pada windows

[JozoSVK]

Takze nedavno som stiahol hru pri ktorej mi hlasilo virus no antivirak (norton) ho "udajne" odstranil. A od vtedy mi stale hlasi nejaky virus no ked ho dam odstranit, padne mi windows a hodi mi modru obrazovku. Neviem co s tym mam robit (hru som samozrejme uz odinstaloval). Pocitac mi bezi pomaly, v Cecku sa mi vytvoril nejaky divny subor, ktory ma 190 giga a neda sa odstranit. A stale ked vypinam/ dam restartovat pc hodi mi modru obrazovku a musim ho vypnut natvrdo. Ak mi mozete nejako pomoct budem vam velmi vdacny

log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jozo at 2012-11-22 02:50:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 53 GB (8%) free of 696 GB
Total RAM: 6092 MB (5% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:50:19, on 22. 11. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\PROGRA~2\NORTON~2\Engine\1990~1.9\navw32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Jozo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.fi.muni.cz:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [Windows Explorer] C:\Users\Jozo\Drivers\msconfig.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Windows Explorer] C:\Users\Jozo\Drivers\msconfig.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/In ... ect119.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15029 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4da62886-6df1-4940-850c-b1a17e9ba186 -SystemEventPortName:HostProcess-d39ceead-da32-4131-bcbf-35b6efaf135e -IoCancelEventPortName:HostProcess-52c6f0f5-5cb0-47d5-beff-b73c9f222b7a -NonStateChangingEventPortName:HostProcess-fb7f60fa-cb67-4c14-a2b6-9722571619f4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:21708d60-2c4c-4ef4-9b4b-964b79b58a53 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 2854624
\??\C:\Windows\system32\conhost.exe "225128024958614848-1629723867-49800621953290829-347078066-11033777751166396550
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\diMaster.dll" /prefetch:1
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe"
WLIDSvcM.exe 2356
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"taskhost.exe"
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
taskeng.exe {0053248E-95AB-458B-B08F-B24CA0A4784C}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Users\Jozo\Drivers\explorer.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
-Minimized
/SE- /TTASK:"C:\Users\Jozo\AppData\Local\Temp\scan0.sca"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4748 CREDAT:145409
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4748 CREDAT:145410
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Jozo\Desktop\Antiv. LOG\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForJOZO-HP$.job
C:\Windows\tasks\HPCeeScheduleForJozo.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25 1763656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\IPS\IPSBHO.DLL [2012-06-21 210400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-04 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25 1613640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"SetDefault"=C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-12-19 44880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-08-04 1353080]
"Windows Explorer"=C:\Users\Jozo\Drivers\msconfig.exe [2012-11-19 102912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-07-27 35768]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
""= []
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2012-10-10 259072]
"Windows Explorer"=C:\Users\Jozo\Drivers\msconfig.exe [2012-11-19 102912]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-22 02:50:05 ----D---- C:\Program Files\trend micro
2012-11-22 02:50:04 ----D---- C:\rsit
2012-11-22 01:51:30 ----A---- C:\Windows\ntbtlog.txt
2012-11-20 05:14:22 ----D---- C:\Windows\Minidump
2012-11-20 04:59:51 ----RASH---- C:\setup.exe
2012-11-20 04:10:33 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2012-11-20 04:10:33 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2012-11-20 04:10:33 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-11-20 04:10:33 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-11-20 04:10:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2012-11-20 04:10:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-11-20 04:10:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2012-11-20 04:10:31 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-11-20 04:10:30 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2012-11-20 04:10:30 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2012-11-20 04:10:30 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-11-20 04:10:30 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-11-20 04:10:29 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2012-11-20 04:10:29 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-11-20 04:10:28 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2012-11-20 04:10:28 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-11-20 04:10:27 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2012-11-20 04:10:27 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2012-11-20 04:10:27 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2012-11-20 04:10:27 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-11-20 04:10:27 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-11-20 04:10:27 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-11-20 04:10:26 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2012-11-20 04:10:26 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-11-20 04:10:25 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2012-11-20 04:10:25 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-11-20 04:10:24 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2012-11-20 04:10:24 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-11-20 04:10:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2012-11-20 04:10:21 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-11-20 04:10:17 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2012-11-20 04:10:17 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-11-20 04:10:16 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2012-11-20 04:10:16 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-11-20 04:10:14 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2012-11-20 04:10:14 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-11-20 04:10:12 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2012-11-20 04:10:12 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-11-20 04:10:08 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-11-20 04:10:08 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-11-20 04:10:05 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-11-20 04:10:05 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-11-20 04:10:04 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-11-20 04:10:04 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-11-20 04:10:04 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-11-20 04:10:04 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-11-20 04:10:03 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-11-20 04:10:03 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-11-20 04:10:03 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-11-20 04:10:03 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-11-20 04:10:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-11-20 04:10:02 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-11-20 04:09:57 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-11-20 04:09:57 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-11-20 04:09:54 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2012-11-20 04:09:54 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2012-11-20 04:09:54 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-11-20 04:09:54 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-11-20 04:09:51 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2012-11-20 04:09:51 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-11-20 04:09:50 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2012-11-20 04:09:50 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-11-20 04:09:46 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-11-20 04:09:46 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-11-20 04:09:46 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-11-20 04:09:46 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-11-20 04:09:45 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2012-11-20 04:09:45 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-11-20 04:09:43 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-11-20 04:09:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-11-20 04:09:43 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-11-20 04:09:43 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-11-20 04:09:40 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-11-20 04:09:40 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-11-20 04:09:39 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-11-20 04:09:39 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-11-20 04:09:39 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2012-11-20 04:09:39 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-11-20 04:09:39 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-11-20 04:09:39 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-11-20 04:09:38 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-11-20 04:09:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-11-20 04:09:37 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-11-20 04:09:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-11-20 04:09:37 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-11-20 04:09:37 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-11-20 04:09:35 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-11-20 04:09:35 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2012-11-20 04:09:35 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-11-20 04:09:35 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-11-20 04:09:35 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-11-20 04:09:35 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-11-20 04:09:34 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-11-20 04:09:34 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-11-20 04:09:33 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-11-20 04:09:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-11-20 04:09:33 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-11-20 04:09:33 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-11-20 04:09:30 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-11-20 04:09:30 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-11-20 04:09:29 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-11-20 04:09:29 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-11-20 04:09:28 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-11-20 04:09:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-11-20 04:09:28 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-11-20 04:09:28 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-11-20 04:09:26 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-11-20 04:09:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-11-20 04:09:25 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-11-20 04:09:25 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-11-20 04:09:24 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-11-20 04:09:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-11-20 04:09:24 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-11-20 04:09:24 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-11-20 04:09:22 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-11-20 04:09:22 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-11-20 04:09:21 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-11-20 04:09:21 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-11-20 04:09:21 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-11-20 04:09:21 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-11-20 04:09:20 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-11-20 04:09:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-11-20 04:09:20 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-11-20 04:09:20 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-11-20 04:09:18 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-11-20 04:09:18 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-11-20 04:09:18 ----A---- C:\Windows\system32\xinput1_3.dll
2012-11-20 04:09:18 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-11-20 04:09:17 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-11-20 04:09:17 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-11-20 04:09:16 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-11-20 04:09:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-11-20 04:09:16 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-11-20 04:09:16 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-11-20 04:09:15 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-11-20 04:09:15 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-11-20 04:09:14 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-11-20 04:09:14 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-11-20 04:09:14 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-11-20 04:09:14 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-11-20 04:09:14 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-11-20 04:09:14 ----A---- C:\Windows\system32\d3dx10.dll
2012-11-20 04:09:12 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2012-11-20 04:09:12 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-11-20 04:09:11 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-11-20 04:09:11 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-11-20 04:09:11 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-11-20 04:09:11 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-11-20 04:09:10 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-11-20 04:09:10 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-11-20 04:09:10 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-11-20 04:09:10 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-11-20 04:09:09 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-11-20 04:09:09 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-11-20 04:09:09 ----A---- C:\Windows\system32\xinput1_2.dll
2012-11-20 04:09:09 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-11-20 04:09:08 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-11-20 04:09:08 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-11-20 04:09:08 ----A---- C:\Windows\system32\xinput1_1.dll
2012-11-20 04:09:08 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-11-20 04:09:01 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-11-20 04:09:01 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-11-20 04:08:58 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-11-20 04:08:58 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-11-20 04:08:58 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-11-20 04:08:58 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-11-20 04:08:56 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-11-20 04:08:56 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-11-20 04:08:54 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-11-20 04:08:54 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-11-20 04:08:51 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-11-20 04:08:51 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-11-20 04:08:49 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-11-20 04:08:49 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-11-20 04:08:46 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-11-20 04:08:46 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-11-20 04:08:42 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-11-20 04:08:42 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-11-18 17:02:15 ----A---- C:\Windows\system32\ricdb.ini
2012-11-18 17:02:14 ----D---- C:\ProgramData\RICOH
2012-11-18 17:01:55 ----D---- C:\Program Files (x86)\Y Soft
2012-11-18 17:01:55 ----A---- C:\Windows\system32\SafeQEvent.dll
2012-11-18 17:01:54 ----A---- C:\Windows\system32\SAFEQVS64.DLL
2012-11-18 17:01:54 ----A---- C:\Windows\system32\SafeQCairoLib64.DLL
2012-11-18 17:01:54 ----A---- C:\Windows\system32\SAFEQ64UI.DLL
2012-11-18 17:01:00 ----A---- C:\Windows\system32\ricA5Hlm.dll
2012-11-16 18:31:34 ----D---- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2012-11-16 01:06:50 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-16 01:06:50 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-16 01:06:50 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-16 01:00:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-16 01:00:25 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-16 01:00:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-16 01:00:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-16 01:00:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-16 01:00:24 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-16 01:00:24 ----A---- C:\Windows\system32\ieui.dll
2012-11-16 01:00:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-16 01:00:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-16 01:00:23 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-16 01:00:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-16 01:00:23 ----A---- C:\Windows\system32\urlmon.dll
2012-11-16 01:00:23 ----A---- C:\Windows\system32\url.dll
2012-11-16 01:00:23 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-16 01:00:23 ----A---- C:\Windows\system32\jscript9.dll
2012-11-16 01:00:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-16 01:00:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-16 01:00:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-16 01:00:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-16 01:00:22 ----A---- C:\Windows\system32\wininet.dll
2012-11-16 01:00:22 ----A---- C:\Windows\system32\vbscript.dll
2012-11-16 01:00:22 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-16 01:00:22 ----A---- C:\Windows\system32\jscript.dll
2012-11-16 01:00:22 ----A---- C:\Windows\system32\iertutil.dll
2012-11-16 01:00:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-16 01:00:20 ----A---- C:\Windows\system32\mshtml.dll
2012-11-16 01:00:20 ----A---- C:\Windows\system32\ieframe.dll
2012-11-16 01:00:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-16 00:56:47 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-16 00:56:47 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-16 00:56:45 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-16 00:56:45 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-16 00:56:45 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-16 00:56:44 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-16 00:56:44 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-15 14:53:35 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-15 14:53:34 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-15 14:53:34 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-15 14:53:34 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-15 14:53:32 ----A---- C:\Windows\system32\win32k.sys
2012-11-15 14:53:31 ----A---- C:\Windows\system32\ncsi.dll
2012-11-15 14:53:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-15 14:53:30 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-15 14:53:30 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-15 14:53:30 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-15 14:53:30 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-15 14:53:30 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-15 14:53:30 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-15 14:53:30 ----A---- C:\Windows\system32\netevent.dll
2012-11-15 14:53:30 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-15 14:53:30 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-15 14:53:30 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-15 14:53:09 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-15 14:53:09 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 10:20:29 ----D---- C:\Program Files (x86)\AMD APP

======List of files/folders modified in the last 1 month======

2012-11-22 06:29:06 ----D---- C:\Windows\Tasks
2012-11-22 06:29:06 ----D---- C:\Windows\SysWOW64
2012-11-22 06:29:06 ----D---- C:\Windows\system32\Tasks
2012-11-22 06:29:06 ----D---- C:\Windows\system32\DriverStore
2012-11-22 06:29:06 ----D---- C:\Windows\system32\drivers\etc
2012-11-22 06:29:06 ----D---- C:\Windows\system32\catroot2
2012-11-22 06:29:06 ----D---- C:\Windows\System32
2012-11-22 06:29:05 ----D---- C:\Windows\inf
2012-11-22 06:28:43 ----D---- C:\ProgramData\Norton
2012-11-22 06:28:39 ----D---- C:\Windows\registration
2012-11-22 06:28:15 ----RSD---- C:\Windows\assembly
2012-11-22 02:50:05 ----RD---- C:\Program Files
2012-11-22 02:49:59 ----D---- C:\Windows\Temp
2012-11-22 02:21:29 ----A---- C:\Windows\SYSWOW64\log.txt
2012-11-22 02:19:58 ----D---- C:\Program Files (x86)\Steam
2012-11-22 02:18:22 ----D---- C:\Windows
2012-11-22 02:10:29 ----D---- C:\Windows\system32\config
2012-11-22 01:59:49 ----SD---- C:\ProgramData\Microsoft
2012-11-22 01:41:39 ----D---- C:\Windows\system32\LogFiles
2012-11-22 00:53:38 ----SHD---- C:\System Volume Information
2012-11-21 22:33:08 ----D---- C:\ProgramData\GarenaMessenger
2012-11-21 22:33:06 ----D---- C:\Users\Jozo\AppData\Roaming\GarenaPlus
2012-11-21 21:35:46 ----RD---- C:\Program Files (x86)
2012-11-21 21:34:23 ----D---- C:\Users\Jozo\AppData\Roaming\Skype
2012-11-21 21:20:49 ----D---- C:\Windows\SoftwareDistribution
2012-11-21 20:14:55 ----D---- C:\Windows\Prefetch
2012-11-20 23:42:58 ----D---- C:\Windows\Logs
2012-11-20 17:11:11 ----D---- C:\Users\Jozo\AppData\Roaming\Identities
2012-11-20 15:52:55 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-11-20 15:52:54 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-11-20 15:49:32 ----D---- C:\Users\Jozo\AppData\Roaming\DAEMON Tools Pro
2012-11-20 04:51:36 ----SHD---- C:\Windows\Installer
2012-11-20 04:11:09 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-19 23:05:23 ----D---- C:\Windows\rescache
2012-11-18 17:02:14 ----HD---- C:\ProgramData
2012-11-17 18:30:39 ----D---- C:\Windows\Microsoft.NET
2012-11-16 18:37:00 ----D---- C:\Windows\Help
2012-11-16 18:36:53 ----D---- C:\Windows\winsxs
2012-11-16 18:33:03 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-11-16 18:30:23 ----D---- C:\SWSetup
2012-11-16 11:47:46 ----D---- C:\Windows\debug
2012-11-16 09:59:56 ----D---- C:\Windows\SYSWOW64\en-US
2012-11-16 09:59:56 ----D---- C:\Windows\system32\en-US
2012-11-16 09:59:55 ----D---- C:\Windows\system32\wbem
2012-11-16 09:59:55 ----D---- C:\Windows\system32\drivers\en-US
2012-11-16 09:59:55 ----D---- C:\Windows\system32\drivers
2012-11-16 09:59:53 ----D---- C:\Windows\SYSWOW64\migration
2012-11-16 09:59:53 ----D---- C:\Windows\system32\migration
2012-11-16 09:59:53 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-16 09:59:50 ----D---- C:\Program Files\Internet Explorer
2012-11-16 09:59:41 ----D---- C:\Windows\system32\sk-SK
2012-11-16 09:59:39 ----RSD---- C:\Windows\Fonts
2012-11-16 01:09:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-16 01:07:04 ----D---- C:\Windows\system32\catroot
2012-11-16 00:57:59 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 14:51:00 ----D---- C:\Users\Jozo\AppData\Roaming\codeblocks
2012-11-08 04:01:37 ----D---- C:\Program Files (x86)\Garena Plus
2012-11-04 18:38:20 ----D---- C:\ProgramData\Skype
2012-11-04 11:16:38 ----SHD---- C:\$RECYCLE.BIN

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-04-25 30488]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1309000.009\SYMDS64.SYS [2011-08-15 451192]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1309000.009\SYMEFA64.SYS [2012-05-22 1129120]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-24 1384608]
R1 ccSet_NAV;Norton AntiVirus Settings Manager; C:\Windows\system32\drivers\NAVx64\1309000.009\ccSetx64.sys [2012-06-07 167072]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-04 271424]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2012-11-12 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\20121120.001\IDSvia64.sys [2012-09-01 513184]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1309000.009\SRTSP64.SYS [2012-07-06 737952]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1309000.009\SRTSPX64.SYS [2012-07-06 37536]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1309000.009\Ironx64.SYS [2012-04-18 190072]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NAVx64\1309000.009\SYMNETS.SYS [2012-04-18 405624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-04-05 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-04-05 43680]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-04-25 43800]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-10-29 3065408]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20121121.004\ENG64.SYS [2012-11-21 126112]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20121121.004\EX64.SYS [2012-11-21 2084000]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-06-02 528384]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2012-07-13 175736]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-28 239616]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-08-25 260424]
R2 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-09 325912]
R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe [2012-06-16 138272]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-20 75136]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-08-09 2656536]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-05 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[JaRon]

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Explorer"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Windows Explorer"=-

File::
C:\Users\Jozo\Drivers\msconfig.exe 

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

[JozoSVK]

No urobil som to, o co ste ma poziadali a zase mi padol win, ked sa spustil ten combofix. Pokial sa mi to nepodari nejako vyriesit asi preinstalujem cely windows alebo co.... Stale mi norton hadze malware ktory ked dam opravit, tak mi to tiez padne. 2x som uz dal obnovu systemu, odinstaloval som snad vsetko co som sem daval posledny mesiac a nic, stale to iste.

[JaRon]

skus v nudzovom rezime ZMAZAT alebo aspon premenovat subor C:\Users\Jozo\Drivers\msconfig.exe
a potom restart

[JozoSVK]

hmm C:\Users\Jozo tak tu nemam ziadny priecinok Drivers a ked zadam do prehladavaca C:\Users\Jozo\Drivers, tak sa tam dostanem ale zase tam nevidim msconfig.exe. Prave tento subor mi zachytava antivirak no neviem sa k nemu dostat a ked ho dam opravit tak...

[JaRon]

pouzi Avenger - jeho script:
Files to delete:
C:\Users\Jozo\Drivers\msconfig.exe

[JozoSVK]

a aj to je potrebne robit v nudzovom rezime?

[JaRon]

je to v podstate jedno, kde sa podari hlavne je ten subor ZMAZAT

[JozoSVK]

ked to tam hodim, vypisuje mi invalid script

[JaRon]

script ma dva riadky - skontroloval si ci nema po kopirovani na konci medzeru

[JozoSVK]

ok ja som si nevsimol ze tam treba dat to files to delete . No tak najprv som to mazal v normalnom rezime ale pri restarte mi zase hodilo modru obrazovku. Potom som to spustil v nudzovom rezime a snad som ho vymazal. Uvidim ci bude problem pretrvavat, kazdopadne dakujem za rady.

[JaRon]

no este sa neluc prescanuj PC s MBAM - postaci rychla kontrola

[JozoSVK]

Tak najprv som dal rychlu kontrolu a naslo mi 7 virusov, ktore som dal odstranit a restartoval sa mi pc. No aj tak mi pri tom vyskocila modra obrazovka. Potom som dal uplnu kontrolu, kde mi naslo dalsich 6, ktore som dal odstranit a po prvy krat po troch dnoch sa mi normalne vypol(restartoval) system bez toho, aby padol. Vsetko uz vyzera ok, takze ti velmi pekne dakujem za pomoc, ja uz som mal chut preinstalovat windows. Este raz dik, mas to u mna .)

[JaRon]

rado sa stalo