Vyskakujúce reklamy [for vyosek]

Zpráva

#1 Příspěvek od **Conder** » 28 led 2015 20:35

Zdravím,
kamarát má problem s NTB - vyskakujú mu stále reklamy v Chrome, a reálne na otvorenej webstránke nie su, takže to bude zrejme nejaký adware. Prebehol PC s MBAM a dal zmazať nálezy, ale ani to nepomohlo. Vopred dik za pomoc

Logfile of random's system information tool 1.10 (written by random/random)
Run by lsczem0 at 2015-01-28 20:12:55
Microsoft Windows 7 Enterprise Service Pack 1
System drive C: has 156 GB (51%) free of 305 GB
Total RAM: 3014 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:13:10, on 28/01/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\DWRCST.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NetInst\eTray.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office15\lync.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\NetInst\NiAgnt32.exe
C:\Users\lsczem0\Downloads\RSIT.exe
C:\Program Files\trend micro\lsczem0.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by LIEBHERR FRANCE SAS
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = zdvproxy01.zdv.liebherr.i:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = albatros*;10.*;*.liebherr.i;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 193.27.220.90 zdvgw01.liebherr.com
O1 - Hosts: 193.27.220.90 zdvgw01.liebherr.com
O2 - BHO: 6b064ce819644ac68b741b4c9b968d8c0069917 - {11111111-1111-1111-1111-110611991117} - C:\Program Files\BRWSRApp+version2\BRWSRApp+version2-bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NIAGENTSTART] C:\Program Files\netinst\niagnt32.exe /nwcm
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Discovery User Input] "C:\Program Files\FrontRange Solutions\Discovery Client Agent\User Input\userin32.exe"
O4 - HKLM\..\Run: [eTMonitor] "C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Lightshot] C:\Program Files\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [NetInstall NiTray] "C:\Program Files\NetInst\eTray.exe"
O4 - HKLM\..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe
O4 - HKLM\..\Run: [PCDescription] powershell.exe C:\Scripts\set-PCdescritpion.ps1
O4 - HKLM\..\Run: [DSM7Agent] C:\Program Files\NetInst\niagnt32.exe
O4 - HKLM\..\Run: [DameWare MRC Agent] C:\Windows\system32\DWRCST.exe
O4 - HKCU\..\Run: [LightShot] C:\Users\lsczem0\AppData\Local\Skillbrains\lightshot\Lightshot.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: Bluetooth.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .NPSSView: C:\Program Files\Common Files\Crystal Decisions\2.0\crystalreportviewers\Viewers\ActiveXViewer\NPssView.dll
O15 - Trusted Zone: http://lfrsvtc01.lfr.liebherr.i (HKLM)
O15 - Trusted Zone: www.liebherr.i (HKLM)
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/distribution ... -2.0.4.cab
O16 - DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} (VPNWeb Control) - vpnweb.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lfr.liebherr.i
O17 - HKLM\Software\..\Telephony: DomainName = lfr.liebherr.i
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lfr.liebherr.i
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = lfr.liebherr.i
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\NetInst\NiAMH.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: DiscoveryClientAgent - Unknown owner - C:\Program Files\FrontRange Solutions\Discovery Client Agent\AUDIT\cagent32.exe
O23 - Service: DiscoveryIPTransferAgent - Unknown owner - C:\Program Files\FrontRange Solutions\Discovery Client Agent\AUDIT\xferwan.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\Windows\system32\DWRCS.exe
O23 - Service: FrontRange DSM Runtime Service (ersupext) - FrontRange Solutions USA Inc. and/or its affiliates - C:\Program Files\NetInst\mgmtagnt.exe
O23 - Service: FrontRange DSM Core Services (esiCore) - FrontRange Solutions USA Inc. and/or its affiliates - C:\Program Files\NetInst\mgmtagnt.exe
O23 - Service: ETOKSRV (eTSrv) - Aladdin Knowledge Systems, Ltd. - C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: LanProbe - Unknown owner - C:\Program Files\FrontRange Solutions\Discovery Client Agent\AUDIT\lpx86.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: itWatch Security Monitor (Security Monitor) - itWatch GmbH - C:\Program Files\itWatch\SecMonitor.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

--
End of file - 12526 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\update-S-1-5-21-1417001333-329068152-725345543-23155.job - C:\Program Files\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files\Skillbrains\Updater\Updater.exe -runmode=checkupdate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611991117}]
BRWSRApp+version2 - C:\Program Files\BRWSRApp+version2\BRWSRApp+version2-bho.dll [2015-01-23 718312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-26 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-26 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-07 143384]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-07 176664]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-07 178200]
"QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-05-13 318520]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-18 2209064]
"NIAGENTSTART"=C:\Program Files\netinst\niagnt32.exe [2014-08-25 194160]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2009-09-05 385024]
"Discovery User Input"=C:\Program Files\FrontRange Solutions\Discovery Client Agent\User Input\userin32.exe [2011-11-24 241664]
"eTMonitor"=C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe [2009-12-31 230752]
""= []
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2011-08-03 523216]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"Lightshot"=C:\Program Files\Skillbrains\lightshot\Lightshot.exe [2014-11-18 226560]
"NetInstall NiTray"=C:\Program Files\NetInst\eTray.exe [2014-08-25 88688]
"Greenshot"=C:\Program Files\Greenshot\Greenshot.exe [2013-05-20 499712]
"PCDescription"=powershell.exe C:\Scripts\set-PCdescritpion.ps1 []
"DSM7Agent"=C:\Program Files\NetInst\niagnt32.exe [2014-08-25 194160]
"DameWare MRC Agent"=C:\Windows\system32\DWRCST.exe [2010-08-06 85528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightShot"=C:\Users\lsczem0\AppData\Local\Skillbrains\lightshot\Lightshot.exe []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-12-11 30877280]
"Lync"=C:\Program Files\Microsoft Office\Office15\lync.exe [2014-11-12 19102872]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\NetInst\NiAMH.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-01-27 288768]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Security Monitor]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SENS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventSystem]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Security Monitor]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SENS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableInstallerDetection"=0
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"MaxGPOScriptWait"=7200

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=189

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dinotify.exe]
"Debugger="C:\Program Files\NetInst\dinotdbg.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-28 20:12:56 ----D---- C:\Program Files\trend micro
2015-01-28 20:12:55 ----D---- C:\rsit
2015-01-24 14:14:01 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-24 14:13:33 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-24 14:13:33 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-24 14:13:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-01-24 14:13:32 ----D---- C:\ProgramData\Malwarebytes
2015-01-24 14:13:32 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-01-23 09:12:54 ----D---- C:\TVWizard
2015-01-23 00:16:56 ----D---- C:\Users\lsczem0\AppData\Roaming\omiga-plus
2015-01-23 00:16:47 ----D---- C:\Program Files\globalUpdate
2015-01-23 00:16:39 ----D---- C:\Program Files\BRWSRApp+version2
2015-01-23 00:15:24 ----A---- C:\logFile.txt
2015-01-21 16:31:15 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-01-20 12:00:35 ----A---- C:\Windows\system32\ieUnatt.exe
2015-01-20 09:36:28 ----D---- C:\Users\lsczem0\AppData\Roaming\ptc
2015-01-20 09:02:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-19 20:01:15 ----D---- C:\Users\lsczem0\AppData\Roaming\Greenshot
2015-01-19 16:23:44 ----A---- C:\Windows\system32\crypt32.dll
2015-01-19 16:17:59 ----A---- C:\Windows\system32\jsIntl.dll
2015-01-19 16:17:59 ----A---- C:\Windows\system32\elshyph.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\wininet.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\wextract.exe
2015-01-19 16:17:58 ----A---- C:\Windows\system32\webcheck.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\vbscript.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\urlmon.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\url.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-19 16:17:58 ----A---- C:\Windows\system32\msrating.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\msls31.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\mshtmled.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\mshtml.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\msfeeds.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\licmgr10.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\inseng.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\iexpress.exe
2015-01-19 16:17:58 ----A---- C:\Windows\system32\iesetup.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\iertutil.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\iernonce.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\iedkcs32.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\ieapfltr.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\ieapfltr.dat
2015-01-19 16:17:58 ----A---- C:\Windows\system32\ie4uinit.exe
2015-01-19 16:17:58 ----A---- C:\Windows\system32\icardie.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\dxtrans.dll
2015-01-19 16:17:58 ----A---- C:\Windows\system32\dxtmsft.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2015-01-19 16:17:57 ----A---- C:\Windows\system32\pngfilt.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\occache.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\mshtmler.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\mshta.exe
2015-01-19 16:17:57 ----A---- C:\Windows\system32\msfeedssync.exe
2015-01-19 16:17:57 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\jscript9diag.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\jscript9.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\jscript.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\imgutil.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\ieui.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\iesysprep.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\iepeers.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\ieframe.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-01-19 16:17:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-01-19 16:17:57 ----A---- C:\Windows\system32\IEAdvpack.dll
2015-01-19 16:06:54 ----A---- C:\Windows\system32\wups2.dll
2015-01-19 16:06:54 ----A---- C:\Windows\system32\wuauclt.exe
2015-01-19 16:06:53 ----A---- C:\Windows\system32\wucltux.dll
2015-01-19 16:06:53 ----A---- C:\Windows\system32\wuaueng.dll
2015-01-19 16:06:32 ----A---- C:\Windows\system32\wups.dll
2015-01-19 16:06:32 ----A---- C:\Windows\system32\wudriver.dll
2015-01-19 16:06:31 ----A---- C:\Windows\system32\wuapi.dll
2015-01-19 16:06:14 ----A---- C:\Windows\system32\wuwebv.dll
2015-01-19 16:06:14 ----A---- C:\Windows\system32\wuapp.exe
2015-01-19 15:12:19 ----D---- C:\Program Files\Common Files\PTC
2015-01-19 15:12:05 ----D---- C:\Program Files\PTC
2015-01-19 15:08:13 ----D---- C:\f6237d13c4a466a9a67dfec4b309a5
2015-01-19 14:43:56 ----A---- C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-01-19 14:36:50 ----A---- C:\Windows\system32\rsclientprint.dll
2015-01-19 14:36:40 ----D---- C:\Scripts
2015-01-19 14:33:50 ----D---- C:\Windows\system32\ja
2015-01-19 14:33:49 ----D---- C:\Windows\system32\tr
2015-01-19 14:33:49 ----D---- C:\Windows\system32\nl
2015-01-19 14:33:49 ----D---- C:\Windows\system32\es
2015-01-19 14:33:49 ----D---- C:\Windows\system32\BestPractices
2015-01-19 14:33:48 ----D---- C:\Windows\system32\zh-CHT
2015-01-19 14:33:48 ----D---- C:\Windows\system32\pt
2015-01-19 14:33:48 ----D---- C:\Windows\system32\pl
2015-01-19 14:33:48 ----D---- C:\Windows\system32\ko
2015-01-19 14:33:46 ----D---- C:\Windows\system32\zh-CHS
2015-01-19 14:33:46 ----D---- C:\Windows\system32\sv
2015-01-19 14:33:46 ----D---- C:\Windows\system32\ru
2015-01-19 14:33:46 ----D---- C:\Windows\system32\it
2015-01-19 14:28:33 ----D---- C:\Program Files\Greenshot
2015-01-19 14:28:23 ----D---- C:\Windows\Alternatiff
2015-01-19 14:16:19 ----A---- C:\Windows\system32\drivers\appid.sys
2015-01-19 14:16:19 ----A---- C:\Windows\system32\ci.dll
2015-01-19 14:16:19 ----A---- C:\Windows\system32\appidsvc.dll
2015-01-19 14:16:19 ----A---- C:\Windows\system32\appidapi.dll
2015-01-19 14:16:18 ----A---- C:\Windows\system32\srcore.dll
2015-01-19 14:16:18 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-01-19 14:16:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-19 14:16:18 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-01-19 14:16:16 ----A---- C:\Windows\system32\winresume.exe
2015-01-19 14:16:15 ----A---- C:\Windows\system32\winload.exe
2015-01-19 14:16:09 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-19 14:16:03 ----A---- C:\Windows\system32\profsvc.dll
2015-01-19 14:16:03 ----A---- C:\Windows\system32\profprov.dll
2015-01-19 13:58:56 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-19 13:58:56 ----A---- C:\Windows\system32\ncsi.dll
2015-01-19 13:58:42 ----A---- C:\Windows\system32\WebClnt.dll
2015-01-19 13:58:42 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-19 13:58:42 ----A---- C:\Windows\system32\davclnt.dll
2015-01-19 13:33:40 ----D---- C:\Program Files\Common Files\enteo
2015-01-19 13:31:46 ----D---- C:\Program Files\Liebherr
2015-01-19 11:08:13 ----A---- C:\Windows\system32\KOBDrvAPIIF.DLL
2015-01-06 20:21:45 ----A---- C:\Windows\system32\drivers\tdx.sys

======List of files/folders modified in the last 1 month======

2015-01-28 20:13:08 ----D---- C:\Windows\Prefetch
2015-01-28 20:13:05 ----D---- C:\Users\lsczem0\AppData\Roaming\Skype
2015-01-28 20:12:56 ----RD---- C:\Program Files
2015-01-28 20:12:41 ----D---- C:\Windows\Temp
2015-01-28 16:48:06 ----D---- C:\Windows\system32\config
2015-01-28 16:28:29 ----A---- C:\Windows\SMSCFG.ini
2015-01-28 16:28:04 ----D---- C:\Program Files\itWatch
2015-01-28 09:44:10 ----D---- C:\Windows\Tasks
2015-01-28 09:44:10 ----D---- C:\Windows\system32\Tasks
2015-01-28 09:41:01 ----D---- C:\Windows
2015-01-25 21:13:18 ----D---- C:\Windows\System32
2015-01-25 21:13:15 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 19:44:52 ----SHD---- C:\System Volume Information
2015-01-24 14:56:14 ----SHD---- C:\Windows\Installer
2015-01-24 14:56:14 ----HD---- C:\ProgramData
2015-01-24 14:56:14 ----D---- C:\Windows\system32\drivers
2015-01-24 14:37:19 ----D---- C:\Program Files\VideoDownloadConverter
2015-01-24 11:28:54 ----D---- C:\Program Files\Google
2015-01-23 16:22:39 ----D---- C:\Users\lsczem0\AppData\Roaming\vlc
2015-01-23 15:07:01 ----SD---- C:\Users\lsczem0\AppData\Roaming\Microsoft
2015-01-23 11:22:38 ----D---- C:\tmp
2015-01-23 11:21:26 ----D---- C:\Windows\inf
2015-01-23 11:21:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-22 11:41:07 ----D---- C:\Program Files\Mozilla Firefox
2015-01-22 11:24:19 ----D---- C:\Windows\Microsoft.NET
2015-01-22 10:55:07 ----RSD---- C:\Windows\assembly
2015-01-22 08:41:45 ----D---- C:\ProgramData\Microsoft Help
2015-01-22 08:38:42 ----RSD---- C:\Windows\Fonts
2015-01-22 08:38:26 ----D---- C:\Program Files\Common Files\microsoft shared
2015-01-22 08:35:56 ----A---- C:\Windows\win.ini
2015-01-21 16:43:30 ----D---- C:\Windows\ShellNew
2015-01-21 16:36:26 ----D---- C:\Windows\system32\catroot2
2015-01-21 16:30:57 ----D---- C:\Program Files\Common Files\DESIGNER
2015-01-21 16:30:40 ----D---- C:\Program Files\Microsoft Office
2015-01-21 10:28:19 ----D---- C:\Windows\rescache
2015-01-21 08:09:08 ----D---- C:\Program Files\NetInst
2015-01-20 19:37:21 ----D---- C:\Windows\winsxs
2015-01-20 17:29:37 ----D---- C:\Windows\system32\fr-FR
2015-01-20 17:29:37 ----D---- C:\Windows\system32\de-DE
2015-01-20 17:29:36 ----D---- C:\Windows\system32\hu-HU
2015-01-20 17:29:36 ----D---- C:\Windows\system32\en-US
2015-01-20 17:29:36 ----D---- C:\Windows\system32\cs-CZ
2015-01-20 12:00:42 ----D---- C:\Windows\system32\catroot
2015-01-20 07:25:30 ----D---- C:\Windows\system32\drivers\etc
2015-01-19 16:25:15 ----D---- C:\Program Files\Internet Explorer
2015-01-19 16:25:14 ----D---- C:\Windows\system32\migration
2015-01-19 16:25:14 ----D---- C:\Windows\PolicyDefinitions
2015-01-19 16:23:41 ----D---- C:\Windows\Logs
2015-01-19 16:22:15 ----HD---- C:\Windows\system32\dwrcssft
2015-01-19 15:12:20 ----D---- C:\Windows\Downloaded Program Files
2015-01-19 15:12:19 ----D---- C:\Program Files\Common Files
2015-01-19 14:36:29 ----D---- C:\temp
2015-01-19 14:33:52 ----D---- C:\Windows\system32\pt-BR
2015-01-19 14:33:52 ----D---- C:\Windows\system32\it-IT
2015-01-19 14:33:51 ----D---- C:\Windows\system32\pt-PT
2015-01-19 14:33:50 ----D---- C:\Windows\system32\pl-PL
2015-01-19 14:33:50 ----D---- C:\Windows\system32\ko-KR
2015-01-19 14:33:49 ----D---- C:\Windows\system32\nl-NL
2015-01-19 14:33:48 ----D---- C:\Windows\system32\tr-TR
2015-01-19 14:33:48 ----D---- C:\Windows\system32\sv-SE
2015-01-19 14:33:48 ----D---- C:\Windows\system32\hu
2015-01-19 14:33:48 ----D---- C:\Windows\system32\fr
2015-01-19 14:33:47 ----D---- C:\Windows\system32\es-ES
2015-01-19 14:33:46 ----D---- C:\Windows\system32\zh-TW
2015-01-19 14:33:44 ----D---- C:\Windows\system32\zh-CN
2015-01-19 14:33:44 ----D---- C:\Windows\system32\ja-JP
2015-01-19 14:33:43 ----D---- C:\Windows\system32\ru-RU
2015-01-19 14:33:43 ----D---- C:\Windows\system32\en
2015-01-19 14:33:43 ----D---- C:\Windows\system32\de
2015-01-19 14:33:43 ----D---- C:\Windows\system32\cs
2015-01-19 14:33:42 ----SD---- C:\ProgramData\Microsoft
2015-01-19 14:29:17 ----D---- C:\Windows\system32\DriverStore
2015-01-19 14:25:02 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-19 14:25:02 ----D---- C:\Windows\system32\Boot
2015-01-19 14:22:15 ----D---- C:\Windows\system32\MRT
2015-01-19 14:16:54 ----A---- C:\Windows\system32\MRT.exe
2015-01-19 11:08:07 ----D---- C:\Windows\system32\spool
2014-12-31 12:13:47 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 FSACDD;File System Access Control; C:\Windows\System32\Drivers\FSACDD.SYS [2014-07-03 86584]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2009-07-08 25656]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-10-18 173400]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2012-10-18 389632]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver; C:\Windows\system32\DRIVERS\dwvkbd.sys [2007-02-15 26624]
R1 MpKslbf0b9491;MpKslbf0b9491; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B5314AE8-1837-4284-816C-A00435C9CEAB}\MpKslbf0b9491.sys [2015-01-28 39464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-10-18 48640]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-08-13 1163328]
R3 AKSIFDH;Aladdin IFD Handler; C:\Windows\system32\DRIVERS\aksifdh.sys [2008-07-29 48296]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2010-09-02 2712640]
R3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-29 60416]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 297000]
R3 btwaudio;Périphérique audio Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 88616]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 111656]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 33320]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 18728]
R3 cdprku;cdprku; \??\C:\Windows\system32\Drivers\cdprku.sys [2013-11-26 26952]
R3 DwMirror;DwMirror; C:\Windows\system32\DRIVERS\DamewareMini.sys [2007-02-07 3712]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c6232.sys [2012-03-15 392872]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-05-13 21560]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-01-27 10551296]
R3 IntcDAud;Son Intel(R) pour écrans; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 269824]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2011-03-08 144984]
R3 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys [2011-02-09 23640]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-28 114904]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 51928]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 58880]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 137728]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-04-18 1329072]
R3 TPM;Module de plateforme sécurisée (TPM); C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-10-18 14848]
R3 WinUSB;WinUSB Service; C:\Windows\system32\drivers\WinUSB.sys [2010-11-20 35968]
S3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock.sys [2011-08-03 77968]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-10-06 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-10-06 11136]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2011-10-06 235392]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-10-06 193792]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 prepdrvr;SMS Process Event Driver; \??\C:\Windows\system32\CCM\prepdrv.sys [2009-09-18 20848]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows; C:\Windows\system32\DRIVERS\vpnva.sys [2011-08-03 23464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-27 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 656672]
R2 CcmExec;SMS Agent Host; C:\Windows\system32\CCM\CcmExec.exe [2009-09-18 764768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-10-18 21504]
R2 DiscoveryClientAgent;DiscoveryClientAgent; C:\Program Files\FrontRange Solutions\Discovery Client Agent\AUDIT\cagent32.exe [2011-11-24 1539136]
R2 DiscoveryIPTransferAgent;DiscoveryIPTransferAgent; C:\Program Files\FrontRange Solutions\Discovery Client Agent\AUDIT\xferwan.exe [2011-11-24 601152]
R2 DWMRCS;DameWare Mini Remote Control; C:\Windows\system32\DWRCS.exe [2010-08-06 242200]
R2 ersupext;FrontRange DSM Runtime Service; C:\Program Files\NetInst\mgmtagnt.exe [2014-08-25 225392]
R2 esiCore;FrontRange DSM Core Services; C:\Program Files\NetInst\mgmtagnt.exe [2014-08-25 225392]
R2 eTSrv;ETOKSRV; C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe [2009-12-31 12640]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-05-13 317496]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 Security Monitor;itWatch Security Monitor; C:\Program Files\itWatch\SecMonitor.exe [2014-07-03 57016]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-08-03 468432]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
R3 LanProbe;LanProbe; C:\Program Files\FrontRange Solutions\Discovery Client Agent\AUDIT\lpx86.exe [2011-11-24 236032]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-10-18 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2012-10-18 21504]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-24 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-19 102912]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2012-10-18 21504]
S3 smstsmgr;SMS Task Sequence Agent; C:\Windows\system32\CCM\TSManager.exe [2009-09-18 246624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-10-18 21504]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 29 led 2015 08:24

Zdravim

To bude ale firemni ntb, je tak??

#3 Příspěvek od **Conder** » 29 led 2015 14:58

Podľa toho čo mi písal, tak je to notebook od firmy ale s tým, že s ním môže robiť čo chce (takže sa využíva na osobné účely).

#4 Příspěvek od **vyosek** » 29 led 2015 15:19

I presto je to primarne majetek firmy a ta jej ma ve sprave a na to placene IT techniky - at se tedy na ne obrati.

#5 Příspěvek od **Conder** » 29 led 2015 16:49

Ok, tak snad nabuduce, zatial diky.

#6 Příspěvek od **vyosek** » 29 led 2015 16:56

Neni zac

VIRY.CZ

Vyskakujúce reklamy [for vyosek]

Vyskakujúce reklamy [for vyosek]

Re: Vyskakujúce reklamy [for vyosek]

Re: Vyskakujúce reklamy [for vyosek]

Re: Vyskakujúce reklamy [for vyosek]

Re: Vyskakujúce reklamy [for vyosek]

Re: Vyskakujúce reklamy [for vyosek]