 07:20:33 ----A---- C:\WINDOWS\system32\devinv.dll
2014-07-10 07:20:32 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-07-10 07:20:30 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-07-10 07:20:30 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-07-10 07:20:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 07:20:29 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-07-10 07:20:29 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 07:20:29 ----A---- C:\WINDOWS\system32\twinui.dll
2014-07-10 07:20:28 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-07-10 07:20:28 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-07-10 07:20:28 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-07-10 07:20:28 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-07-10 07:20:28 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-07-10 07:20:28 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-07-10 07:20:28 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-07-10 07:20:28 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-07-10 07:20:28 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-10 07:16:00 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-07-09 14:32:55 ----D---- C:\ProgramData\ShopperPro
2014-07-09 14:31:07 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-07-09 14:29:56 ----D---- C:\AdwCleaner
2014-07-09 10:10:36 ----D---- C:\rsit
2014-07-09 10:10:36 ----D---- C:\Program Files\trend micro
2014-07-07 14:57:17 ----A---- C:\WINDOWS\wininit.ini
2014-07-07 13:57:48 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-07-07 13:57:39 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-07 13:48:48 ----D---- C:\Program Files\CCleaner
2014-07-04 15:20:23 ----D---- C:\ProgramData\Norton
2014-07-04 15:20:20 ----D---- C:\ProgramData\NortonInstaller
2014-07-04 15:06:40 ----D---- C:\Program Files (x86)\7-Zip
2014-07-04 15:06:32 ----D---- C:\Users\Kamila\AppData\Roaming\JGArcadeApp
2014-07-04 15:04:03 ----D---- C:\Program Files\Common Files\ShopperPro

======List of files/folders modified in the last 1 month======

2014-07-11 09:53:29 ----D---- C:\Users\Kamila\AppData\Roaming\Skype
2014-07-11 09:53:04 ----D---- C:\WINDOWS\Prefetch
2014-07-11 09:52:49 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2014-07-11 09:52:49 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2014-07-11 09:52:24 ----D---- C:\WINDOWS\Temp
2014-07-11 09:50:36 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-07-11 09:48:43 ----D---- C:\ProgramData\PDFC
2014-07-11 09:47:34 ----D---- C:\WINDOWS\system32\drivers
2014-07-11 09:46:20 ----D---- C:\WINDOWS\DigitalLocker
2014-07-11 09:26:00 ----SHD---- C:\System Volume Information
2014-07-11 09:24:52 ----D---- C:\WINDOWS\Microsoft.NET
2014-07-11 09:00:03 ----D---- C:\WINDOWS\system32\sru
2014-07-11 08:24:04 ----D---- C:\WINDOWS\system32\FxsTmp
2014-07-11 07:25:54 ----RD---- C:\WINDOWS\System32
2014-07-11 07:25:54 ----D---- C:\WINDOWS\Inf
2014-07-11 07:25:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-11 07:23:13 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2014-07-10 12:09:16 ----D---- C:\WINDOWS\system32\config
2014-07-10 12:08:08 ----D---- C:\WINDOWS\rescache
2014-07-10 08:31:11 ----D---- C:\WINDOWS\WinSxS
2014-07-10 08:31:07 ----D---- C:\WINDOWS\SysWOW64
2014-07-10 08:28:12 ----RD---- C:\WINDOWS\ToastData
2014-07-10 08:28:12 ----D---- C:\WINDOWS\WinStore
2014-07-10 08:28:10 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-07-10 08:28:10 ----D---- C:\WINDOWS\system32\cs-CZ
2014-07-10 08:28:10 ----D---- C:\Program Files\Internet Explorer
2014-07-10 08:28:10 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-10 08:06:51 ----RD---- C:\Program Files (x86)
2014-07-10 08:06:51 ----HD---- C:\ProgramData
2014-07-10 08:05:30 ----D---- C:\WINDOWS\CbsTemp
2014-07-10 08:02:12 ----D---- C:\Program Files\Windows Journal
2014-07-10 07:19:01 ----D---- C:\WINDOWS\system32\catroot2
2014-07-09 14:58:11 ----A---- C:\WINDOWS\SYSWOW64\REMOTEDEVICE.INI
2014-07-09 14:37:21 ----SD---- C:\ProgramData\Microsoft
2014-07-09 14:31:27 ----D---- C:\WINDOWS\Tasks
2014-07-09 14:31:27 ----D---- C:\WINDOWS\system32\Tasks
2014-07-09 11:57:15 ----D---- C:\Windows
2014-07-09 10:10:36 ----RD---- C:\Program Files
2014-07-09 07:30:10 ----D---- C:\WINDOWS\AppReadiness
2014-07-08 09:54:08 ----HD---- C:\Program Files\WindowsApps
2014-07-08 07:49:53 ----D---- C:\WINDOWS\debug
2014-07-08 07:08:22 ----D---- C:\WINDOWS\SoftwareDistribution
2014-07-07 15:39:02 ----SHD---- C:\WINDOWS\Installer
2014-07-07 15:39:01 ----SHD---- C:\Config.Msi
2014-07-07 13:51:29 ----DC---- C:\WINDOWS\Panther
2014-07-07 13:51:29 ----D---- C:\WINDOWS\ModemLogs
2014-07-07 13:51:27 ----D---- C:\WINDOWS\Minidump
2014-07-04 15:33:02 ----D---- C:\Program Files (x86)\Common Files
2014-07-04 15:04:24 ----D---- C:\Program Files\Common Files\System
2014-07-04 15:04:03 ----D---- C:\Program Files\Common Files
2014-07-03 07:20:02 ----D---- C:\Users\Kamila\AppData\Roaming\XnView
2014-06-12 09:09:07 ----D---- C:\WINDOWS\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;@oem59.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-08-22 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R3 Accelerometer;@oem59.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-08-22 43328]
R3 BtAudioBusSrv;@oem8.inf,%SvcDesc%;IVT Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-20 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-08-14 48736]
R3 HpqKbFiltr;@oem66.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2012-08-27 26504]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2012-04-23 90112]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2012-07-31 175928]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2014-07-11 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-05-12 64216]
R3 MEIx64;@oem64.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2014-02-26 62784]
R3 netr28x;@oem1.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 rtbth;@oem63.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;Služba Reflektor UMDF pro knihovnu SensorsServiceDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2013-08-22 230912]
R3 SNP2UVC;@oem15.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2012-07-28 1862536]
R3 SPBIUpdd;ShopperPro UpdateD; \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys [2014-07-08 41856]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-02-26 543744]
R3 SynTP;@oem54.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S2 SPDRIVER_1.37.0.193;SPDRIVER_1.37.0.193; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 dg_ssudbus;@oem53.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-15 41272]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-08-15 43832]
S3 ssudmdm;@oem52.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-10-28 204568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-15 1578496]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 hpsrv;@oem59.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-08-22 33600]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-02-26 131032]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-02-26 165336]
R2 lmab_device;lmab_device; C:\Windows\system32\LMabcoms.exe [2012-09-28 1048576]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-02-26 279000]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MbnExt;Mobile Broadband Extension Service; C:\WINDOWS\syswow64\svchost.exe [2013-08-22 31552]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-07-17 1134624]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
R2 SPBIUpd;ShopperPro Update; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2014-07-08 2346880]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-02-26 327680]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-02-26 366040]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-08-15 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 116648]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 116648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2013-08-22 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------

No ale asi jste to smazala, kdyz dalsi test uz nic nenachazi. Ale previty tam jeste vidim.

Jenze je tu problem

http://forum.viry.cz/viewtopic.php?f=12&t=5601

6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmout. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu pouze domácím uživatelům.

O ten cas ani tak nejde, ale jde hlavne o data. Co kdyz se neco pokazi? Nevite co tam vsechno bezi, kdo vas jak monitoruje, budete pak mit akorat problemy a ja to nechci mit nasvedomi

Márty84 píše:No ale asi jste to smazala, kdyz dalsi test uz nic nenachazi. Ale previty tam jeste vidim.

Jenze je tu problem

http://forum.viry.cz/viewtopic.php?f=12&t=5601

6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmout. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu pouze domácím uživatelům.

O ten cas ani tak nejde, ale jde hlavne o data. Co kdyz se neco pokazi? Nevite co tam vsechno bezi, kdo vas jak monitoruje, budete pak mit akorat problemy a ja to nechci mit nasvedomi

Jo takhle tak to jsem to špatně napsala. Je to můj pc, co využívám v externí firmě. Tedy jako by můj soukromý pc. Jsou tam některé firemní dokumenty. Nosím si ho do práce... Tak jsme to špatně pochopila... Žádná firemní data jiná důležitá tam nejsou. Notebook není majetkem firmy.

Dobra tedy.

Pokud MBAM uz nehlasi zadnou havet, odinstalujte ho.

Ja ji tam jeste porad vidim, takze si dame jeste jeden sken a budem mazat.


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Tak jsem provedla ten OTL

Toto je extras

OTL Extras logfile created on: 15. 7. 2014 13:32:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kamila\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,89 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 53,77% Memory free
4,57 Gb Paging File | 2,60 Gb Available in Paging File | 56,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,33 Gb Total Space | 406,53 Gb Free Space | 90,47% Space Free | Partition Type: NTFS
Drive D: | 1,99 Gb Total Space | 1,99 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive F: | 12,89 Gb Total Space | 2,02 Gb Free Space | 15,66% Space Free | Partition Type: NTFS

Computer Name: IAG_NOTEBOOK_4 | User Name: Kamila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3884836952-1240970438-3448389261-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{9A0BF412-648E-44FB-BDB4-3132C48F11FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C509B185-2313-4BB4-A547-5115CBE98BDF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AD793F-67D9-409E-9D36-14227C0DB2AD}" = dir=in | name=check point vpn |
"{03A0B9B9-844C-4D69-8DB3-C6711C5B8A4C}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{03D93F72-5011-438A-ABE9-3D8E1DD0D050}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{072A38B4-766D-48AB-95AB-EE008B0118E3}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{08C8C767-7DD4-4295-951E-4CBCE5203179}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{09398F38-086C-45F3-811A-0AE60511ED98}" = dir=in | name=juniper networks junos pulse |
"{09FBF849-D4F9-4466-B463-01D17F012CE4}" = dir=out | name=sonicwall mobile connect |
"{0E6DA0EB-05BC-4FE2-9AD1-BEC10B16CD1B}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{0FBB2C07-A33C-43B2-B95A-AE605CCA6B89}" = dir=in | name=skype |
"{10B5CC44-2E4F-440D-B706-300916116838}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{162B9375-E986-426D-9F10-784272201897}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{192BADF6-A82A-44B5-A62B-A89EBEE4F4AF}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{19D7F880-3BA9-476C-BD3C-D9E4AA309B78}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{19E55AE8-8593-4C21-88D6-B21400DB93D7}" = dir=out | name=skype |
"{1D65C8D0-9914-4095-8F9D-D6CE78705A0C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1E4655AA-C028-40CC-934B-2616B5580657}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{2449BE7C-E74E-4310-B35A-3A9D80FCEC58}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{262380A9-84AB-4359-BEEE-E314B4C9DDB1}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{29042FE3-B251-4360-BDFD-71EB51F42565}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{29443260-3C1F-419A-AD1A-BDF6C30082DA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{296F5B3E-D12C-4034-9F08-3EDDD0A1903E}" = dir=out | name=eml viewer |
"{2B33CFE2-794B-4B3B-89F0-8B0988BE2DD0}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{2BA37A16-B774-4280-96F5-8919440090C9}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2C626F85-D9E0-4BA8-9C97-FAE8CB2837F0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2E760D48-3344-4ECA-882C-DB5AB85E03F8}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{2FBC9D0A-86BB-47E0-81AF-9D779FE4EA0F}" = dir=out | name=check point vpn |
"{3265A8D8-FB25-4ECE-A939-4375DFA6DF4A}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{34652414-234F-4F87-83AF-D88CC6F336C2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{363C8E04-2F33-4BAE-851F-D4448C0C8B75}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3759F443-76F3-4D65-8E44-38E6FA4A7298}" = dir=in | name=skype |
"{39BE001A-4241-49CF-9B05-C5897138807C}" = dir=out | name=windows_ie_ac_001 |
"{3FE4F837-4697-4A00-8C0B-53ABAB60D0F1}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{4058950C-C679-4736-BCDE-3160C99A58E5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{42F46825-064D-4D1B-91E2-1696209E2B1D}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{44605FB4-C10A-4245-A2D0-D4B5F502A926}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{494CA3AE-6E29-4CEA-B377-C0FC26C24ECE}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{4C5DF6B0-3B5D-4CCF-A58D-D27033207C34}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{4E6974DF-D4F6-4B24-8748-12284B76A869}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{4F6FCF8E-0658-4FA9-8ABC-7DC8978B3E6D}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5A908020-0A7B-4943-ACF5-E10A1A6A53F4}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{5C2A7CA6-0127-4A69-8CA1-6FDE47B2E476}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{5CD201BD-130D-440F-9E4C-95367354670B}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{5EF3D895-50A1-4247-A408-6B3AE213BC9C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F82B323-C91B-4D4F-A79F-2A73E276EE70}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6127BC6E-E132-4FD5-8A6C-FD2B52133C87}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{623EEA22-BEEC-4FC2-8968-2573B3C94252}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{651378EA-FC60-4689-AD86-FA4C56B28756}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{66FFA51E-AEA6-4D3F-9E98-1B0B9A9B8C74}" = dir=in | app=c:\windows\system32\lmabcoms.exe |
"{6D02ACEA-D4F0-46D1-A9EC-0A337B0232F7}" = dir=out | name=@{microsoft.zunemusic_2.2.903.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{6E9A90F8-4641-4528-8F19-F422785AD243}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{700E6D7B-5BA1-47FC-B38A-FA1DBF9BB934}" = dir=out | name=f5 vpn |
"{75F15406-2012-40A0-9EF0-CEE3C1109EF0}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{7692898F-551F-4A8C-A911-A3FC3222E2DB}" = dir=out | name=hp registration |
"{7827D663-BDAA-42AB-97BD-24A61D19B657}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{78CE5DF5-F70D-4CB1-BFC2-2B518E4BF593}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{7E1DEA73-47C9-4F0B-A121-3EB41EB242AA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82B6A1EC-8A18-4CA2-8465-94CEE36161A3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{831B3A5F-8F93-4EBA-9F36-9280647DFCEE}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{83E4D0C1-A967-4D7C-8A50-10B02BCB3210}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{84E71AE6-4C6E-4AD7-A46D-D55EAC70443B}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{865D3964-D06E-4AB5-9050-837C84AE0566}" = dir=out | name=hp registration |
"{878D55E0-6B03-4523-93FC-1CE30DF84D9D}" = dir=out | name=getting started with windows 8 |
"{8846602E-5778-44F3-A11E-632A2418EF4A}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{884C9C73-276A-4686-B1DA-EE82979FEB17}" = dir=in | name=f5 vpn |
"{8E66BF6E-45B1-4D0B-B1A9-93DA968DC1A9}" = dir=out | name=getting started with windows 8 |
"{969F970A-43E8-45A0-95F0-F7BCE52D1370}" = dir=in | name=skype |
"{991A87D0-C049-45BE-8676-7F838C73405D}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{9AA819DE-28A8-4310-B967-D96E7530E45C}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{9B9075B7-8B20-4BF2-A339-08E3D4FCD307}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{9BA06B03-3A8D-4DF9-ADCF-2842346C0133}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9DF06844-4DF2-4109-B2AE-D4908526D13E}" = dir=out | name=skype |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E937DA6-9A2D-4DFF-80B1-B9E2FD3B784B}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{A5E45E0D-566C-4F64-87E3-30AFF50FA20A}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{A91F16FA-53FA-429B-B713-A1A52CDB20DD}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{A97FE69E-2AFF-4FE8-A0C6-4D50CC615E47}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{AD2D4BD4-6C6A-473F-BEF0-77436D1E2EA0}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{AE54FF3F-6B2B-4F45-AC4F-6070427EB9D3}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{AF31DD85-053D-4DBE-AA28-68DEF20853A0}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{AF5384A3-93C0-4A0D-9B93-C713FEDB4747}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{B198EC16-6513-4620-8A30-A8D55FB2A96A}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B6775EF0-C603-409F-82E9-13879234C692}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{BACBD32A-C9E4-4AD1-A0CA-BAB997706D92}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BB053277-7762-437F-9B46-82281E94AAC7}" = dir=out | name=juniper networks junos pulse |
"{BD599140-92BC-46CF-B432-BA6157471398}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{C0C25DE8-BB08-4708-9E18-D755C13A6282}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C16CEB18-0D92-4F8A-95F4-624D9FAFC576}" = dir=out | name=windows_ie_ac_001 |
"{C1AEC7A4-B1D5-43D6-9A57-18B9CDAE9A96}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C423F8D4-BF8B-4AF6-B4BB-A8AFAAC8D702}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C589B008-50C1-4F84-A9D6-BA0352C83125}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{CB5D6EF1-C395-45F8-99D0-AE729C4C15E8}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{CEB4A37B-64AB-4012-B0B7-0696263F3ADB}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{D0D1EF6D-FC55-47DE-A8FD-78170C74C427}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{D15E9852-CC28-4532-87B1-CCC99B4009E3}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{D32046C1-DD90-43A5-91FD-6ABB7B030300}" = dir=in | name=sonicwall mobile connect |
"{D3FF8B3F-DE97-4E1D-84E7-282DF0386BAD}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{D56E9B1A-41D2-4254-9362-492111960172}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D717CAFA-F6B4-4629-9DB7-021149D6A898}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{D8DA46B9-6BB3-4881-A072-B389C46BFC2F}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{DAD2A89E-B79F-408E-AB6E-560D0CF66F2C}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC486F2A-4EE0-48A9-BD93-9E5A57F5A6D2}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{DCAC40C6-7F7D-4267-AAC8-A6A944CE3402}" = dir=out | name=@{ad2f1837.gettingstartedwithwindows8_1.5.3.1_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{DDAB2B56-9191-4D09-AB0D-6B09CCBD3B0F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{E1537EBC-C748-4327-855A-A37F95C9C3B1}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{E298E1EA-8B50-4C9A-90FB-347E7C059302}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E733BEA5-E713-452A-83E1-1252CDFD0C64}" = dir=out | name=windows_ie_ac_001 |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EA7533F0-75EF-4AFF-B368-22286C5BB79A}" = dir=in | name=@{ad2f1837.gettingstartedwithwindows8_1.5.3.1_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7C26FA6-E24E-44B3-B26B-DE7649E53A72}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{F9936C80-B0FD-4CE9-BB80-328C99904090}" = dir=out | name=hp registration |
"{FA177072-4829-464F-9C0B-3417D260B300}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{FC516523-0B8B-45E4-B1DB-819EADAE28ED}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{FD1B9653-2697-405A-8C58-2002F0504DCA}" = dir=out | name=skype |
"{FE506B8B-26CA-4BF5-9B1C-4784B77DD19F}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"TCP Query User{15E59908-3A9F-4451-989C-63F906E273EC}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{B5C57A4E-1B0F-4481-927C-4D297A7CDCA5}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{10CB7DA2-C1E9-4E5B-9579-48CD08E42BA5}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{AEB76C02-BED9-4DA4-83C6-7A86AF200D55}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FA995CC-C849-4755-B14B-5404CC75DC24}" = Energy Star
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{29989969-FED8-4EFB-8FB2-39429D37E471}" = HP 3D DriveGuard
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}" = Validity Fingerprint Sensor Driver
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}" = Ralink Bluetooth Stack64
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"EPSON L355 Series" = Odinstalace tiskárny EPSON L355 Series
"GIMP-2_is1" = GIMP 2.8.6
"Lexmark_HostCD" = Lexmark Software Uninstall
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0BE73D3C-B5AF-11E1-933A-984BE15F174E}" = Evernote v. 4.5.7
"{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}" = LibreOffice 4.0.2.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{23170F69-40C1-2701-0921-000001000000}" = 7-Zip 9.21
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30B2D1D8-0A07-4B71-9553-0710C5D31E35}" = HP Wireless Button Driver
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP HD Webcam Driver
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{50F16F43-54B8-43DB-B96F-255546DFB990}" = HP ESU for Microsoft Windows 8
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1" = Wondershare PDF Editor(Build 3.6.2)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F7E2060-7212-4A53-9875-55173E4BA3F0}" = HP Hotkey Support
"{835B275B-F29B-464B-BD4B-097FD55FAB0A}" = HP Software Framework
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{987210BB-D707-48FC-88FA-4374765D108D}" = HP System Default Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B50981AD-95E8-4E4D-912A-7C4B738387CA}" = HP SoftPaq Download Manager
"{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}" = Software Updater
"{C82D8932-EB28-4da6-9582-33D515D46F04}" = Huawei Drivers
"{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}" = HP Software Setup
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FCD58C04-324A-40D1-BA9E-1A754DF1736D}" = HP Documentation
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"HotKeyz_is1" = HotKeyz 2.8.2
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"PDF Complete" = PDF Complete Corporate Edition
"ShopperPro" = Shopper-Pro
"Some PDF to Word Converter_is1" = Some PDF to Word Converter 2.0
"TeamViewer 8" = TeamViewer 8
"T-Mobile Communication Centre" = T-Mobile Internet Manager
"Winamp" = Winamp
"XnView_is1" = XnView 2.00

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30. 6. 2014 8:32:46 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: ee4 Čas spuštění: 01cf945eaf44e983 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: a2c1a5a5-0052-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 8:59:04 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 3ec Čas spuštění: 01cf94625b692dee Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: 4f24fc29-0056-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 9:05:04 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: d60 Čas spuštění: 01cf946332861ab1 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: 260697c3-0057-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 9:33:39 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 618 Čas spuštění: 01cf94673072bcff Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: 23f24300-005b-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 9:42:07 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 6a0 Čas spuštění: 01cf94685f68cefb Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: 52daed66-005c-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 10:03:39 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 13cc Čas spuštění: 01cf946b6154d894 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: 55162357-005f-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 10:26:34 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 12dc Čas spuštění: 01cf946e9525744b Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: 889bde42-0062-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 10:32:35 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: f70 Čas spuštění: 01cf946f6c4139cc Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: 5fc9ab75-0063-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 10:42:30 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 15f4 Čas spuštění: 01cf9470cec3fe18 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: c240dd9d-0064-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


Error - 30. 6. 2014 11:03:39 | Computer Name = IAG_notebook_4 | Source = Application Hang | ID = 1002
Description = Program LiveComm.exe verze 17.5.9600.20498 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: fec Čas spuštění: 01cf9473c32261ff Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

ID
hlášení: b696d480-0067-11e4-beaf-a4173107dd90 Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

ID
aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


[ Hewlett-Packard Events ]
Error - 20. 3. 2014 3:02:39 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 40 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:05:19 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000 v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:07:47 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:07:47 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:07:47 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:07:48 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:07:48 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:07:48 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:07:48 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

Error - 20. 3. 2014 11:07:48 | Computer Name = IAG_notebook_4 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146232000HPSF.exe v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Kořenový element chybí. StackTrace: v System.Xml.XmlTextReaderImpl.Throw(Exception
e) v System.Xml.XmlTextReaderImpl.ParseDocumentContent() v System.Xml.XmlLoader.Load(XmlDocument
doc, XmlReader reader, Boolean preserveWhitespace) v System.Xml.XmlDocument.Load(XmlReader
reader) v System.Xml.XmlDocument.Load(String filename) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemRuntime.IsFailedIssue(String
strGuid) v HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: System.Xml Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3979
Ram
Utilization: 50 TargetSite: Void Throw(System.Exception)

[ HP Software Framework Events ]
Error - 10. 7. 2014 2:32:34 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 10 08:32:34.719|00000E58|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 10. 7. 2014 2:32:36 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 10 08:32:36.012|00001640|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 10. 7. 2014 14:09:39 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 10 20:09:39.707|00001640|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 11. 7. 2014 1:19:09 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 11 07:19:09.360|00001640|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 11. 7. 2014 1:23:09 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 11 07:23:09.486|00000EC4|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 11. 7. 2014 1:23:10 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 11 07:23:10.319|0000079C|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 11. 7. 2014 3:52:54 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 11 09:52:54.111|00001644|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 11. 7. 2014 3:52:54 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 11 09:52:54.832|0000170C|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 11. 7. 2014 10:11:41 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 11 16:11:41.074|0000179C|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

Error - 11. 7. 2014 10:11:42 | Computer Name = IAG_notebook_4 | Source = hpCasl | ID = 5
Description = 2014. 07. 11 16:11:42.260|0000030C|Error |[hpcasl]Command::Get{hpCasl.enReturnCode(string,object&)}|An
exception occurred Určené přetypování není platné.

[ System Events ]
Error - 13. 6. 2014 1:14:44 | Computer Name = IAG_notebook_4 | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již
2krát.

Error - 13. 6. 2014 1:18:57 | Computer Name = IAG_notebook_4 | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již
3krát.

Error - 15. 6. 2014 4:48:35 | Computer Name = IAG_notebook_4 | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již
4krát.

Error - 16. 6. 2014 11:56:16 | Computer Name = IAG_notebook_4 | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již
5krát.

Error - 16. 6. 2014 12:25:29 | Computer Name = IAG_notebook_4 | Source = DCOM | ID = 10010
Description =

Error - 16. 6. 2014 12:26:31 | Computer Name = IAG_notebook_4 | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 16. 6. 2014 14:14:13 | Computer Name = IAG_notebook_4 | Source = DCOM | ID = 10010
Description =

Error - 16. 6. 2014 14:14:13 | Computer Name = IAG_notebook_4 | Source = DCOM | ID = 10010
Description =

Error - 16. 6. 2014 14:14:13 | Computer Name = IAG_notebook_4 | Source = DCOM | ID = 10010
Description =

Error - 17. 6. 2014 1:00:19 | Computer Name = IAG_notebook_4 | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již
2krát.


< End of report >