Prosím o pomoc. Přikládám log dle návodu:
Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2013-03-01 07:53:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 210 GB (74%) free of 285 GB
Total RAM: 3948 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:53:41, on 1.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\trend micro\admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... e&tid=3196
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... e&tid=3196
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Brrowse2save - {0F5F539C-A546-7826-3B6D-EC083487101F} - C:\ProgramData\Brrowse2save\512e6922e729b.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Blog This in Windows Live - {2adefb8e-b923-35e6-86e2-2b7841f5d2a2} - mscoree.dll (file missing)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [System32] C:\Users\admin\AppData\Roaming\System32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12419 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://search.certified-toolbar.com?si= ... e&tid=3196
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1868.1bb84f00.669584584 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 1868 "\\.\pipe\gecko-crash-server-pipe.1868" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe" --proxy-stub-channel=Flash1232.7308FFC0.8428 --host-broker-channel=Flash1232.7308FFC0.19313 --host-pid=1232 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe" --channel=1520.0067F50C.1939124536 --proxy-stub-channel=Flash1232.7308FFC0.8428 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll" --host-npapi-version=27 --type=renderer
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"c:\PROGRA~1\MICROS~3\msseces.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"C:\Users\admin\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F5F539C-A546-7826-3B6D-EC083487101F}]
Brrowse2save - C:\ProgramData\Brrowse2save\512e6922e729b.dll [2013-02-27 118272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2adefb8e-b923-35e6-86e2-2b7841f5d2a2}]
Blog This in Windows Live - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll [2013-02-01 512408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL [2012-06-21 210400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll [2013-02-01 512408]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-21 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-21 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-21 416024]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-07-29 2280232]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-28 11786344]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]
"Power Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2011-08-02 1831016]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-11-15 968592]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"System32"=C:\Users\admin\AppData\Roaming\System32.exe [2013-02-28 29756]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-12-14 512360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-10 389632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-03-01 07:53:28 ----D---- C:\Program Files\trend micro
2013-03-01 07:53:26 ----D---- C:\rsit
2013-03-01 07:13:00 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-01 07:13:00 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-02-28 21:03:40 ----A---- C:\Windows\ntbtlog.txt
2013-02-28 20:39:33 ----A---- C:\Users\admin\AppData\Roaming\shutd.bat
2013-02-28 20:38:56 ----A---- C:\Users\admin\AppData\Roaming\System32.exe
2013-02-28 19:23:05 ----A---- C:\Windows\system32\MRT.exe
2013-02-28 13:39:41 ----D---- C:\ProgramData\SoftSafe
2013-02-27 22:24:27 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-27 22:24:27 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-27 22:24:27 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 22:24:27 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 22:24:23 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-27 22:24:23 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 22:24:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 22:24:20 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 22:24:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 22:24:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 22:24:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 22:24:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 22:24:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 22:24:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-27 22:24:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-27 22:24:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 22:24:19 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 22:24:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 22:24:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 22:24:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-27 22:24:18 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-27 22:24:18 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-27 22:24:18 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 22:24:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-27 22:24:17 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-27 22:24:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-27 22:24:17 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-27 22:24:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-27 22:24:17 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-27 22:24:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 22:24:17 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 22:24:17 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 22:24:17 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 22:24:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 22:24:17 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 22:24:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-27 22:24:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-27 22:24:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 22:24:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 22:24:16 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 22:24:16 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 22:24:16 ----A---- C:\Windows\system32\d2d1.dll
2013-02-27 22:24:15 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-02-27 22:18:04 ----SHD---- C:\Windows\system32\%APPDATA%
2013-02-27 20:45:14 ----D---- C:\Users\admin\AppData\Roaming\Systweak
2013-02-27 20:45:13 ----A---- C:\Windows\system32\roboot64.exe
2013-02-27 20:44:52 ----D---- C:\Program Files (x86)\BrowseToSave
2013-02-27 20:44:41 ----D---- C:\ProgramData\Brrowse2save
2013-02-27 20:39:51 ----D---- C:\ProgramData\InstallMate
2013-02-26 08:35:23 ----D---- C:\Users\admin\AppData\Roaming\Nero
2013-02-13 20:23:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-13 20:23:48 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-13 20:23:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-13 20:23:46 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-13 20:23:46 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-13 20:23:46 ----A---- C:\Windows\system32\ieui.dll
2013-02-13 20:23:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-13 20:23:45 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-13 20:23:45 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-02-13 20:23:45 ----A---- C:\Windows\system32\urlmon.dll
2013-02-13 20:23:45 ----A---- C:\Windows\system32\url.dll
2013-02-13 20:23:44 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-13 20:23:44 ----A---- C:\Windows\system32\jscript9.dll
2013-02-13 20:23:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-13 20:23:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-13 20:23:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-02-13 20:23:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-13 20:23:42 ----A---- C:\Windows\system32\wininet.dll
2013-02-13 20:23:42 ----A---- C:\Windows\system32\vbscript.dll
2013-02-13 20:23:42 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-13 20:23:42 ----A---- C:\Windows\system32\jscript.dll
2013-02-13 20:23:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-13 20:23:41 ----A---- C:\Windows\system32\iertutil.dll
2013-02-13 20:23:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-13 20:23:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-13 20:23:35 ----A---- C:\Windows\system32\mshtml.dll
2013-02-13 20:23:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-13 20:23:34 ----A---- C:\Windows\system32\ieframe.dll
2013-02-13 19:39:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-13 19:39:57 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-13 19:39:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-13 19:38:33 ----A---- C:\Windows\system32\win32k.sys
2013-02-13 19:37:44 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-13 19:37:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-13 19:37:44 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-13 19:37:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-13 19:37:44 ----A---- C:\Windows\system32\winsrv.dll
2013-02-13 19:37:43 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-13 19:37:11 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-13 19:37:11 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-06 11:29:52 ----D---- C:\Users\admin\AppData\Roaming\WinLive
2013-02-06 11:29:51 ----D---- C:\Users\admin\AppData\Roaming\MCommon
2013-02-06 01:49:06 ----D---- C:\Program Files (x86)\WAVToMP3Converter
2013-02-06 01:46:48 ----D---- C:\Program Files (x86)\RelevantKnowledge
2013-02-06 01:46:24 ----D---- C:\Program Files (x86)\Convert WAV To MP3
======List of files/folders modified in the last 1 months======
2013-03-01 07:53:28 ----RD---- C:\Program Files
2013-03-01 07:53:25 ----D---- C:\Windows\Temp
2013-03-01 07:13:00 ----RD---- C:\Program Files (x86)
2013-03-01 07:13:00 ----D---- C:\Windows\system32\drivers
2013-03-01 06:50:33 ----D---- C:\Windows\system32\config
2013-03-01 06:50:31 ----D---- C:\Users\admin\AppData\Roaming\uTorrent
2013-02-28 21:03:40 ----D---- C:\Windows
2013-02-28 21:02:45 ----D---- C:\Users\admin\AppData\Roaming\Skype
2013-02-28 19:23:11 ----D---- C:\Windows\debug
2013-02-28 19:23:05 ----D---- C:\Windows\System32
2013-02-28 19:22:55 ----SHD---- C:\Windows\Installer
2013-02-28 19:22:55 ----D---- C:\Program Files (x86)\Microsoft Office
2013-02-28 19:22:47 ----SHD---- C:\System Volume Information
2013-02-28 19:11:15 ----D---- C:\Windows\Microsoft.NET
2013-02-28 19:11:14 ----RSD---- C:\Windows\assembly
2013-02-28 19:05:05 ----A---- C:\Windows\SYSWOW64\log.txt
2013-02-28 19:02:02 ----D---- C:\Windows\Minidump
2013-02-28 14:13:35 ----D---- C:\Windows\SysWOW64
2013-02-28 14:13:35 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-02-28 14:13:23 ----D---- C:\Windows\inf
2013-02-28 14:13:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-28 13:39:41 ----HD---- C:\ProgramData
2013-02-28 08:10:24 ----D---- C:\Windows\winsxs
2013-02-28 08:09:35 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 08:09:35 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 08:09:35 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 08:09:35 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 08:09:35 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 08:09:35 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 08:09:35 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 08:09:35 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 08:09:33 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 08:09:32 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 08:09:32 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 08:09:32 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 08:09:32 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 08:09:32 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 08:09:32 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 08:09:32 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 08:09:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-02-28 08:09:31 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 08:09:31 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 08:09:31 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 08:09:31 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 08:09:31 ----D---- C:\Windows\SYSWOW64\en-US
2013-02-28 08:09:31 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 08:09:27 ----D---- C:\Windows\system32\zh-HK
2013-02-28 08:09:27 ----D---- C:\Windows\system32\pt-PT
2013-02-28 08:09:27 ----D---- C:\Windows\system32\pt-BR
2013-02-28 08:09:27 ----D---- C:\Windows\system32\pl-PL
2013-02-28 08:09:27 ----D---- C:\Windows\system32\nl-NL
2013-02-28 08:09:27 ----D---- C:\Windows\system32\ko-KR
2013-02-28 08:09:27 ----D---- C:\Windows\system32\it-IT
2013-02-28 08:09:27 ----D---- C:\Windows\system32\hu-HU
2013-02-28 08:09:27 ----D---- C:\Windows\system32\el-GR
2013-02-28 08:09:26 ----D---- C:\Windows\system32\zh-TW
2013-02-28 08:09:26 ----D---- C:\Windows\system32\tr-TR
2013-02-28 08:09:26 ----D---- C:\Windows\system32\sv-SE
2013-02-28 08:09:26 ----D---- C:\Windows\system32\fr-FR
2013-02-28 08:09:26 ----D---- C:\Windows\system32\fi-FI
2013-02-28 08:09:26 ----D---- C:\Windows\system32\es-ES
2013-02-28 08:09:25 ----D---- C:\Windows\system32\zh-CN
2013-02-28 08:09:25 ----D---- C:\Windows\system32\ru-RU
2013-02-28 08:09:25 ----D---- C:\Windows\system32\nb-NO
2013-02-28 08:09:25 ----D---- C:\Windows\system32\ja-JP
2013-02-28 08:09:25 ----D---- C:\Windows\system32\de-DE
2013-02-28 08:09:25 ----D---- C:\Windows\system32\cs-CZ
2013-02-28 08:09:24 ----D---- C:\Windows\system32\en-US
2013-02-28 08:09:24 ----D---- C:\Windows\system32\da-DK
2013-02-27 22:25:54 ----D---- C:\Windows\system32\catroot
2013-02-27 22:25:53 ----D---- C:\Windows\system32\catroot2
2013-02-27 22:15:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-27 21:00:19 ----D---- C:\Windows\system32\Tasks
2013-02-27 20:52:51 ----D---- C:\Windows\Tasks
2013-02-27 20:40:45 ----D---- C:\Windows\SoftwareDistribution
2013-02-25 18:08:16 ----D---- C:\Program Files (x86)\Video Web Camera
2013-02-14 11:52:37 ----D---- C:\Windows\system32\wdi
2013-02-14 07:57:48 ----D---- C:\Windows\AppPatch
2013-02-14 07:57:47 ----D---- C:\Windows\SYSWOW64\migration
2013-02-14 07:57:47 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-14 07:57:46 ----D---- C:\Windows\system32\migration
2013-02-14 07:57:45 ----D---- C:\Program Files\Internet Explorer
2013-02-13 20:29:37 ----D---- C:\ProgramData\Microsoft Help
2013-02-08 08:03:29 ----D---- C:\Windows\system32\drivers\NISx64
2013-02-06 01:46:19 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [2011-05-16 451192]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [2012-05-22 1129120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-09 2377216]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-01-21 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-01-21 19496]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-05-16 51240]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-07-29 1383472]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
S1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20120905.001\BHDrvx64.sys [2012-08-31 1385120]
S1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [2012-06-07 167072]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2012-09-06 484512]
S1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20120907.001\IDSvia64.sys [2012-09-01 513184]
S1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [2012-07-06 37536]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [2012-04-18 190072]
S1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [2012-04-18 405624]
S2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-05-06 86056]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-29 2819560]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120910.002\ENG64.SYS [2012-09-10 125600]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120910.002\EX64.SYS [2012-09-10 2084000]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [2012-07-06 737952]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2012-09-06 175736]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-08-03 16392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S2 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-08-02 872552]
S2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2011-05-30 36456]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
S2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2012-04-05 255376]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [2012-06-16 138272]
S2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
S2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [2012-08-31 111664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 251248]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-18 115608]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-06 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Tak se omlouvám za spam, ale byla jsem z toho zoufalá.
Stahnete AdwCleaner 
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) 
Přispějete na provoz fóra?