Pomalý notebook

Zpráva

zeroboyko · #1 Příspěvek od **zeroboyko** » 05 pro 2012 19:07

Zdravím mám tu spolubývajúceho notebook, ktorý ide strašne pomaly. Niektoré vecism už dal preč ale stále to nie je ono...ďakujem za kontrolu

Logfile of random's system information tool 1.09 (written by random/random)
Run by HP at 2012-12-05 19:04:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 510 GB (87%) free of 589 GB
Total RAM: 3552 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:06:25, on 5. 12. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=APN10374&gct=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 1F74F24ED5}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\HP\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Mp3Tube Toolbar - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - "C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL" (file missing)
O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: NHL® 09 Registration.lnk = C:\Program Files (x86)\EA SPORTS\NHL 09\Support\EAregister.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\25911~1.18\{c16c1~1\mngr.dll c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 16684 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 38548560
\??\C:\windows\system32\conhost.exe "1532174202614269531-7727984535613660931411667902-377159461-2113736809-874106402
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\IDT\WDM\sttray64.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\windows\system32\schtasks.exe" /create /tn "Browser Manager" /ru "SYSTEM" /sc minute /mo 1 /tr "C:\windows\system32\sc.exe start Browser Manager" /st 00:00:00
\??\C:\windows\system32\conhost.exe "-646210627-1055978068-713315439-129694946-19137528301055361587373394623-850502136
"C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe" /PROTECT
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe" /i
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /c /a /s UserSession
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 5032
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\msiexec.exe /V
C:\windows\system32\UI0Detect.exe
C:\windows\System32\svchost.exe -k swprv
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4892.1.429138325\1192124402" --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9647 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.836.1.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/4/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="4892.4.997026782\1213048191" /prefetch:3
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4892.5.1502276924\1338754344" --lang=sk --ignored=" --type=renderer " /prefetch:13
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\sppsvc.exe
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/4/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="4892.9.815757981\1775731891" /prefetch:3
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/4/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="4892.10.1274219056\1271841776" /prefetch:3
"C:\Users\HP\Downloads\RSITx64.exe"
taskeng.exe {09D81C3A-CD7E-4958-BFAE-341B52C12425}
"C:\Users\HP\Downloads\RSITx64.exe"
taskmgr.exe /3

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1173708772-296913588-2900899520-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1173708772-296913588-2900899520-1001UA.job
C:\windows\tasks\HP Photo Creations Communicator.job
C:\windows\tasks\HPCeeScheduleForHP.job
C:\windows\tasks\hpwebreg_CN2271P00D05QT.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\HP\AppData\Roaming\Complitly\64\Complitly64.dll [2012-02-02 167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\HP\AppData\Roaming\Complitly\Complitly.dll [2012-02-02 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-21 261632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-05-10 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YTD Toolbar - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll [2012-11-28 1230216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-10-24 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-21 270336]
{98889811-442D-49dd-99D7-DC866BE87DBC}
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
{46897C77-E7A6-4c33-BFFB-E9C2E2718942} - Mp3Tube Toolbar - C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL [2011-04-29 1070592]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YTD Toolbar - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll [2012-11-28 1230216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-12 2887440]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-05-10 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-05-10 379552]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-05-24 200704]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-07-15 14904]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-07-11 1424896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-19 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-04-22 658424]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-09 12277248]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-26 336384]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
"HPQuickWebProxy"=c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-08-09 169528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-11-28 1123720]

C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NHL® 09 Registration.lnk - C:\Program Files (x86)\EA SPORTS\NHL 09\Support\EAregister.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-12-05 19:02:51 ----D---- C:\rsit
2012-12-05 19:02:51 ----D---- C:\Program Files\trend micro
2012-12-01 19:23:27 ----D---- C:\Program Files (x86)\Application Updater
2012-12-01 19:23:26 ----D---- C:\Program Files (x86)\YTD Toolbar
2012-11-24 19:45:00 ----A---- C:\windows\SYSWOW64\shoB6A.tmp
2012-11-24 19:11:25 ----D---- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2012-11-24 13:45:03 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-11-24 13:43:59 ----D---- C:\ProgramData\Microsoft Help
2012-11-24 13:43:41 ----RHD---- C:\MSOCache
2012-11-19 19:42:29 ----D---- C:\Program Files\CCleaner
2012-11-18 23:26:41 ----A---- C:\windows\SYSWOW64\XAudio2_7.dll
2012-11-18 23:26:41 ----A---- C:\windows\SYSWOW64\XAPOFX1_5.dll
2012-11-18 23:26:41 ----A---- C:\windows\system32\XAudio2_7.dll
2012-11-18 23:26:41 ----A---- C:\windows\system32\XAPOFX1_5.dll
2012-11-18 23:26:40 ----A---- C:\windows\SYSWOW64\xactengine3_7.dll
2012-11-18 23:26:40 ----A---- C:\windows\system32\xactengine3_7.dll
2012-11-18 23:26:39 ----A---- C:\windows\SYSWOW64\d3dcsx_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\SYSWOW64\D3DCompiler_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\system32\d3dcsx_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\system32\D3DCompiler_43.dll
2012-11-18 23:26:38 ----A---- C:\windows\SYSWOW64\d3dx11_43.dll
2012-11-18 23:26:38 ----A---- C:\windows\system32\d3dx11_43.dll
2012-11-18 23:26:37 ----A---- C:\windows\SYSWOW64\d3dx10_43.dll
2012-11-18 23:26:37 ----A---- C:\windows\system32\d3dx10_43.dll
2012-11-18 23:26:36 ----A---- C:\windows\SYSWOW64\D3DX9_43.dll
2012-11-18 23:26:36 ----A---- C:\windows\system32\D3DX9_43.dll
2012-11-18 23:26:35 ----A---- C:\windows\SYSWOW64\XAudio2_6.dll
2012-11-18 23:26:35 ----A---- C:\windows\SYSWOW64\XAPOFX1_4.dll
2012-11-18 23:26:35 ----A---- C:\windows\system32\XAudio2_6.dll
2012-11-18 23:26:35 ----A---- C:\windows\system32\XAPOFX1_4.dll
2012-11-18 23:26:34 ----A---- C:\windows\SYSWOW64\xactengine3_6.dll
2012-11-18 23:26:34 ----A---- C:\windows\system32\xactengine3_6.dll
2012-11-18 23:26:33 ----A---- C:\windows\SYSWOW64\X3DAudio1_7.dll
2012-11-18 23:26:33 ----A---- C:\windows\system32\X3DAudio1_7.dll
2012-11-18 23:26:31 ----A---- C:\windows\system32\XAudio2_5.dll
2012-11-18 23:26:30 ----A---- C:\windows\SYSWOW64\xactengine3_5.dll
2012-11-18 23:26:30 ----A---- C:\windows\system32\xactengine3_5.dll
2012-11-18 23:26:29 ----A---- C:\windows\SYSWOW64\D3DCompiler_42.dll
2012-11-18 23:26:29 ----A---- C:\windows\system32\D3DCompiler_42.dll
2012-11-18 23:26:28 ----A---- C:\windows\SYSWOW64\d3dcsx_42.dll
2012-11-18 23:26:28 ----A---- C:\windows\system32\d3dcsx_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\SYSWOW64\D3DX9_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\SYSWOW64\d3dx11_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\system32\D3DX9_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\system32\d3dx11_42.dll
2012-11-18 23:26:26 ----A---- C:\windows\system32\d3dx10_41.dll
2012-11-18 23:26:26 ----A---- C:\windows\system32\D3DCompiler_41.dll
2012-11-18 23:26:25 ----A---- C:\windows\SYSWOW64\D3DX9_41.dll
2012-11-18 23:26:25 ----A---- C:\windows\system32\D3DX9_41.dll
2012-11-18 23:26:23 ----A---- C:\windows\SYSWOW64\XAudio2_4.dll
2012-11-18 23:26:23 ----A---- C:\windows\system32\XAudio2_4.dll
2012-11-18 23:26:23 ----A---- C:\windows\system32\XAPOFX1_3.dll
2012-11-18 23:26:22 ----A---- C:\windows\SYSWOW64\xactengine3_4.dll
2012-11-18 23:26:22 ----A---- C:\windows\system32\xactengine3_4.dll
2012-11-18 23:26:21 ----A---- C:\windows\SYSWOW64\X3DAudio1_6.dll
2012-11-18 23:26:21 ----A---- C:\windows\system32\X3DAudio1_6.dll
2012-11-18 23:26:20 ----A---- C:\windows\SYSWOW64\d3dx10_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\SYSWOW64\D3DCompiler_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\system32\d3dx10_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\system32\D3DCompiler_40.dll
2012-11-18 23:26:19 ----A---- C:\windows\SYSWOW64\D3DX9_40.dll
2012-11-18 23:26:19 ----A---- C:\windows\system32\D3DX9_40.dll
2012-11-18 23:26:17 ----A---- C:\windows\SYSWOW64\XAudio2_3.dll
2012-11-18 23:26:17 ----A---- C:\windows\SYSWOW64\XAPOFX1_2.dll
2012-11-18 23:26:17 ----A---- C:\windows\system32\XAudio2_3.dll
2012-11-18 23:26:17 ----A---- C:\windows\system32\XAPOFX1_2.dll
2012-11-18 23:26:16 ----A---- C:\windows\SYSWOW64\xactengine3_3.dll
2012-11-18 23:26:16 ----A---- C:\windows\system32\xactengine3_3.dll
2012-11-18 23:26:15 ----A---- C:\windows\SYSWOW64\X3DAudio1_5.dll
2012-11-18 23:26:15 ----A---- C:\windows\system32\X3DAudio1_5.dll
2012-11-18 23:26:13 ----A---- C:\windows\SYSWOW64\XAudio2_2.dll
2012-11-18 23:26:13 ----A---- C:\windows\SYSWOW64\XAPOFX1_1.dll
2012-11-18 23:26:13 ----A---- C:\windows\system32\XAudio2_2.dll
2012-11-18 23:26:13 ----A---- C:\windows\system32\XAPOFX1_1.dll
2012-11-18 23:26:12 ----A---- C:\windows\SYSWOW64\xactengine3_2.dll
2012-11-18 23:26:12 ----A---- C:\windows\system32\xactengine3_2.dll
2012-11-18 23:26:10 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\system32\d3dx10_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\system32\D3DCompiler_39.dll
2012-11-18 23:26:08 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2012-11-18 23:26:08 ----A---- C:\windows\system32\D3DX9_39.dll
2012-11-18 23:24:29 ----HD---- C:\windows\msdownld.tmp
2012-11-18 23:24:20 ----D---- C:\windows\SYSWOW64\directx
2012-11-18 22:25:55 ----D---- C:\Program Files (x86)\Mafia II Kompletní Edice
2012-11-18 15:00:35 ----D---- C:\windows\CheckSur
2012-11-16 11:23:12 ----D---- C:\Users\HP\AppData\Roaming\Leadertech
2012-11-16 11:19:14 ----A---- C:\windows\SYSWOW64\XAPOFX1_0.dll
2012-11-16 11:19:14 ----A---- C:\windows\system32\XAPOFX1_0.dll
2012-11-16 11:19:13 ----A---- C:\windows\SYSWOW64\XAudio2_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\SYSWOW64\xactengine3_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\system32\XAudio2_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\system32\xactengine3_1.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\X3DAudio1_4.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\d3dx10_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\D3DCompiler_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\X3DAudio1_4.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\d3dx10_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\D3DCompiler_38.dll
2012-11-16 11:19:11 ----A---- C:\windows\SYSWOW64\D3DX9_38.dll
2012-11-16 11:19:11 ----A---- C:\windows\system32\D3DX9_38.dll
2012-11-16 11:19:10 ----A---- C:\windows\SYSWOW64\XAudio2_0.dll
2012-11-16 11:19:10 ----A---- C:\windows\system32\XAudio2_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\SYSWOW64\xactengine3_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\SYSWOW64\X3DAudio1_3.dll
2012-11-16 11:19:09 ----A---- C:\windows\system32\xactengine3_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\system32\X3DAudio1_3.dll
2012-11-16 11:19:08 ----A---- C:\windows\SYSWOW64\d3dx10_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\SYSWOW64\D3DCompiler_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\system32\d3dx10_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\system32\D3DCompiler_37.dll
2012-11-16 11:19:07 ----A---- C:\windows\SYSWOW64\D3DX9_37.dll
2012-11-16 11:19:07 ----A---- C:\windows\system32\D3DX9_37.dll
2012-11-16 11:19:06 ----A---- C:\windows\SYSWOW64\xactengine2_10.dll
2012-11-16 11:19:06 ----A---- C:\windows\system32\xactengine2_10.dll
2012-11-16 11:19:05 ----A---- C:\windows\SYSWOW64\d3dx10_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\SYSWOW64\D3DCompiler_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\system32\d3dx10_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\system32\D3DCompiler_36.dll
2012-11-16 11:19:04 ----A---- C:\windows\SYSWOW64\d3dx9_36.dll
2012-11-16 11:19:04 ----A---- C:\windows\system32\d3dx9_36.dll
2012-11-16 11:19:03 ----A---- C:\windows\SYSWOW64\xactengine2_9.dll
2012-11-16 11:19:03 ----A---- C:\windows\system32\xactengine2_9.dll
2012-11-16 11:19:02 ----A---- C:\windows\SYSWOW64\d3dx10_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\SYSWOW64\D3DCompiler_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\system32\d3dx10_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\system32\D3DCompiler_35.dll
2012-11-16 11:19:01 ----A---- C:\windows\SYSWOW64\d3dx9_35.dll
2012-11-16 11:19:01 ----A---- C:\windows\system32\d3dx9_35.dll
2012-11-16 11:19:00 ----A---- C:\windows\SYSWOW64\xactengine2_8.dll
2012-11-16 11:19:00 ----A---- C:\windows\SYSWOW64\X3DAudio1_2.dll
2012-11-16 11:19:00 ----A---- C:\windows\system32\xactengine2_8.dll
2012-11-16 11:19:00 ----A---- C:\windows\system32\X3DAudio1_2.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\d3dx9_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\d3dx10_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\D3DCompiler_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\d3dx9_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\d3dx10_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\D3DCompiler_34.dll
2012-11-16 11:18:58 ----A---- C:\windows\SYSWOW64\xinput1_3.dll
2012-11-16 11:18:58 ----A---- C:\windows\system32\xinput1_3.dll
2012-11-16 11:18:57 ----A---- C:\windows\SYSWOW64\xactengine2_7.dll
2012-11-16 11:18:57 ----A---- C:\windows\system32\xactengine2_7.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\d3dx9_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\d3dx10_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\D3DCompiler_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\d3dx9_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\d3dx10_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\D3DCompiler_33.dll
2012-11-16 11:18:55 ----A---- C:\windows\SYSWOW64\xactengine2_6.dll
2012-11-16 11:18:55 ----A---- C:\windows\system32\xactengine2_6.dll
2012-11-16 11:18:53 ----A---- C:\windows\SYSWOW64\xactengine2_5.dll
2012-11-16 11:18:53 ----A---- C:\windows\SYSWOW64\d3dx10.dll
2012-11-16 11:18:53 ----A---- C:\windows\system32\xactengine2_5.dll
2012-11-16 11:18:53 ----A---- C:\windows\system32\d3dx10.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\xactengine2_4.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\x3daudio1_1.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\d3dx9_31.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\xactengine2_4.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\x3daudio1_1.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\d3dx9_31.dll
2012-11-16 11:18:49 ----A---- C:\windows\SYSWOW64\xactengine2_3.dll
2012-11-16 11:18:49 ----A---- C:\windows\system32\xactengine2_3.dll
2012-11-16 11:18:48 ----A---- C:\windows\SYSWOW64\xinput1_2.dll
2012-11-16 11:18:48 ----A---- C:\windows\system32\xinput1_2.dll
2012-11-16 11:18:47 ----A---- C:\windows\SYSWOW64\xinput1_1.dll
2012-11-16 11:18:47 ----A---- C:\windows\SYSWOW64\xactengine2_2.dll
2012-11-16 11:18:47 ----A---- C:\windows\system32\xinput1_1.dll
2012-11-16 11:18:47 ----A---- C:\windows\system32\xactengine2_2.dll
2012-11-16 11:18:46 ----A---- C:\windows\SYSWOW64\xactengine2_1.dll
2012-11-16 11:18:46 ----A---- C:\windows\system32\xactengine2_1.dll
2012-11-16 11:18:38 ----A---- C:\windows\SYSWOW64\d3dx9_30.dll
2012-11-16 11:18:38 ----A---- C:\windows\system32\d3dx9_30.dll
2012-11-16 11:18:37 ----A---- C:\windows\SYSWOW64\xactengine2_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\SYSWOW64\x3daudio1_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\system32\xactengine2_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\system32\x3daudio1_0.dll
2012-11-16 11:18:36 ----A---- C:\windows\SYSWOW64\d3dx9_29.dll
2012-11-16 11:18:36 ----A---- C:\windows\system32\d3dx9_29.dll
2012-11-16 11:18:35 ----A---- C:\windows\SYSWOW64\d3dx9_28.dll
2012-11-16 11:18:35 ----A---- C:\windows\system32\d3dx9_28.dll
2012-11-16 11:18:34 ----A---- C:\windows\SYSWOW64\d3dx9_27.dll
2012-11-16 11:18:34 ----A---- C:\windows\SYSWOW64\d3dx9_26.dll
2012-11-16 11:18:34 ----A---- C:\windows\system32\d3dx9_27.dll
2012-11-16 11:18:34 ----A---- C:\windows\system32\d3dx9_26.dll
2012-11-16 11:18:33 ----A---- C:\windows\SYSWOW64\d3dx9_25.dll
2012-11-16 11:18:33 ----A---- C:\windows\system32\d3dx9_25.dll
2012-11-16 11:18:32 ----A---- C:\windows\SYSWOW64\d3dx9_24.dll
2012-11-16 11:18:32 ----A---- C:\windows\system32\d3dx9_24.dll
2012-11-16 08:03:48 ----D---- C:\Program Files (x86)\Conduit
2012-11-16 08:03:18 ----D---- C:\Program Files (x86)\uTorrent
2012-11-16 08:02:08 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2012-11-15 23:41:43 ----A---- C:\windows\system32\Wdfres.dll
2012-11-15 23:41:43 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2012-11-15 23:41:43 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2012-11-15 23:34:56 ----A---- C:\windows\system32\mshtmled.dll
2012-11-15 23:34:55 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-11-15 23:34:54 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-11-15 23:34:54 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-11-15 23:34:54 ----A---- C:\windows\system32\ieui.dll
2012-11-15 23:34:53 ----A---- C:\windows\SYSWOW64\url.dll
2012-11-15 23:34:53 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-11-15 23:34:53 ----A---- C:\windows\system32\url.dll
2012-11-15 23:34:53 ----A---- C:\windows\system32\ieUnatt.exe
2012-11-15 23:34:52 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-11-15 23:34:52 ----A---- C:\windows\system32\urlmon.dll
2012-11-15 23:34:51 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-11-15 23:34:51 ----A---- C:\windows\system32\msfeeds.dll
2012-11-15 23:34:51 ----A---- C:\windows\system32\jscript9.dll
2012-11-15 23:34:50 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-11-15 23:34:49 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-11-15 23:34:49 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\wininet.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\vbscript.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\jsproxy.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\jscript.dll
2012-11-15 23:34:48 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-11-15 23:34:48 ----A---- C:\windows\system32\iertutil.dll
2012-11-15 23:34:47 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-11-15 23:34:45 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-11-15 23:34:44 ----A---- C:\windows\system32\mshtml.dll
2012-11-15 23:34:43 ----A---- C:\windows\system32\ieframe.dll
2012-11-15 23:34:42 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-11-15 14:20:49 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2012-11-15 14:20:49 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2012-11-15 14:20:46 ----A---- C:\windows\system32\WUDFSvc.dll
2012-11-15 14:20:46 ----A---- C:\windows\system32\WUDFPlatform.dll
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFx.dll
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFHost.exe
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2012-11-15 12:37:57 ----A---- C:\windows\system32\dhcpcore6.dll
2012-11-15 12:37:56 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2012-11-15 12:37:56 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2012-11-15 12:37:56 ----A---- C:\windows\system32\dhcpcsvc6.dll
2012-11-15 12:37:52 ----A---- C:\windows\system32\win32k.sys
2012-11-15 12:37:50 ----A---- C:\windows\system32\ncsi.dll
2012-11-15 12:37:50 ----A---- C:\windows\system32\drivers\tcpip.sys
2012-11-15 12:37:49 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2012-11-15 12:37:49 ----A---- C:\windows\SYSWOW64\ncsi.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\nlasvc.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\netcorehc.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\iphlpsvc.dll
2012-11-15 12:37:48 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2012-11-15 12:37:48 ----A---- C:\windows\SYSWOW64\netevent.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\nlaapi.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\netevent.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2012-11-15 12:37:34 ----A---- C:\windows\SYSWOW64\synceng.dll
2012-11-15 12:37:34 ----A---- C:\windows\system32\synceng.dll
2012-11-09 21:25:33 ----D---- C:\Program Files (x86)\EA SPORTS
2012-11-09 19:12:42 ----D---- C:\Program Files (x86)\Mp3Tube Toolbar
2012-11-09 19:06:04 ----D---- C:\Program Files (x86)\Yontoo
2012-11-09 19:05:50 ----D---- C:\ProgramData\Tarma Installer
2012-11-09 19:03:16 ----D---- C:\Program Files (x86)\SweetIM
2012-11-09 19:00:02 ----D---- C:\Users\HP\AppData\Roaming\Mozilla
2012-11-09 18:59:58 ----D---- C:\Program Files (x86)\TornTV.com
2012-11-09 17:36:28 ----D---- C:\windows\SYSWOW64\searchplugins
2012-11-09 17:36:28 ----D---- C:\windows\SYSWOW64\Extensions
2012-11-09 17:36:24 ----D---- C:\ProgramData\Browser Manager
2012-11-09 17:35:25 ----D---- C:\Users\HP\AppData\Roaming\Babylon
2012-11-09 17:35:25 ----D---- C:\ProgramData\Babylon

======List of files/folders modified in the last 1 month======

2012-12-05 19:03:10 ----D---- C:\windows\Temp
2012-12-05 19:02:51 ----D---- C:\Program Files
2012-12-05 19:01:13 ----SHD---- C:\windows\Installer
2012-12-05 19:01:13 ----SHD---- C:\Config.Msi
2012-12-05 19:00:57 ----SHD---- C:\System Volume Information
2012-12-05 19:00:30 ----HD---- C:\ProgramData
2012-12-05 18:56:50 ----RD---- C:\Program Files (x86)
2012-12-05 18:56:47 ----D---- C:\windows\Prefetch
2012-12-05 18:51:18 ----SD---- C:\ProgramData\Microsoft
2012-12-05 18:51:18 ----D---- C:\Program Files (x86)\Microsoft
2012-12-05 18:48:28 ----D---- C:\windows\system32\Tasks
2012-12-05 18:33:01 ----D---- C:\windows\System32
2012-12-05 18:33:01 ----D---- C:\windows\inf
2012-12-05 18:33:01 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-12-05 16:54:33 ----D---- C:\windows\system32\config
2012-12-05 16:40:46 ----D---- C:\ProgramData\PDFC
2012-12-03 12:04:33 ----D---- C:\Users\HP\AppData\Roaming\SoftGrid Client
2012-12-02 12:38:07 ----D---- C:\windows\rescache
2012-12-01 19:23:26 ----D---- C:\Program Files (x86)\Common Files
2012-11-30 20:40:38 ----D---- C:\windows\system32\catroot2
2012-11-30 08:32:16 ----D---- C:\windows\winsxs
2012-11-30 08:31:16 ----D---- C:\windows\AppPatch
2012-11-30 08:31:12 ----D---- C:\Windows
2012-11-30 01:55:12 ----D---- C:\windows\SysWOW64
2012-11-30 01:53:29 ----A---- C:\windows\win.ini
2012-11-29 10:12:37 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2012-11-29 10:03:55 ----D---- C:\windows\system32\catroot
2012-11-28 22:56:12 ----D---- C:\Users\HP\AppData\Roaming\Skype
2012-11-28 22:46:31 ----D---- C:\windows\system32\drivers
2012-11-28 22:46:29 ----D---- C:\windows\system32\drivers\UMDF
2012-11-25 11:57:57 ----D---- C:\windows\Microsoft.NET
2012-11-25 11:57:31 ----RSD---- C:\windows\assembly
2012-11-25 11:15:27 ----RSD---- C:\windows\Fonts
2012-11-25 11:15:17 ----D---- C:\windows\ShellNew
2012-11-25 11:14:21 ----D---- C:\Program Files (x86)\Microsoft Office
2012-11-25 11:14:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-11-24 19:21:53 ----D---- C:\windows\Tasks
2012-11-24 19:20:33 ----D---- C:\windows\Help
2012-11-24 19:18:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-24 19:16:41 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-11-24 19:09:08 ----D---- C:\swsetup
2012-11-24 13:44:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-19 19:43:56 ----D---- C:\windows\Panther
2012-11-19 19:43:48 ----D---- C:\windows\Logs
2012-11-19 19:43:47 ----D---- C:\windows\debug
2012-11-16 11:04:27 ----D---- C:\ProgramData\WinZip
2012-11-16 07:32:32 ----D---- C:\windows\SYSWOW64\en-US
2012-11-16 07:32:31 ----D---- C:\windows\system32\wbem
2012-11-16 07:32:31 ----D---- C:\windows\system32\en-US
2012-11-16 07:32:31 ----D---- C:\windows\system32\drivers\en-US
2012-11-16 07:32:29 ----D---- C:\windows\SYSWOW64\migration
2012-11-16 07:32:29 ----D---- C:\windows\system32\migration
2012-11-16 07:32:29 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-16 07:32:28 ----D---- C:\Program Files\Internet Explorer
2012-11-15 23:32:33 ----A---- C:\windows\system32\MRT.exe
2012-11-15 21:48:18 ----D---- C:\windows\system32\sk-SK
2012-11-15 10:23:13 ----D---- C:\windows\system32\drivers\etc
2012-11-09 19:22:31 ----D---- C:\windows\Resources

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-02-28 29976]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-05-24 158280]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [2010-08-09 945200]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-08-13 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110323.001\IDSvia64.sys [2011-03-23 476792]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-02-28 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 9263104]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 300544]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-22 2727424]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-10 29344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-03-08 174680]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2011-04-08 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\windows\system32\DRIVERS\stwrt64.sys [2012-07-11 535040]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2012-04-19 174200]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-05-12 425232]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-10 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-10 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-10 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-10 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-10 154272]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-10 281760]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-09 64312]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\ENG64.SYS [2010-08-13 117808]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\EX64.SYS [2010-08-13 1791536]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [2011-03-31 744568]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2012-07-11 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-05-25 204288]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-11-28 793600]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-10 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-05-10 80032]
R2 Browser Manager;Browser Manager; C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [2012-11-12 2402840]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-05-19 485712]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-09 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-02-28 31000]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-05-24 1318912]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-04-22 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2012-07-11 308736]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11 250808]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-09 464440]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-04-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 05 pro 2012 20:03

Také zdravím!
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

zeroboyko · #3 Příspěvek od **zeroboyko** » 06 pro 2012 13:06

# AdwCleaner v2.011 - Logfile created 12/06/2012 at 13:05:32
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : HP - HP-HP
# Boot Mode : Normal
# Running from : C:\Users\HP\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

Found : Application Updater
Found : Browser Manager

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\Common Files\spigot
Folder Found : C:\Program Files (x86)\Complitly
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\incredibar.com
Folder Found : C:\Program Files (x86)\Mp3Tube Toolbar
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\Program Files (x86)\Yontoo
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\HP\AppData\Local\APN
Folder Found : C:\Users\HP\AppData\Local\Conduit
Folder Found : C:\Users\HP\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\HP\AppData\LocalLow\Conduit
Folder Found : C:\Users\HP\AppData\LocalLow\Search Settings
Folder Found : C:\Users\HP\AppData\Roaming\Babylon
Folder Found : C:\Users\HP\AppData\Roaming\Complitly
Folder Found : C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\25911~1.18\{c16c1~1\mngr.dll
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Complitly
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Iminent
Key Found : HKLM\Software\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\Software\Mp3Tube
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Homepage Protection Service
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IspAssistant-Mp3Tube
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mp3Tube Toolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-1173708772-296913588-2900899520-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\S-1-5-21-1173708772-296913588-2900899520-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKU\S-1-5-21-1173708772-296913588-2900899520-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D0F4A166-B8D4-48b8-9D63-80849FE137CB}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://eu.ask.com/?l=dis&o=APN10374&gct=hp
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10039&st=12&barid={C4A9285A-2A97-11E2-B8FF-101F74F24ED5}

-\\ Google Chrome v23.0.1271.95

File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.9] : homepage = "hxxp://www.ask.com/?l=dis&o=APN10374cr&gct=hp",
Found [l.13] : urls_to_restore_on_startup = [ "hxxp://mystart.incredibar.com/mb133?a=6OyzrmhgVR&i=26" ]
Found [l.1909] : homepage = "hxxp://www.ask.com/?l=dis&o=APN10374cr&gct=hp",
Found [l.2289] : urls_to_restore_on_startup = [ "hxxp://mystart.incredibar.com/mb133?a=6OyzrmhgVR&i=26" ]

*************************

AdwCleaner[R1].txt - [18759 octets] - [06/12/2012 13:05:32]

########## EOF - C:\AdwCleaner[R1].txt - [18820 octets] ##########

#4 Příspěvek od **Rudy** » 06 pro 2012 19:10

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

zeroboyko · #5 Příspěvek od **zeroboyko** » 09 pro 2012 21:22

# AdwCleaner v2.011 - Logfile created 12/09/2012 at 21:19:29
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : HP - HP-HP
# Boot Mode : Normal
# Running from : C:\Users\HP\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : Application Updater
Stopped & Deleted : Browser Manager

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
File Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
File Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage-journal
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\Complitly
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\incredibar.com
Folder Deleted : C:\Program Files (x86)\Mp3Tube Toolbar
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\HP\AppData\Local\APN
Folder Deleted : C:\Users\HP\AppData\Local\Conduit
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Folder Deleted : C:\Users\HP\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\HP\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\HP\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\HP\AppData\Roaming\Babylon
Folder Deleted : C:\Users\HP\AppData\Roaming\Complitly

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\Mp3Tube
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Homepage Protection Service
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IspAssistant-Mp3Tube
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mp3Tube Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://eu.ask.com/?l=dis&o=APN10374&gct=hp --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10039&st=12&barid={C4A9285A-2A97-11E2-B8FF-101F74F24ED5} --> hxxp://www.google.com

-\\ Google Chrome v23.0.1271.95

File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [37670 octets] - [06/12/2012 13:05:32]
AdwCleaner[R2].txt - [18841 octets] - [09/12/2012 21:19:10]
AdwCleaner[S1].txt - [18886 octets] - [09/12/2012 21:19:29]

########## EOF - C:\AdwCleaner[S1].txt - [18947 octets] ##########

#6 Příspěvek od **Rudy** » 09 pro 2012 21:37

Dejte nový log RSIT.

zeroboyko · #7 Příspěvek od **zeroboyko** » 09 pro 2012 21:46

Logfile of random's system information tool 1.09 (written by random/random)
Run by HP at 2012-12-09 21:45:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 505 GB (86%) free of 589 GB
Total RAM: 3552 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:45:39, on 9. 12. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\ProgramData\HP Photo Creations\MessageCheck.exe
C:\Program Files\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: NHL® 09 Registration.lnk = C:\Program Files (x86)\EA SPORTS\NHL 09\Support\EAregister.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 14154 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
C:\windows\system32\WLANExt.exe 27938000
\??\C:\windows\system32\conhost.exe "-15426382171340245917-948884353968700133-6217022072049592510-658573217-693810766
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /c /a /s UserSession
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3464
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe" /i
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4744.1.1745761554\1125648764" --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9647 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.836.1.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/4/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="4744.3.825419555\1586351467" /prefetch:3
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4744.4.20737242\1507717585" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
-Minimized
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh" /REGPLUGIN
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
taskeng.exe {8A2AD38F-6833-4272-B527-6A9FCA919BC2}
taskeng.exe {2BD12394-B12C-465B-8E23-23352B031A5B}
"C:\ProgramData\HP Photo Creations\MessageCheck.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\HP\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1173708772-296913588-2900899520-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1173708772-296913588-2900899520-1001UA.job
C:\windows\tasks\HP Photo Creations Communicator.job
C:\windows\tasks\HPCeeScheduleForHP.job
C:\windows\tasks\hpwebreg_CN2271P00D05QT.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-05-10 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-05-10 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-05-10 379552]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-05-24 200704]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-07-15 14904]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-07-11 1424896]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-12 2887440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-19 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-09 12277248]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-26 336384]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]
"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2012-12-07 169528]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-08-11 658424]

C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NHL® 09 Registration.lnk - C:\Program Files (x86)\EA SPORTS\NHL 09\Support\EAregister.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-12-09 21:19:29 ----A---- C:\AdwCleaner[S1].txt
2012-12-09 21:19:10 ----A---- C:\AdwCleaner[R2].txt
2012-12-07 23:30:13 ----A---- C:\windows\SYSWOW64\msvcr100.dll
2012-12-07 23:30:12 ----A---- C:\windows\SYSWOW64\msvcp100.dll
2012-12-07 13:15:49 ----A---- C:\windows\system32\SET5E57.tmp
2012-12-07 13:15:49 ----A---- C:\windows\system32\drivers\SynTP.sys
2012-12-05 19:02:51 ----D---- C:\rsit
2012-12-05 19:02:51 ----D---- C:\Program Files\trend micro
2012-12-01 19:23:26 ----D---- C:\Program Files (x86)\YTD Toolbar
2012-11-24 19:45:00 ----A---- C:\windows\SYSWOW64\shoB6A.tmp
2012-11-24 19:11:25 ----D---- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2012-11-24 13:45:03 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-11-24 13:43:59 ----D---- C:\ProgramData\Microsoft Help
2012-11-24 13:43:41 ----RHD---- C:\MSOCache
2012-11-19 19:42:29 ----D---- C:\Program Files\CCleaner
2012-11-18 23:26:41 ----A---- C:\windows\SYSWOW64\XAudio2_7.dll
2012-11-18 23:26:41 ----A---- C:\windows\SYSWOW64\XAPOFX1_5.dll
2012-11-18 23:26:41 ----A---- C:\windows\system32\XAudio2_7.dll
2012-11-18 23:26:41 ----A---- C:\windows\system32\XAPOFX1_5.dll
2012-11-18 23:26:40 ----A---- C:\windows\SYSWOW64\xactengine3_7.dll
2012-11-18 23:26:40 ----A---- C:\windows\system32\xactengine3_7.dll
2012-11-18 23:26:39 ----A---- C:\windows\SYSWOW64\d3dcsx_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\SYSWOW64\D3DCompiler_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\system32\d3dcsx_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\system32\D3DCompiler_43.dll
2012-11-18 23:26:38 ----A---- C:\windows\SYSWOW64\d3dx11_43.dll
2012-11-18 23:26:38 ----A---- C:\windows\system32\d3dx11_43.dll
2012-11-18 23:26:37 ----A---- C:\windows\SYSWOW64\d3dx10_43.dll
2012-11-18 23:26:37 ----A---- C:\windows\system32\d3dx10_43.dll
2012-11-18 23:26:36 ----A---- C:\windows\SYSWOW64\D3DX9_43.dll
2012-11-18 23:26:36 ----A---- C:\windows\system32\D3DX9_43.dll
2012-11-18 23:26:35 ----A---- C:\windows\SYSWOW64\XAudio2_6.dll
2012-11-18 23:26:35 ----A---- C:\windows\SYSWOW64\XAPOFX1_4.dll
2012-11-18 23:26:35 ----A---- C:\windows\system32\XAudio2_6.dll
2012-11-18 23:26:35 ----A---- C:\windows\system32\XAPOFX1_4.dll
2012-11-18 23:26:34 ----A---- C:\windows\SYSWOW64\xactengine3_6.dll
2012-11-18 23:26:34 ----A---- C:\windows\system32\xactengine3_6.dll
2012-11-18 23:26:33 ----A---- C:\windows\SYSWOW64\X3DAudio1_7.dll
2012-11-18 23:26:33 ----A---- C:\windows\system32\X3DAudio1_7.dll
2012-11-18 23:26:31 ----A---- C:\windows\system32\XAudio2_5.dll
2012-11-18 23:26:30 ----A---- C:\windows\SYSWOW64\xactengine3_5.dll
2012-11-18 23:26:30 ----A---- C:\windows\system32\xactengine3_5.dll
2012-11-18 23:26:29 ----A---- C:\windows\SYSWOW64\D3DCompiler_42.dll
2012-11-18 23:26:29 ----A---- C:\windows\system32\D3DCompiler_42.dll
2012-11-18 23:26:28 ----A---- C:\windows\SYSWOW64\d3dcsx_42.dll
2012-11-18 23:26:28 ----A---- C:\windows\system32\d3dcsx_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\SYSWOW64\D3DX9_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\SYSWOW64\d3dx11_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\system32\D3DX9_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\system32\d3dx11_42.dll
2012-11-18 23:26:26 ----A---- C:\windows\system32\d3dx10_41.dll
2012-11-18 23:26:26 ----A---- C:\windows\system32\D3DCompiler_41.dll
2012-11-18 23:26:25 ----A---- C:\windows\SYSWOW64\D3DX9_41.dll
2012-11-18 23:26:25 ----A---- C:\windows\system32\D3DX9_41.dll
2012-11-18 23:26:23 ----A---- C:\windows\SYSWOW64\XAudio2_4.dll
2012-11-18 23:26:23 ----A---- C:\windows\system32\XAudio2_4.dll
2012-11-18 23:26:23 ----A---- C:\windows\system32\XAPOFX1_3.dll
2012-11-18 23:26:22 ----A---- C:\windows\SYSWOW64\xactengine3_4.dll
2012-11-18 23:26:22 ----A---- C:\windows\system32\xactengine3_4.dll
2012-11-18 23:26:21 ----A---- C:\windows\SYSWOW64\X3DAudio1_6.dll
2012-11-18 23:26:21 ----A---- C:\windows\system32\X3DAudio1_6.dll
2012-11-18 23:26:20 ----A---- C:\windows\SYSWOW64\d3dx10_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\SYSWOW64\D3DCompiler_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\system32\d3dx10_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\system32\D3DCompiler_40.dll
2012-11-18 23:26:19 ----A---- C:\windows\SYSWOW64\D3DX9_40.dll
2012-11-18 23:26:19 ----A---- C:\windows\system32\D3DX9_40.dll
2012-11-18 23:26:17 ----A---- C:\windows\SYSWOW64\XAudio2_3.dll
2012-11-18 23:26:17 ----A---- C:\windows\SYSWOW64\XAPOFX1_2.dll
2012-11-18 23:26:17 ----A---- C:\windows\system32\XAudio2_3.dll
2012-11-18 23:26:17 ----A---- C:\windows\system32\XAPOFX1_2.dll
2012-11-18 23:26:16 ----A---- C:\windows\SYSWOW64\xactengine3_3.dll
2012-11-18 23:26:16 ----A---- C:\windows\system32\xactengine3_3.dll
2012-11-18 23:26:15 ----A---- C:\windows\SYSWOW64\X3DAudio1_5.dll
2012-11-18 23:26:15 ----A---- C:\windows\system32\X3DAudio1_5.dll
2012-11-18 23:26:13 ----A---- C:\windows\SYSWOW64\XAudio2_2.dll
2012-11-18 23:26:13 ----A---- C:\windows\SYSWOW64\XAPOFX1_1.dll
2012-11-18 23:26:13 ----A---- C:\windows\system32\XAudio2_2.dll
2012-11-18 23:26:13 ----A---- C:\windows\system32\XAPOFX1_1.dll
2012-11-18 23:26:12 ----A---- C:\windows\SYSWOW64\xactengine3_2.dll
2012-11-18 23:26:12 ----A---- C:\windows\system32\xactengine3_2.dll
2012-11-18 23:26:10 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\system32\d3dx10_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\system32\D3DCompiler_39.dll
2012-11-18 23:26:08 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2012-11-18 23:26:08 ----A---- C:\windows\system32\D3DX9_39.dll
2012-11-18 23:24:29 ----HD---- C:\windows\msdownld.tmp
2012-11-18 23:24:20 ----D---- C:\windows\SYSWOW64\directx
2012-11-18 22:25:55 ----D---- C:\Program Files (x86)\Mafia II Kompletní Edice
2012-11-18 15:00:35 ----D---- C:\windows\CheckSur
2012-11-16 11:23:12 ----D---- C:\Users\HP\AppData\Roaming\Leadertech
2012-11-16 11:19:14 ----A---- C:\windows\SYSWOW64\XAPOFX1_0.dll
2012-11-16 11:19:14 ----A---- C:\windows\system32\XAPOFX1_0.dll
2012-11-16 11:19:13 ----A---- C:\windows\SYSWOW64\XAudio2_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\SYSWOW64\xactengine3_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\system32\XAudio2_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\system32\xactengine3_1.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\X3DAudio1_4.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\d3dx10_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\D3DCompiler_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\X3DAudio1_4.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\d3dx10_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\D3DCompiler_38.dll
2012-11-16 11:19:11 ----A---- C:\windows\SYSWOW64\D3DX9_38.dll
2012-11-16 11:19:11 ----A---- C:\windows\system32\D3DX9_38.dll
2012-11-16 11:19:10 ----A---- C:\windows\SYSWOW64\XAudio2_0.dll
2012-11-16 11:19:10 ----A---- C:\windows\system32\XAudio2_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\SYSWOW64\xactengine3_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\SYSWOW64\X3DAudio1_3.dll
2012-11-16 11:19:09 ----A---- C:\windows\system32\xactengine3_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\system32\X3DAudio1_3.dll
2012-11-16 11:19:08 ----A---- C:\windows\SYSWOW64\d3dx10_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\SYSWOW64\D3DCompiler_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\system32\d3dx10_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\system32\D3DCompiler_37.dll
2012-11-16 11:19:07 ----A---- C:\windows\SYSWOW64\D3DX9_37.dll
2012-11-16 11:19:07 ----A---- C:\windows\system32\D3DX9_37.dll
2012-11-16 11:19:06 ----A---- C:\windows\SYSWOW64\xactengine2_10.dll
2012-11-16 11:19:06 ----A---- C:\windows\system32\xactengine2_10.dll
2012-11-16 11:19:05 ----A---- C:\windows\SYSWOW64\d3dx10_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\SYSWOW64\D3DCompiler_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\system32\d3dx10_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\system32\D3DCompiler_36.dll
2012-11-16 11:19:04 ----A---- C:\windows\SYSWOW64\d3dx9_36.dll
2012-11-16 11:19:04 ----A---- C:\windows\system32\d3dx9_36.dll
2012-11-16 11:19:03 ----A---- C:\windows\SYSWOW64\xactengine2_9.dll
2012-11-16 11:19:03 ----A---- C:\windows\system32\xactengine2_9.dll
2012-11-16 11:19:02 ----A---- C:\windows\SYSWOW64\d3dx10_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\SYSWOW64\D3DCompiler_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\system32\d3dx10_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\system32\D3DCompiler_35.dll
2012-11-16 11:19:01 ----A---- C:\windows\SYSWOW64\d3dx9_35.dll
2012-11-16 11:19:01 ----A---- C:\windows\system32\d3dx9_35.dll
2012-11-16 11:19:00 ----A---- C:\windows\SYSWOW64\xactengine2_8.dll
2012-11-16 11:19:00 ----A---- C:\windows\SYSWOW64\X3DAudio1_2.dll
2012-11-16 11:19:00 ----A---- C:\windows\system32\xactengine2_8.dll
2012-11-16 11:19:00 ----A---- C:\windows\system32\X3DAudio1_2.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\d3dx9_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\d3dx10_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\D3DCompiler_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\d3dx9_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\d3dx10_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\D3DCompiler_34.dll
2012-11-16 11:18:58 ----A---- C:\windows\SYSWOW64\xinput1_3.dll
2012-11-16 11:18:58 ----A---- C:\windows\system32\xinput1_3.dll
2012-11-16 11:18:57 ----A---- C:\windows\SYSWOW64\xactengine2_7.dll
2012-11-16 11:18:57 ----A---- C:\windows\system32\xactengine2_7.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\d3dx9_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\d3dx10_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\D3DCompiler_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\d3dx9_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\d3dx10_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\D3DCompiler_33.dll
2012-11-16 11:18:55 ----A---- C:\windows\SYSWOW64\xactengine2_6.dll
2012-11-16 11:18:55 ----A---- C:\windows\system32\xactengine2_6.dll
2012-11-16 11:18:53 ----A---- C:\windows\SYSWOW64\xactengine2_5.dll
2012-11-16 11:18:53 ----A---- C:\windows\SYSWOW64\d3dx10.dll
2012-11-16 11:18:53 ----A---- C:\windows\system32\xactengine2_5.dll
2012-11-16 11:18:53 ----A---- C:\windows\system32\d3dx10.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\xactengine2_4.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\x3daudio1_1.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\d3dx9_31.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\xactengine2_4.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\x3daudio1_1.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\d3dx9_31.dll
2012-11-16 11:18:49 ----A---- C:\windows\SYSWOW64\xactengine2_3.dll
2012-11-16 11:18:49 ----A---- C:\windows\system32\xactengine2_3.dll
2012-11-16 11:18:48 ----A---- C:\windows\SYSWOW64\xinput1_2.dll
2012-11-16 11:18:48 ----A---- C:\windows\system32\xinput1_2.dll
2012-11-16 11:18:47 ----A---- C:\windows\SYSWOW64\xinput1_1.dll
2012-11-16 11:18:47 ----A---- C:\windows\SYSWOW64\xactengine2_2.dll
2012-11-16 11:18:47 ----A---- C:\windows\system32\xinput1_1.dll
2012-11-16 11:18:47 ----A---- C:\windows\system32\xactengine2_2.dll
2012-11-16 11:18:46 ----A---- C:\windows\SYSWOW64\xactengine2_1.dll
2012-11-16 11:18:46 ----A---- C:\windows\system32\xactengine2_1.dll
2012-11-16 11:18:38 ----A---- C:\windows\SYSWOW64\d3dx9_30.dll
2012-11-16 11:18:38 ----A---- C:\windows\system32\d3dx9_30.dll
2012-11-16 11:18:37 ----A---- C:\windows\SYSWOW64\xactengine2_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\SYSWOW64\x3daudio1_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\system32\xactengine2_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\system32\x3daudio1_0.dll
2012-11-16 11:18:36 ----A---- C:\windows\SYSWOW64\d3dx9_29.dll
2012-11-16 11:18:36 ----A---- C:\windows\system32\d3dx9_29.dll
2012-11-16 11:18:35 ----A---- C:\windows\SYSWOW64\d3dx9_28.dll
2012-11-16 11:18:35 ----A---- C:\windows\system32\d3dx9_28.dll
2012-11-16 11:18:34 ----A---- C:\windows\SYSWOW64\d3dx9_27.dll
2012-11-16 11:18:34 ----A---- C:\windows\SYSWOW64\d3dx9_26.dll
2012-11-16 11:18:34 ----A---- C:\windows\system32\d3dx9_27.dll
2012-11-16 11:18:34 ----A---- C:\windows\system32\d3dx9_26.dll
2012-11-16 11:18:33 ----A---- C:\windows\SYSWOW64\d3dx9_25.dll
2012-11-16 11:18:33 ----A---- C:\windows\system32\d3dx9_25.dll
2012-11-16 11:18:32 ----A---- C:\windows\SYSWOW64\d3dx9_24.dll
2012-11-16 11:18:32 ----A---- C:\windows\system32\d3dx9_24.dll
2012-11-16 08:03:18 ----D---- C:\Program Files (x86)\uTorrent
2012-11-16 08:02:08 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2012-11-15 23:41:43 ----A---- C:\windows\system32\Wdfres.dll
2012-11-15 23:41:43 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2012-11-15 23:41:43 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2012-11-15 23:34:56 ----A---- C:\windows\system32\mshtmled.dll
2012-11-15 23:34:55 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-11-15 23:34:54 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-11-15 23:34:54 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-11-15 23:34:54 ----A---- C:\windows\system32\ieui.dll
2012-11-15 23:34:53 ----A---- C:\windows\SYSWOW64\url.dll
2012-11-15 23:34:53 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-11-15 23:34:53 ----A---- C:\windows\system32\url.dll
2012-11-15 23:34:53 ----A---- C:\windows\system32\ieUnatt.exe
2012-11-15 23:34:52 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-11-15 23:34:52 ----A---- C:\windows\system32\urlmon.dll
2012-11-15 23:34:51 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-11-15 23:34:51 ----A---- C:\windows\system32\msfeeds.dll
2012-11-15 23:34:51 ----A---- C:\windows\system32\jscript9.dll
2012-11-15 23:34:50 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-11-15 23:34:49 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-11-15 23:34:49 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\wininet.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\vbscript.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\jsproxy.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\jscript.dll
2012-11-15 23:34:48 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-11-15 23:34:48 ----A---- C:\windows\system32\iertutil.dll
2012-11-15 23:34:47 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-11-15 23:34:45 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-11-15 23:34:44 ----A---- C:\windows\system32\mshtml.dll
2012-11-15 23:34:43 ----A---- C:\windows\system32\ieframe.dll
2012-11-15 23:34:42 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-11-15 14:20:49 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2012-11-15 14:20:49 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2012-11-15 14:20:46 ----A---- C:\windows\system32\WUDFSvc.dll
2012-11-15 14:20:46 ----A---- C:\windows\system32\WUDFPlatform.dll
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFx.dll
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFHost.exe
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2012-11-15 12:37:57 ----A---- C:\windows\system32\dhcpcore6.dll
2012-11-15 12:37:56 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2012-11-15 12:37:56 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2012-11-15 12:37:56 ----A---- C:\windows\system32\dhcpcsvc6.dll
2012-11-15 12:37:52 ----A---- C:\windows\system32\win32k.sys
2012-11-15 12:37:50 ----A---- C:\windows\system32\ncsi.dll
2012-11-15 12:37:50 ----A---- C:\windows\system32\drivers\tcpip.sys
2012-11-15 12:37:49 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2012-11-15 12:37:49 ----A---- C:\windows\SYSWOW64\ncsi.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\nlasvc.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\netcorehc.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\iphlpsvc.dll
2012-11-15 12:37:48 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2012-11-15 12:37:48 ----A---- C:\windows\SYSWOW64\netevent.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\nlaapi.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\netevent.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2012-11-15 12:37:34 ----A---- C:\windows\SYSWOW64\synceng.dll
2012-11-15 12:37:34 ----A---- C:\windows\system32\synceng.dll

======List of files/folders modified in the last 1 month======

2012-12-09 21:45:40 ----D---- C:\windows\Prefetch
2012-12-09 21:45:21 ----D---- C:\windows\Temp
2012-12-09 21:32:00 ----D---- C:\windows\system32\config
2012-12-09 21:26:52 ----D---- C:\windows\System32
2012-12-09 21:26:52 ----D---- C:\windows\inf
2012-12-09 21:26:52 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-12-09 21:21:59 ----D---- C:\Windows
2012-12-09 21:21:57 ----D---- C:\ProgramData\PDFC
2012-12-09 21:19:32 ----RD---- C:\Program Files (x86)
2012-12-09 21:19:32 ----D---- C:\Program Files (x86)\Common Files
2012-12-09 21:19:31 ----HD---- C:\ProgramData
2012-12-09 21:17:01 ----D---- C:\windows\system32\Tasks
2012-12-09 16:57:03 ----D---- C:\Users\HP\AppData\Roaming\Skype
2012-12-08 15:29:47 ----D---- C:\windows\system32\catroot
2012-12-08 00:08:02 ----SHD---- C:\System Volume Information
2012-12-07 23:48:36 ----D---- C:\Program Files (x86)\PDF Complete
2012-12-07 23:47:54 ----D---- C:\swsetup
2012-12-07 23:43:05 ----SHD---- C:\windows\Installer
2012-12-07 23:43:02 ----SHD---- C:\Config.Msi
2012-12-07 23:38:24 ----D---- C:\windows\SysWOW64
2012-12-07 23:38:24 ----D---- C:\Users\HP\AppData\Roaming\hpqLog
2012-12-07 23:37:09 ----D---- C:\Users\HP\AppData\Roaming\Hewlett-Packard
2012-12-07 23:37:09 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-12-07 22:03:58 ----D---- C:\windows\system32\drivers
2012-12-07 22:03:55 ----D---- C:\windows\system32\DriverStore
2012-12-07 22:03:40 ----D---- C:\windows\system32\catroot2
2012-12-07 22:02:46 ----A---- C:\windows\SYSWOW64\sigfile.exe
2012-12-07 21:18:59 ----D---- C:\windows\Tasks
2012-12-07 21:18:59 ----D---- C:\windows\system32\wfp
2012-12-07 21:18:59 ----D---- C:\windows\system32\wbem
2012-12-07 21:18:59 ----D---- C:\windows\system32\drivers\UMDF
2012-12-07 21:18:59 ----D---- C:\windows\system32\drivers\etc
2012-12-07 21:18:57 ----D---- C:\windows\system32\CodeIntegrity
2012-12-07 21:18:56 ----D---- C:\ProgramData\Norton
2012-12-07 21:18:54 ----D---- C:\windows\registration
2012-12-07 17:23:36 ----D---- C:\ProgramData\Browser Manager
2012-12-07 16:04:37 ----D---- C:\Users\HP\AppData\Roaming\SoftGrid Client
2012-12-07 13:14:38 ----A---- C:\windows\system32\SynCOM.dll
2012-12-07 12:24:33 ----D---- C:\windows\SoftwareDistribution
2012-12-05 18:51:18 ----SD---- C:\ProgramData\Microsoft
2012-12-05 18:51:18 ----D---- C:\Program Files (x86)\Microsoft
2012-12-02 12:38:07 ----D---- C:\windows\rescache
2012-11-30 08:32:16 ----D---- C:\windows\winsxs
2012-11-30 08:31:16 ----D---- C:\windows\AppPatch
2012-11-30 01:53:29 ----A---- C:\windows\win.ini
2012-11-29 10:12:37 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2012-11-25 11:57:57 ----D---- C:\windows\Microsoft.NET
2012-11-25 11:57:31 ----RSD---- C:\windows\assembly
2012-11-25 11:15:27 ----RSD---- C:\windows\Fonts
2012-11-25 11:15:17 ----D---- C:\windows\ShellNew
2012-11-25 11:14:21 ----D---- C:\Program Files (x86)\Microsoft Office
2012-11-25 11:14:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-11-24 19:20:33 ----D---- C:\windows\Help
2012-11-24 19:18:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-24 13:44:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-19 19:43:56 ----D---- C:\windows\Panther
2012-11-19 19:43:48 ----D---- C:\windows\Logs
2012-11-19 19:43:47 ----D---- C:\windows\debug
2012-11-19 19:42:29 ----D---- C:\Program Files
2012-11-16 11:19:15 ----D---- C:\Program Files (x86)\EA SPORTS
2012-11-16 11:04:27 ----D---- C:\ProgramData\WinZip
2012-11-16 07:32:32 ----D---- C:\windows\SYSWOW64\en-US
2012-11-16 07:32:31 ----D---- C:\windows\system32\en-US
2012-11-16 07:32:31 ----D---- C:\windows\system32\drivers\en-US
2012-11-16 07:32:29 ----D---- C:\windows\SYSWOW64\migration
2012-11-16 07:32:29 ----D---- C:\windows\system32\migration
2012-11-16 07:32:29 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-16 07:32:28 ----D---- C:\Program Files\Internet Explorer
2012-11-15 23:32:33 ----A---- C:\windows\system32\MRT.exe
2012-11-15 21:48:18 ----D---- C:\windows\system32\sk-SK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-02-28 29976]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-05-24 158280]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [2010-08-09 945200]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-08-13 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110323.001\IDSvia64.sys [2011-03-23 476792]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-02-28 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 9263104]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 300544]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-22 2727424]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-10 29344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-03-08 174680]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-10-03 1864328]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\windows\system32\DRIVERS\stwrt64.sys [2012-07-11 535040]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2012-04-19 174200]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-12-07 448312]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-10 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-10 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-10 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-10 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-10 154272]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-10 281760]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-09 64312]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\ENG64.SYS [2010-08-13 117808]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\EX64.SYS [2010-08-13 1791536]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [2011-03-31 744568]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2012-07-11 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-05-25 204288]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-10 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-05-10 80032]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-05-19 485712]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-09 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-02-28 31000]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-05-24 1318912]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2012-07-11 308736]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11 250808]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-09 464440]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-04-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 09 pro 2012 22:50

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1173708772-296913588-2900899520-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1173708772-296913588-2900899520-1001UA.job
C:\windows\system32\SET5E57.tmp
C:\Program Files (x86)\YTD Toolbar
C:\windows\SYSWOW64\shoB6A.tmp
C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

zeroboyko · #9 Příspěvek od **zeroboyko** » 10 pro 2012 12:50

Logfile of random's system information tool 1.09 (written by random/random)
Run by HP at 2012-12-10 12:48:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 505 GB (86%) free of 589 GB
Total RAM: 3552 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:48:17, on 10. 12. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPUsageTrack.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: NHL® 09 Registration.lnk = C:\Program Files (x86)\EA SPORTS\NHL 09\Support\EAregister.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 14149 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 24507936
\??\C:\windows\system32\conhost.exe "-8833699983132448821716479001411439806-606106517-1874385955259483844-1070452529
C:\windows\System32\spoolsv.exe
taskeng.exe {84BB8D3E-ECC4-4118-8F5F-003FA7433AE7}
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /c /a /s UserSession
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3476
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe" /i
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPUsageTrack.exe" -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Users\HP\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\HP Photo Creations Communicator.job
C:\windows\tasks\HPCeeScheduleForHP.job
C:\windows\tasks\hpwebreg_CN2271P00D05QT.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-05-10 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-05-10 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-05-10 379552]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-05-24 200704]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-07-15 14904]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-07-11 1424896]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-12 2887440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-19 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-09 12277248]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-26 336384]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]
"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2012-12-07 169528]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-08-11 658424]

C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NHL® 09 Registration.lnk - C:\Program Files (x86)\EA SPORTS\NHL 09\Support\EAregister.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-12-10 12:41:52 ----D---- C:\_OTM
2012-12-09 21:19:29 ----A---- C:\AdwCleaner[S1].txt
2012-12-09 21:19:10 ----A---- C:\AdwCleaner[R2].txt
2012-12-07 23:30:13 ----A---- C:\windows\SYSWOW64\msvcr100.dll
2012-12-07 23:30:12 ----A---- C:\windows\SYSWOW64\msvcp100.dll
2012-12-07 13:15:49 ----A---- C:\windows\system32\drivers\SynTP.sys
2012-12-05 19:02:51 ----D---- C:\rsit
2012-12-05 19:02:51 ----D---- C:\Program Files\trend micro
2012-11-24 13:45:03 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-11-24 13:43:59 ----D---- C:\ProgramData\Microsoft Help
2012-11-24 13:43:41 ----RHD---- C:\MSOCache
2012-11-19 19:42:29 ----D---- C:\Program Files\CCleaner
2012-11-18 23:26:41 ----A---- C:\windows\SYSWOW64\XAudio2_7.dll
2012-11-18 23:26:41 ----A---- C:\windows\SYSWOW64\XAPOFX1_5.dll
2012-11-18 23:26:41 ----A---- C:\windows\system32\XAudio2_7.dll
2012-11-18 23:26:41 ----A---- C:\windows\system32\XAPOFX1_5.dll
2012-11-18 23:26:40 ----A---- C:\windows\SYSWOW64\xactengine3_7.dll
2012-11-18 23:26:40 ----A---- C:\windows\system32\xactengine3_7.dll
2012-11-18 23:26:39 ----A---- C:\windows\SYSWOW64\d3dcsx_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\SYSWOW64\D3DCompiler_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\system32\d3dcsx_43.dll
2012-11-18 23:26:39 ----A---- C:\windows\system32\D3DCompiler_43.dll
2012-11-18 23:26:38 ----A---- C:\windows\SYSWOW64\d3dx11_43.dll
2012-11-18 23:26:38 ----A---- C:\windows\system32\d3dx11_43.dll
2012-11-18 23:26:37 ----A---- C:\windows\SYSWOW64\d3dx10_43.dll
2012-11-18 23:26:37 ----A---- C:\windows\system32\d3dx10_43.dll
2012-11-18 23:26:36 ----A---- C:\windows\SYSWOW64\D3DX9_43.dll
2012-11-18 23:26:36 ----A---- C:\windows\system32\D3DX9_43.dll
2012-11-18 23:26:35 ----A---- C:\windows\SYSWOW64\XAudio2_6.dll
2012-11-18 23:26:35 ----A---- C:\windows\SYSWOW64\XAPOFX1_4.dll
2012-11-18 23:26:35 ----A---- C:\windows\system32\XAudio2_6.dll
2012-11-18 23:26:35 ----A---- C:\windows\system32\XAPOFX1_4.dll
2012-11-18 23:26:34 ----A---- C:\windows\SYSWOW64\xactengine3_6.dll
2012-11-18 23:26:34 ----A---- C:\windows\system32\xactengine3_6.dll
2012-11-18 23:26:33 ----A---- C:\windows\SYSWOW64\X3DAudio1_7.dll
2012-11-18 23:26:33 ----A---- C:\windows\system32\X3DAudio1_7.dll
2012-11-18 23:26:31 ----A---- C:\windows\system32\XAudio2_5.dll
2012-11-18 23:26:30 ----A---- C:\windows\SYSWOW64\xactengine3_5.dll
2012-11-18 23:26:30 ----A---- C:\windows\system32\xactengine3_5.dll
2012-11-18 23:26:29 ----A---- C:\windows\SYSWOW64\D3DCompiler_42.dll
2012-11-18 23:26:29 ----A---- C:\windows\system32\D3DCompiler_42.dll
2012-11-18 23:26:28 ----A---- C:\windows\SYSWOW64\d3dcsx_42.dll
2012-11-18 23:26:28 ----A---- C:\windows\system32\d3dcsx_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\SYSWOW64\D3DX9_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\SYSWOW64\d3dx11_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\system32\D3DX9_42.dll
2012-11-18 23:26:27 ----A---- C:\windows\system32\d3dx11_42.dll
2012-11-18 23:26:26 ----A---- C:\windows\system32\d3dx10_41.dll
2012-11-18 23:26:26 ----A---- C:\windows\system32\D3DCompiler_41.dll
2012-11-18 23:26:25 ----A---- C:\windows\SYSWOW64\D3DX9_41.dll
2012-11-18 23:26:25 ----A---- C:\windows\system32\D3DX9_41.dll
2012-11-18 23:26:23 ----A---- C:\windows\SYSWOW64\XAudio2_4.dll
2012-11-18 23:26:23 ----A---- C:\windows\system32\XAudio2_4.dll
2012-11-18 23:26:23 ----A---- C:\windows\system32\XAPOFX1_3.dll
2012-11-18 23:26:22 ----A---- C:\windows\SYSWOW64\xactengine3_4.dll
2012-11-18 23:26:22 ----A---- C:\windows\system32\xactengine3_4.dll
2012-11-18 23:26:21 ----A---- C:\windows\SYSWOW64\X3DAudio1_6.dll
2012-11-18 23:26:21 ----A---- C:\windows\system32\X3DAudio1_6.dll
2012-11-18 23:26:20 ----A---- C:\windows\SYSWOW64\d3dx10_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\SYSWOW64\D3DCompiler_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\system32\d3dx10_40.dll
2012-11-18 23:26:20 ----A---- C:\windows\system32\D3DCompiler_40.dll
2012-11-18 23:26:19 ----A---- C:\windows\SYSWOW64\D3DX9_40.dll
2012-11-18 23:26:19 ----A---- C:\windows\system32\D3DX9_40.dll
2012-11-18 23:26:17 ----A---- C:\windows\SYSWOW64\XAudio2_3.dll
2012-11-18 23:26:17 ----A---- C:\windows\SYSWOW64\XAPOFX1_2.dll
2012-11-18 23:26:17 ----A---- C:\windows\system32\XAudio2_3.dll
2012-11-18 23:26:17 ----A---- C:\windows\system32\XAPOFX1_2.dll
2012-11-18 23:26:16 ----A---- C:\windows\SYSWOW64\xactengine3_3.dll
2012-11-18 23:26:16 ----A---- C:\windows\system32\xactengine3_3.dll
2012-11-18 23:26:15 ----A---- C:\windows\SYSWOW64\X3DAudio1_5.dll
2012-11-18 23:26:15 ----A---- C:\windows\system32\X3DAudio1_5.dll
2012-11-18 23:26:13 ----A---- C:\windows\SYSWOW64\XAudio2_2.dll
2012-11-18 23:26:13 ----A---- C:\windows\SYSWOW64\XAPOFX1_1.dll
2012-11-18 23:26:13 ----A---- C:\windows\system32\XAudio2_2.dll
2012-11-18 23:26:13 ----A---- C:\windows\system32\XAPOFX1_1.dll
2012-11-18 23:26:12 ----A---- C:\windows\SYSWOW64\xactengine3_2.dll
2012-11-18 23:26:12 ----A---- C:\windows\system32\xactengine3_2.dll
2012-11-18 23:26:10 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\system32\d3dx10_39.dll
2012-11-18 23:26:10 ----A---- C:\windows\system32\D3DCompiler_39.dll
2012-11-18 23:26:08 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2012-11-18 23:26:08 ----A---- C:\windows\system32\D3DX9_39.dll
2012-11-18 23:24:20 ----D---- C:\windows\SYSWOW64\directx
2012-11-18 22:25:55 ----D---- C:\Program Files (x86)\Mafia II Kompletní Edice
2012-11-18 15:00:35 ----D---- C:\windows\CheckSur
2012-11-16 11:23:12 ----D---- C:\Users\HP\AppData\Roaming\Leadertech
2012-11-16 11:19:14 ----A---- C:\windows\SYSWOW64\XAPOFX1_0.dll
2012-11-16 11:19:14 ----A---- C:\windows\system32\XAPOFX1_0.dll
2012-11-16 11:19:13 ----A---- C:\windows\SYSWOW64\XAudio2_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\SYSWOW64\xactengine3_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\system32\XAudio2_1.dll
2012-11-16 11:19:13 ----A---- C:\windows\system32\xactengine3_1.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\X3DAudio1_4.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\d3dx10_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\SYSWOW64\D3DCompiler_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\X3DAudio1_4.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\d3dx10_38.dll
2012-11-16 11:19:12 ----A---- C:\windows\system32\D3DCompiler_38.dll
2012-11-16 11:19:11 ----A---- C:\windows\SYSWOW64\D3DX9_38.dll
2012-11-16 11:19:11 ----A---- C:\windows\system32\D3DX9_38.dll
2012-11-16 11:19:10 ----A---- C:\windows\SYSWOW64\XAudio2_0.dll
2012-11-16 11:19:10 ----A---- C:\windows\system32\XAudio2_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\SYSWOW64\xactengine3_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\SYSWOW64\X3DAudio1_3.dll
2012-11-16 11:19:09 ----A---- C:\windows\system32\xactengine3_0.dll
2012-11-16 11:19:09 ----A---- C:\windows\system32\X3DAudio1_3.dll
2012-11-16 11:19:08 ----A---- C:\windows\SYSWOW64\d3dx10_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\SYSWOW64\D3DCompiler_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\system32\d3dx10_37.dll
2012-11-16 11:19:08 ----A---- C:\windows\system32\D3DCompiler_37.dll
2012-11-16 11:19:07 ----A---- C:\windows\SYSWOW64\D3DX9_37.dll
2012-11-16 11:19:07 ----A---- C:\windows\system32\D3DX9_37.dll
2012-11-16 11:19:06 ----A---- C:\windows\SYSWOW64\xactengine2_10.dll
2012-11-16 11:19:06 ----A---- C:\windows\system32\xactengine2_10.dll
2012-11-16 11:19:05 ----A---- C:\windows\SYSWOW64\d3dx10_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\SYSWOW64\D3DCompiler_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\system32\d3dx10_36.dll
2012-11-16 11:19:05 ----A---- C:\windows\system32\D3DCompiler_36.dll
2012-11-16 11:19:04 ----A---- C:\windows\SYSWOW64\d3dx9_36.dll
2012-11-16 11:19:04 ----A---- C:\windows\system32\d3dx9_36.dll
2012-11-16 11:19:03 ----A---- C:\windows\SYSWOW64\xactengine2_9.dll
2012-11-16 11:19:03 ----A---- C:\windows\system32\xactengine2_9.dll
2012-11-16 11:19:02 ----A---- C:\windows\SYSWOW64\d3dx10_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\SYSWOW64\D3DCompiler_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\system32\d3dx10_35.dll
2012-11-16 11:19:02 ----A---- C:\windows\system32\D3DCompiler_35.dll
2012-11-16 11:19:01 ----A---- C:\windows\SYSWOW64\d3dx9_35.dll
2012-11-16 11:19:01 ----A---- C:\windows\system32\d3dx9_35.dll
2012-11-16 11:19:00 ----A---- C:\windows\SYSWOW64\xactengine2_8.dll
2012-11-16 11:19:00 ----A---- C:\windows\SYSWOW64\X3DAudio1_2.dll
2012-11-16 11:19:00 ----A---- C:\windows\system32\xactengine2_8.dll
2012-11-16 11:19:00 ----A---- C:\windows\system32\X3DAudio1_2.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\d3dx9_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\d3dx10_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\SYSWOW64\D3DCompiler_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\d3dx9_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\d3dx10_34.dll
2012-11-16 11:18:59 ----A---- C:\windows\system32\D3DCompiler_34.dll
2012-11-16 11:18:58 ----A---- C:\windows\SYSWOW64\xinput1_3.dll
2012-11-16 11:18:58 ----A---- C:\windows\system32\xinput1_3.dll
2012-11-16 11:18:57 ----A---- C:\windows\SYSWOW64\xactengine2_7.dll
2012-11-16 11:18:57 ----A---- C:\windows\system32\xactengine2_7.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\d3dx9_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\d3dx10_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\SYSWOW64\D3DCompiler_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\d3dx9_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\d3dx10_33.dll
2012-11-16 11:18:56 ----A---- C:\windows\system32\D3DCompiler_33.dll
2012-11-16 11:18:55 ----A---- C:\windows\SYSWOW64\xactengine2_6.dll
2012-11-16 11:18:55 ----A---- C:\windows\system32\xactengine2_6.dll
2012-11-16 11:18:53 ----A---- C:\windows\SYSWOW64\xactengine2_5.dll
2012-11-16 11:18:53 ----A---- C:\windows\SYSWOW64\d3dx10.dll
2012-11-16 11:18:53 ----A---- C:\windows\system32\xactengine2_5.dll
2012-11-16 11:18:53 ----A---- C:\windows\system32\d3dx10.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\xactengine2_4.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\x3daudio1_1.dll
2012-11-16 11:18:50 ----A---- C:\windows\SYSWOW64\d3dx9_31.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\xactengine2_4.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\x3daudio1_1.dll
2012-11-16 11:18:50 ----A---- C:\windows\system32\d3dx9_31.dll
2012-11-16 11:18:49 ----A---- C:\windows\SYSWOW64\xactengine2_3.dll
2012-11-16 11:18:49 ----A---- C:\windows\system32\xactengine2_3.dll
2012-11-16 11:18:48 ----A---- C:\windows\SYSWOW64\xinput1_2.dll
2012-11-16 11:18:48 ----A---- C:\windows\system32\xinput1_2.dll
2012-11-16 11:18:47 ----A---- C:\windows\SYSWOW64\xinput1_1.dll
2012-11-16 11:18:47 ----A---- C:\windows\SYSWOW64\xactengine2_2.dll
2012-11-16 11:18:47 ----A---- C:\windows\system32\xinput1_1.dll
2012-11-16 11:18:47 ----A---- C:\windows\system32\xactengine2_2.dll
2012-11-16 11:18:46 ----A---- C:\windows\SYSWOW64\xactengine2_1.dll
2012-11-16 11:18:46 ----A---- C:\windows\system32\xactengine2_1.dll
2012-11-16 11:18:38 ----A---- C:\windows\SYSWOW64\d3dx9_30.dll
2012-11-16 11:18:38 ----A---- C:\windows\system32\d3dx9_30.dll
2012-11-16 11:18:37 ----A---- C:\windows\SYSWOW64\xactengine2_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\SYSWOW64\x3daudio1_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\system32\xactengine2_0.dll
2012-11-16 11:18:37 ----A---- C:\windows\system32\x3daudio1_0.dll
2012-11-16 11:18:36 ----A---- C:\windows\SYSWOW64\d3dx9_29.dll
2012-11-16 11:18:36 ----A---- C:\windows\system32\d3dx9_29.dll
2012-11-16 11:18:35 ----A---- C:\windows\SYSWOW64\d3dx9_28.dll
2012-11-16 11:18:35 ----A---- C:\windows\system32\d3dx9_28.dll
2012-11-16 11:18:34 ----A---- C:\windows\SYSWOW64\d3dx9_27.dll
2012-11-16 11:18:34 ----A---- C:\windows\SYSWOW64\d3dx9_26.dll
2012-11-16 11:18:34 ----A---- C:\windows\system32\d3dx9_27.dll
2012-11-16 11:18:34 ----A---- C:\windows\system32\d3dx9_26.dll
2012-11-16 11:18:33 ----A---- C:\windows\SYSWOW64\d3dx9_25.dll
2012-11-16 11:18:33 ----A---- C:\windows\system32\d3dx9_25.dll
2012-11-16 11:18:32 ----A---- C:\windows\SYSWOW64\d3dx9_24.dll
2012-11-16 11:18:32 ----A---- C:\windows\system32\d3dx9_24.dll
2012-11-16 08:03:18 ----D---- C:\Program Files (x86)\uTorrent
2012-11-16 08:02:08 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2012-11-15 23:41:43 ----A---- C:\windows\system32\Wdfres.dll
2012-11-15 23:41:43 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2012-11-15 23:41:43 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2012-11-15 23:34:56 ----A---- C:\windows\system32\mshtmled.dll
2012-11-15 23:34:55 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-11-15 23:34:54 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-11-15 23:34:54 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-11-15 23:34:54 ----A---- C:\windows\system32\ieui.dll
2012-11-15 23:34:53 ----A---- C:\windows\SYSWOW64\url.dll
2012-11-15 23:34:53 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-11-15 23:34:53 ----A---- C:\windows\system32\url.dll
2012-11-15 23:34:53 ----A---- C:\windows\system32\ieUnatt.exe
2012-11-15 23:34:52 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-11-15 23:34:52 ----A---- C:\windows\system32\urlmon.dll
2012-11-15 23:34:51 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-11-15 23:34:51 ----A---- C:\windows\system32\msfeeds.dll
2012-11-15 23:34:51 ----A---- C:\windows\system32\jscript9.dll
2012-11-15 23:34:50 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-11-15 23:34:49 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-11-15 23:34:49 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\wininet.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\vbscript.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\jsproxy.dll
2012-11-15 23:34:49 ----A---- C:\windows\system32\jscript.dll
2012-11-15 23:34:48 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-11-15 23:34:48 ----A---- C:\windows\system32\iertutil.dll
2012-11-15 23:34:47 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-11-15 23:34:45 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-11-15 23:34:44 ----A---- C:\windows\system32\mshtml.dll
2012-11-15 23:34:43 ----A---- C:\windows\system32\ieframe.dll
2012-11-15 23:34:42 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-11-15 14:20:49 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2012-11-15 14:20:49 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2012-11-15 14:20:46 ----A---- C:\windows\system32\WUDFSvc.dll
2012-11-15 14:20:46 ----A---- C:\windows\system32\WUDFPlatform.dll
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFx.dll
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFHost.exe
2012-11-15 14:20:45 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2012-11-15 12:37:57 ----A---- C:\windows\system32\dhcpcore6.dll
2012-11-15 12:37:56 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2012-11-15 12:37:56 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2012-11-15 12:37:56 ----A---- C:\windows\system32\dhcpcsvc6.dll
2012-11-15 12:37:52 ----A---- C:\windows\system32\win32k.sys
2012-11-15 12:37:50 ----A---- C:\windows\system32\ncsi.dll
2012-11-15 12:37:50 ----A---- C:\windows\system32\drivers\tcpip.sys
2012-11-15 12:37:49 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2012-11-15 12:37:49 ----A---- C:\windows\SYSWOW64\ncsi.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\nlasvc.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\netcorehc.dll
2012-11-15 12:37:49 ----A---- C:\windows\system32\iphlpsvc.dll
2012-11-15 12:37:48 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2012-11-15 12:37:48 ----A---- C:\windows\SYSWOW64\netevent.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\nlaapi.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\netevent.dll
2012-11-15 12:37:48 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2012-11-15 12:37:34 ----A---- C:\windows\SYSWOW64\synceng.dll
2012-11-15 12:37:34 ----A---- C:\windows\system32\synceng.dll

======List of files/folders modified in the last 1 month======

2012-12-10 12:48:17 ----D---- C:\windows\Prefetch
2012-12-10 12:47:46 ----D---- C:\windows\Temp
2012-12-10 12:47:25 ----D---- C:\windows\system32\config
2012-12-10 12:47:25 ----D---- C:\ProgramData\PDFC
2012-12-10 12:42:15 ----D---- C:\windows\SysWOW64
2012-12-10 12:42:15 ----D---- C:\windows\System32
2012-12-10 12:42:15 ----D---- C:\Windows
2012-12-10 12:41:59 ----RD---- C:\Program Files (x86)
2012-12-10 12:41:59 ----HD---- C:\ProgramData
2012-12-10 12:41:58 ----D---- C:\windows\Tasks
2012-12-10 09:39:35 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-12-10 09:39:34 ----D---- C:\windows\inf
2012-12-09 23:56:09 ----D---- C:\windows\system32\Tasks
2012-12-09 21:19:32 ----D---- C:\Program Files (x86)\Common Files
2012-12-09 16:57:03 ----D---- C:\Users\HP\AppData\Roaming\Skype
2012-12-08 15:29:47 ----D---- C:\windows\system32\catroot
2012-12-08 00:08:02 ----SHD---- C:\System Volume Information
2012-12-07 23:48:36 ----D---- C:\Program Files (x86)\PDF Complete
2012-12-07 23:47:54 ----D---- C:\swsetup
2012-12-07 23:43:05 ----SHD---- C:\windows\Installer
2012-12-07 23:43:02 ----SHD---- C:\Config.Msi
2012-12-07 23:38:24 ----D---- C:\Users\HP\AppData\Roaming\hpqLog
2012-12-07 23:37:09 ----D---- C:\Users\HP\AppData\Roaming\Hewlett-Packard
2012-12-07 23:37:09 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-12-07 22:03:58 ----D---- C:\windows\system32\drivers
2012-12-07 22:03:55 ----D---- C:\windows\system32\DriverStore
2012-12-07 22:03:40 ----D---- C:\windows\system32\catroot2
2012-12-07 22:02:46 ----A---- C:\windows\SYSWOW64\sigfile.exe
2012-12-07 21:18:59 ----D---- C:\windows\system32\wfp
2012-12-07 21:18:59 ----D---- C:\windows\system32\wbem
2012-12-07 21:18:59 ----D---- C:\windows\system32\drivers\UMDF
2012-12-07 21:18:59 ----D---- C:\windows\system32\drivers\etc
2012-12-07 21:18:57 ----D---- C:\windows\system32\CodeIntegrity
2012-12-07 21:18:56 ----D---- C:\ProgramData\Norton
2012-12-07 21:18:54 ----D---- C:\windows\registration
2012-12-07 17:23:36 ----D---- C:\ProgramData\Browser Manager
2012-12-07 16:04:37 ----D---- C:\Users\HP\AppData\Roaming\SoftGrid Client
2012-12-07 13:14:38 ----A---- C:\windows\system32\SynCOM.dll
2012-12-07 12:24:33 ----D---- C:\windows\SoftwareDistribution
2012-12-05 18:51:18 ----SD---- C:\ProgramData\Microsoft
2012-12-05 18:51:18 ----D---- C:\Program Files (x86)\Microsoft
2012-12-02 12:38:07 ----D---- C:\windows\rescache
2012-11-30 08:32:16 ----D---- C:\windows\winsxs
2012-11-30 08:31:16 ----D---- C:\windows\AppPatch
2012-11-30 01:53:29 ----A---- C:\windows\win.ini
2012-11-29 10:12:37 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2012-11-25 11:57:57 ----D---- C:\windows\Microsoft.NET
2012-11-25 11:57:31 ----RSD---- C:\windows\assembly
2012-11-25 11:15:27 ----RSD---- C:\windows\Fonts
2012-11-25 11:15:17 ----D---- C:\windows\ShellNew
2012-11-25 11:14:21 ----D---- C:\Program Files (x86)\Microsoft Office
2012-11-25 11:14:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-11-24 19:20:33 ----D---- C:\windows\Help
2012-11-24 19:18:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-24 13:44:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-19 19:43:56 ----D---- C:\windows\Panther
2012-11-19 19:43:48 ----D---- C:\windows\Logs
2012-11-19 19:43:47 ----D---- C:\windows\debug
2012-11-19 19:42:29 ----D---- C:\Program Files
2012-11-16 11:19:15 ----D---- C:\Program Files (x86)\EA SPORTS
2012-11-16 11:04:27 ----D---- C:\ProgramData\WinZip
2012-11-16 07:32:32 ----D---- C:\windows\SYSWOW64\en-US
2012-11-16 07:32:31 ----D---- C:\windows\system32\en-US
2012-11-16 07:32:31 ----D---- C:\windows\system32\drivers\en-US
2012-11-16 07:32:29 ----D---- C:\windows\SYSWOW64\migration
2012-11-16 07:32:29 ----D---- C:\windows\system32\migration
2012-11-16 07:32:29 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-16 07:32:28 ----D---- C:\Program Files\Internet Explorer
2012-11-15 23:32:33 ----A---- C:\windows\system32\MRT.exe
2012-11-15 21:48:18 ----D---- C:\windows\system32\sk-SK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-02-28 29976]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-05-24 158280]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [2010-08-09 945200]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-08-13 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110323.001\IDSvia64.sys [2011-03-23 476792]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-02-28 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 9263104]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 300544]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-22 2727424]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-10 29344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-03-08 174680]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-10-03 1864328]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\windows\system32\DRIVERS\stwrt64.sys [2012-07-11 535040]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2012-04-19 174200]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-12-07 448312]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-10 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-10 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-10 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-10 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-10 154272]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-10 281760]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-09 64312]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\ENG64.SYS [2010-08-13 117808]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\EX64.SYS [2010-08-13 1791536]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [2011-03-31 744568]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2012-07-11 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-05-25 204288]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-10 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-05-10 80032]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-05-19 485712]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-09 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-02-28 31000]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-05-24 1318912]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2012-07-11 308736]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11 250808]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-09 464440]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-04-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#10 Příspěvek od **Rudy** » 10 pro 2012 23:21

Dvouklikem na soubor C:\Program Files\trend micro\HP.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

zeroboyko · #11 Příspěvek od **zeroboyko** » 12 pro 2012 20:45

book už ide rýchlejšie...dakujem...ešte nejake odporučania?

#12 Příspěvek od **Rudy** » 12 pro 2012 21:43

Mělo by to být vše. Nemáte zač!

VIRY.CZ

Pomalý notebook

Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook