Zdravím,
Chtěl bych poprosit o kontrolu logu. Od mailového providera jsem dostal info, že mi pravděpodobně sídlí v pc nějaký čmuchal, tak jestli by jste mi to pomohli prověřit?
Moc děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by user at 2013-10-30 11:53:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 227 GB (77%) free of 293 GB
Total RAM: 3767 MB (59% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2f3a60bb-2a30-4b98-92a7-b25661535c7a -SystemEventPortName:HostProcess-302c401c-9be6-4580-abfd-e193546c581d -IoCancelEventPortName:HostProcess-08db3870-fd9d-4e33-9705-c070757552e4 -NonStateChangingEventPortName:HostProcess-4cfea477-3c3d-45cf-a804-994baa5921db -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3bad7aef-34c1-49a2-afa9-8fc2dc55c781 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 26064176
\??\C:\Windows\system32\conhost.exe "-959009988-1453469777-608614322335955638-136748802146828219413989026851001994983
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Protector Suite\upeksvr.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\OneClickInternet\WTGService.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
WLIDSvcM.exe 2324
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {65626679-3FDA-4712-BBF7-35B38F85DEEA}
C:\Windows\Explorer.EXE
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
/Device:000000a5
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" -restart /WERRESTART
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b92e3ab0-3b3f-4864-8b2e-4a235915e8bf -SystemEventPortName:HostProcess-298ceb11-26bf-4915-bccf-4902cf7d81b4 -IoCancelEventPortName:HostProcess-15581afd-f813-48b9-93d0-9b94e26f13fc -NonStateChangingEventPortName:HostProcess-f68701ba-b0ac-4923-99ea-363751aedd7f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0ecabd76-6f67-4cbf-8b14-bfbe15d566db -DeviceGroupId:WpdFsGroup
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe"
"C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Protector Suite\psqltray.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3668 CREDAT:267522 /prefetch:2
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {EE7EB75C-06CA-49E3-B60C-3625DF62465C}
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Sony\VAIO Update\VUAgent.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-691644643-3994790338-489463159-10031_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-691644643-3994790338-489463159-10031 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
taskeng.exe {587FE563-8CCE-416C-9A3C-90B6AE962FC5}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\Windows\System32\vds.exe
"F:\RSITx64.exe"
wmiadap.exe /F /T /R
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-14 256080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-29 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-14 194640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-01-19 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-14 256080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-14 194640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-11-02 16395880]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-07 9636896]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-02 1861416]
"PSQLLauncher"=C:\Program Files\Protector Suite\launcher.exe [2009-07-20 84744]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-06 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-06 390680]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-06 410136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-19 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-08-26 320880]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-06-17 538472]
"MarketingTools"=C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2010-01-19 26624]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2010-01-19 149280]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-06 268800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\Protector Suite\psqlpwd.dll [2009-07-20 135944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Protector Suite\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-30 11:53:31 ----D---- C:\rsit
2013-10-30 11:53:31 ----D---- C:\Program Files\trend micro
2013-10-22 14:28:52 ----D---- C:\Program Files\McAfee Security Scan
2013-10-15 05:57:29 ----D---- C:\Program Files (x86)\GUM1038.tmp
2013-10-15 05:57:29 ----A---- C:\Program Files (x86)\GUT1039.tmp
2013-10-15 02:39:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-15 02:39:10 ----A---- C:\Windows\system32\ieui.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-15 02:39:08 ----A---- C:\Windows\system32\iesetup.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\iernonce.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-15 02:39:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-15 02:39:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-15 02:39:06 ----A---- C:\Windows\system32\iertutil.dll
2013-10-15 02:39:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-15 02:39:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-15 02:39:05 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-15 02:39:05 ----A---- C:\Windows\system32\jscript.dll
2013-10-15 02:39:04 ----A---- C:\Windows\system32\jscript9.dll
2013-10-15 02:39:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-15 02:39:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-15 02:39:02 ----A---- C:\Windows\system32\urlmon.dll
2013-10-15 02:39:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-15 02:39:00 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-15 02:38:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-15 02:38:59 ----A---- C:\Windows\system32\wininet.dll
2013-10-15 02:38:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-15 02:38:57 ----A---- C:\Windows\system32\ieframe.dll
2013-10-15 02:38:55 ----A---- C:\Windows\system32\mshtml.dll
2013-10-15 02:38:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-14 15:50:31 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-14 15:50:31 ----A---- C:\Windows\system32\comctl32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\lpk.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\fontsub.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\dciman32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\atmlib.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\atmfd.dll
2013-10-14 15:50:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-14 15:50:25 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-14 15:50:25 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-14 15:50:23 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-14 15:50:23 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-14 15:50:21 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-14 15:50:21 ----A---- C:\Windows\system32\davclnt.dll
2013-10-14 15:50:18 ----A---- C:\Windows\system32\mswsock.dll
2013-10-14 15:50:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-14 15:50:18 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-14 15:50:17 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-14 15:50:15 ----A---- C:\Windows\system32\win32k.sys
2013-10-14 15:50:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-14 15:50:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-14 15:50:01 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-14 15:50:01 ----A---- C:\Windows\system32\advapi32.dll
2013-10-14 15:50:00 ----A---- C:\Windows\system32\tdh.dll
2013-10-14 15:50:00 ----A---- C:\Windows\system32\ntdll.dll
2013-10-14 15:49:59 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-14 15:49:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-14 15:49:58 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-14 15:49:58 ----A---- C:\Windows\system32\wow64.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-14 15:49:38 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-14 15:49:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-14 15:49:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-14 15:49:36 ----A---- C:\Windows\system32\scavengeui.dll
======List of files/folders modified in the last 1 month======
2013-10-30 11:53:31 ----RD---- C:\Program Files
2013-10-30 11:52:17 ----D---- C:\Windows\System32
2013-10-30 11:36:39 ----D---- C:\Windows\Temp
2013-10-30 11:36:36 ----D---- C:\Windows\system32\config
2013-10-30 11:35:31 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-30 10:22:12 ----D---- C:\Windows\inf
2013-10-30 10:22:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-30 10:17:17 ----SHD---- C:\Config.Msi
2013-10-30 10:16:32 ----D---- C:\Windows\system32\appmgmt
2013-10-30 10:16:31 ----SHD---- C:\Windows\Installer
2013-10-30 10:12:59 ----HD---- C:\ProgramData
2013-10-30 10:12:59 ----D---- C:\ProgramData\Symantec
2013-10-30 10:12:59 ----D---- C:\Program Files (x86)\Symantec
2013-10-30 10:12:40 ----D---- C:\Program Files\Common Files
2013-10-30 10:12:39 ----D---- C:\Windows\system32\drivers
2013-10-30 10:12:30 ----D---- C:\Windows\SysWOW64
2013-10-30 10:12:28 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-30 10:10:50 ----SHD---- C:\System Volume Information
2013-10-23 02:16:22 ----D---- C:\Windows\Prefetch
2013-10-22 14:28:51 ----RD---- C:\Program Files (x86)
2013-10-16 17:31:46 ----D---- C:\Windows\rescache
2013-10-15 03:10:15 ----D---- C:\Windows\Microsoft.NET
2013-10-15 03:10:00 ----RSD---- C:\Windows\assembly
2013-10-15 03:00:49 ----D---- C:\Windows\winsxs
2013-10-15 02:59:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-15 02:59:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-15 02:57:27 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-15 02:57:26 ----D---- C:\Program Files\Internet Explorer
2013-10-15 02:57:22 ----D---- C:\Windows\AppPatch
2013-10-15 02:57:20 ----D---- C:\Windows\system32\DriverStore
2013-10-15 02:41:22 ----D---- C:\ProgramData\Microsoft Help
2013-10-15 02:39:33 ----D---- C:\Windows\system32\catroot
2013-10-15 02:39:32 ----D---- C:\Windows\system32\catroot2
2013-10-15 02:11:14 ----D---- C:\Windows\system32\MRT
2013-10-15 02:11:12 ----A---- C:\Windows\system32\MRT.exe
2013-10-15 02:03:09 ----D---- C:\Windows\system32\cs-CZ
2013-10-14 15:44:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2009-10-02 537112]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 shpf;Sony HDD Protection Filter Driver; C:\Windows\system32\DRIVERS\shpf.sys [2009-05-28 25120]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2009-10-29 93696]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2009-10-29 76800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-06 7841568]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-11-11 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-07 2212640]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-08-06 244736]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-10-08 62464]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2009-08-19 11392]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2009-11-02 293936]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-09 1542656]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-18 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-11-18 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-18 21160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-11-09 84512]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225); C:\Windows\system32\DRIVERS\qcfilterSny2k.sys [2009-12-03 6400]
S3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225); C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys [2009-12-03 240640]
S3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225); C:\Windows\system32\DRIVERS\qcusbserSny2k.sys [2009-12-03 121216]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 25088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-20 30312]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 1420560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-11-02 392296]
R2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony); C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-03 330488]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 831760]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [2010-05-28 205168]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-01-29 822784]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 WTGService;WTGService; C:\Program Files (x86)\OneClickInternet\WTGService.exe [2009-10-29 312784]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [2012-10-26 1286784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-14 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 133104]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-02 194032]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-09 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pravděpodobný malware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pravděpodobný malware
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pravděpodobný malware
Příkládám log,
Děkuji
# AdwCleaner v3.003 - Report created 30/10/2013 at 13:07:57
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : User - SE-VAIO
# Running from : F:\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\TPNKA~1\AppData\Local\Temp\boost_interprocess
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
*************************
AdwCleaner[R0].txt - [724 octets] - [30/10/2013 13:07:02]
AdwCleaner[S0].txt - [654 octets] - [30/10/2013 13:07:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [713 octets] ##########
Děkuji
# AdwCleaner v3.003 - Report created 30/10/2013 at 13:07:57
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : User - SE-VAIO
# Running from : F:\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\TPNKA~1\AppData\Local\Temp\boost_interprocess
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
*************************
AdwCleaner[R0].txt - [724 octets] - [30/10/2013 13:07:02]
AdwCleaner[S0].txt - [654 octets] - [30/10/2013 13:07:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [713 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pravděpodobný malware
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pravděpodobný malware
Nový log
Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2013-10-30 13:49:48
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 226 GB (77%) free of 293 GB
Total RAM: 3767 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:56, on 30.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\Štěpánka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Gobi 2000 Download Service (Sony) (QDLService2kSony) - QUALCOMM, Inc. - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\snac64.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WTGService - Unknown owner - C:\Program Files (x86)\OneClickInternet\WTGService.exe
--
End of file - 13165 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-36228627-33bd-4c52-b4c4-7098b9997071 -SystemEventPortName:HostProcess-9967f44f-45bf-4f5f-ac66-8429d45aac08 -IoCancelEventPortName:HostProcess-beaea3ff-a01b-42ab-8e8f-f7c191b357b0 -NonStateChangingEventPortName:HostProcess-0aa83639-136a-43df-90b1-59dc453ec8db -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ea161867-5eb6-486d-8041-7f8113814587 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 28437248
\??\C:\Windows\system32\conhost.exe "-1193799321559717833353001181967342375-1958977324-9385933577376521126101624
taskeng.exe {92341B7F-8DED-40ED-BDA8-4310103B2771}
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe" /s "Symantec Endpoint Protection" /m "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\sms.dll" /prefetch:1
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\OneClickInternet\WTGService.exe"
WLIDSvcM.exe 2516
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\Smc.exe" /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bca70ab4-7b6d-4827-ade4-714a36d8f02f -SystemEventPortName:HostProcess-216a1285-7d0e-4221-b390-8c8a08c48a12 -IoCancelEventPortName:HostProcess-26d9e9d5-636b-4b0b-8d96-40d76953a98b -NonStateChangingEventPortName:HostProcess-bc465236-a433-4beb-8f7c-302a8a2aa9a6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:63e8133b-d320-4ce3-bbbd-8e5964686d4c -DeviceGroupId:WpdFsGroup
"C:\Program Files\Protector Suite\upeksvr.exe"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe" /u /c /a /s "UserSession"
taskeng.exe {C2EDF58B-5599-43F0-BBE1-13835CF1FFFB}
/Device:000000a5
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Protector Suite\psqltray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {68AE57CA-6004-4B1A-9F0C-0E2365D78B41}
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files\Sony\VAIO Update\VUAgent.exe"
taskmgr.exe /2
C:\Windows\System32\svchost.exe -k WerSvcGroup
"F:\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-14 256080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-29 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Vulnerability Protection - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\bin\IPS\IPSBHO.DLL [2013-05-30 387040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-14 194640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-01-19 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-14 256080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-14 194640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-11-02 16395880]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-07 9636896]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-02 1861416]
"PSQLLauncher"=C:\Program Files\Protector Suite\launcher.exe [2009-07-20 84744]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-06 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-06 390680]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-06 410136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-19 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-08-26 320880]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-06-17 538472]
"MarketingTools"=C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2010-01-19 26624]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2010-01-19 149280]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-06 268800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\Protector Suite\psqlpwd.dll [2009-07-20 135944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Protector Suite\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SepMasterService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-30 13:48:15 ----D---- C:\rsit
2013-10-30 13:31:48 ----D---- C:\Program Files\AuthenTec
2013-10-30 13:30:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-10-30 13:30:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-10-30 13:30:59 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-10-30 13:30:55 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-10-30 13:30:55 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\wksprtPS.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\wksprt.exe
2013-10-30 13:30:51 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-10-30 13:30:51 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\tsgqec.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\rdpudd.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\aaclient.dll
2013-10-30 13:30:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-10-30 13:30:50 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-10-30 13:30:50 ----A---- C:\Windows\system32\rdpcorets.dll
2013-10-30 13:30:50 ----A---- C:\Windows\system32\mstscax.dll
2013-10-30 13:30:50 ----A---- C:\Windows\system32\mstsc.exe
2013-10-30 13:29:56 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-10-30 13:29:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-10-30 13:29:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-10-30 13:29:56 ----A---- C:\Windows\system32\schannel.dll
2013-10-30 13:29:56 ----A---- C:\Windows\system32\lsasrv.dll
2013-10-30 13:29:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-10-30 13:29:56 ----A---- C:\Windows\system32\drivers\cng.sys
2013-10-30 13:29:54 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-10-30 13:29:54 ----A---- C:\Windows\system32\qdvd.dll
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-30 13:06:54 ----D---- C:\AdwCleaner
2013-10-30 12:48:21 ----D---- C:\Program Files\Symantec
2013-10-30 12:48:21 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-10-30 12:48:21 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2013-10-30 12:45:50 ----A---- C:\Windows\SYSWOW64\sysferThunk.dll
2013-10-30 12:45:50 ----A---- C:\Windows\SYSWOW64\SymVPN.dll
2013-10-30 12:45:50 ----A---- C:\Windows\SYSWOW64\snacnp.dll
2013-10-30 12:45:50 ----A---- C:\Windows\SYSWOW64\FwsVpn.dll
2013-10-30 12:45:50 ----A---- C:\Windows\system32\SymVPN.dll
2013-10-30 12:45:50 ----A---- C:\Windows\system32\snacnp.dll
2013-10-30 12:45:50 ----A---- C:\Windows\system32\FwsVpn.dll
2013-10-30 12:45:50 ----A---- C:\Windows\system32\drivers\WGX64.SYS
2013-10-30 12:45:49 ----A---- C:\Windows\SYSWOW64\sysfer.dll
2013-10-30 12:45:49 ----A---- C:\Windows\system32\sysferThunk.dll
2013-10-30 12:45:49 ----A---- C:\Windows\system32\sysfer.dll
2013-10-30 12:45:49 ----A---- C:\Windows\system32\drivers\SysPlant.sys
2013-10-30 12:45:36 ----D---- C:\ProgramData\regid.1992-12.com.symantec
2013-10-30 12:45:11 ----D---- C:\Windows\system32\drivers\SEP
2013-10-30 12:04:05 ----A---- C:\Windows\system32\s000000.dat
2013-10-30 11:53:31 ----D---- C:\Program Files\trend micro
2013-10-22 14:28:52 ----D---- C:\Program Files\McAfee Security Scan
2013-10-15 05:57:29 ----D---- C:\Program Files (x86)\GUM1038.tmp
2013-10-15 05:57:29 ----A---- C:\Program Files (x86)\GUT1039.tmp
2013-10-15 02:39:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-15 02:39:10 ----A---- C:\Windows\system32\ieui.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-15 02:39:08 ----A---- C:\Windows\system32\iesetup.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\iernonce.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-15 02:39:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-15 02:39:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-15 02:39:06 ----A---- C:\Windows\system32\iertutil.dll
2013-10-15 02:39:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-15 02:39:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-15 02:39:05 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-15 02:39:05 ----A---- C:\Windows\system32\jscript.dll
2013-10-15 02:39:04 ----A---- C:\Windows\system32\jscript9.dll
2013-10-15 02:39:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-15 02:39:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-15 02:39:02 ----A---- C:\Windows\system32\urlmon.dll
2013-10-15 02:39:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-15 02:39:00 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-15 02:38:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-15 02:38:59 ----A---- C:\Windows\system32\wininet.dll
2013-10-15 02:38:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-15 02:38:57 ----A---- C:\Windows\system32\ieframe.dll
2013-10-15 02:38:55 ----A---- C:\Windows\system32\mshtml.dll
2013-10-15 02:38:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-14 15:50:31 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-14 15:50:31 ----A---- C:\Windows\system32\comctl32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\lpk.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\fontsub.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\dciman32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\atmlib.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\atmfd.dll
2013-10-14 15:50:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-14 15:50:25 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-14 15:50:25 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-14 15:50:23 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-14 15:50:23 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-14 15:50:21 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-14 15:50:21 ----A---- C:\Windows\system32\davclnt.dll
2013-10-14 15:50:18 ----A---- C:\Windows\system32\mswsock.dll
2013-10-14 15:50:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-14 15:50:18 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-14 15:50:17 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-14 15:50:15 ----A---- C:\Windows\system32\win32k.sys
2013-10-14 15:50:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-14 15:50:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-14 15:50:01 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-14 15:50:01 ----A---- C:\Windows\system32\advapi32.dll
2013-10-14 15:50:00 ----A---- C:\Windows\system32\tdh.dll
2013-10-14 15:50:00 ----A---- C:\Windows\system32\ntdll.dll
2013-10-14 15:49:59 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-14 15:49:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-14 15:49:58 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-14 15:49:58 ----A---- C:\Windows\system32\wow64.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-14 15:49:38 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-14 15:49:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-14 15:49:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-14 15:49:36 ----A---- C:\Windows\system32\scavengeui.dll
======List of files/folders modified in the last 1 month======
2013-10-30 13:49:25 ----D---- C:\Windows\Temp
2013-10-30 13:42:49 ----D---- C:\Windows
2013-10-30 13:42:47 ----D---- C:\Windows\system32\config
2013-10-30 13:42:46 ----D---- C:\Windows\winsxs
2013-10-30 13:42:21 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-30 13:40:57 ----SHD---- C:\System Volume Information
2013-10-30 13:38:10 ----D---- C:\Windows\system32\WinBioPlugIns
2013-10-30 13:38:10 ----D---- C:\Windows\system32\drivers\UMDF
2013-10-30 13:38:10 ----D---- C:\Windows\System32
2013-10-30 13:37:08 ----D---- C:\Windows\SYSWOW64\wbem
2013-10-30 13:37:08 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-30 13:37:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-10-30 13:37:08 ----D---- C:\Windows\SysWOW64
2013-10-30 13:37:07 ----D---- C:\Windows\system32\wbem
2013-10-30 13:37:07 ----D---- C:\Windows\system32\en-US
2013-10-30 13:37:07 ----D---- C:\Windows\system32\drivers\en-US
2013-10-30 13:37:07 ----D---- C:\Windows\system32\drivers
2013-10-30 13:37:07 ----D---- C:\Windows\system32\cs-CZ
2013-10-30 13:37:07 ----D---- C:\Windows\PolicyDefinitions
2013-10-30 13:37:05 ----D---- C:\Windows\system32\DriverStore
2013-10-30 13:37:00 ----D---- C:\Windows\inf
2013-10-30 13:31:48 ----RD---- C:\Program Files
2013-10-30 13:31:46 ----D---- C:\Windows\system32\catroot
2013-10-30 13:31:33 ----D---- C:\Windows\system32\catroot2
2013-10-30 13:18:14 ----SHD---- C:\Windows\Installer
2013-10-30 13:18:13 ----SHD---- C:\Config.Msi
2013-10-30 13:07:57 ----HD---- C:\ProgramData
2013-10-30 13:00:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-30 12:48:21 ----D---- C:\Program Files\Common Files
2013-10-30 12:45:03 ----D---- C:\ProgramData\Symantec
2013-10-30 10:16:32 ----D---- C:\Windows\system32\appmgmt
2013-10-30 10:12:59 ----D---- C:\Program Files (x86)\Symantec
2013-10-30 10:12:28 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-23 02:16:22 ----D---- C:\Windows\Prefetch
2013-10-22 14:28:51 ----RD---- C:\Program Files (x86)
2013-10-16 17:31:46 ----D---- C:\Windows\rescache
2013-10-15 03:10:15 ----D---- C:\Windows\Microsoft.NET
2013-10-15 03:10:00 ----RSD---- C:\Windows\assembly
2013-10-15 02:59:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-15 02:59:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-15 02:57:27 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-15 02:57:26 ----D---- C:\Program Files\Internet Explorer
2013-10-15 02:57:22 ----D---- C:\Windows\AppPatch
2013-10-15 02:41:22 ----D---- C:\ProgramData\Microsoft Help
2013-10-15 02:13:54 ----D---- C:\Windows\system32\MRT
2013-10-15 02:11:12 ----A---- C:\Windows\system32\MRT.exe
2013-10-14 15:44:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2009-10-02 537112]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 shpf;Sony HDD Protection Filter Driver; C:\Windows\system32\DRIVERS\shpf.sys [2009-05-28 25120]
R0 SymDS;Symantec Data Store; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMDS64.SYS [2013-05-30 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMEFA64.SYS [2013-05-30 1139800]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20131024.011\BHDrvx64.sys [2013-10-28 1524824]
R1 ccSettings_{9AE22220-1F5C-4398-99A9-B2C0AC00138A};Symantec Endpoint Protection 12.1.3001.165.105 Settings Manager; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\ccSetx64.sys [2013-05-30 169048]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-10-30 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\IPSDefs\20131029.012\IDSVia64.sys [2013-10-29 521816]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SRTSP64.SYS [2013-05-30 796760]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SRTSPX64.SYS [2013-05-30 36952]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\Ironx64.SYS [2013-05-30 224416]
R1 SYMNETS;Symantec Network Security WFP Driver; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMNETS.SYS [2013-05-30 433752]
R1 SysPlant;SysPlant for NT; C:\Windows\system32\Drivers\SysPlant.sys [2013-10-30 159472]
R1 Teefer2;Symantec Endpoint Protection Firewall; C:\Windows\system32\DRIVERS\Teefer.sys [2013-05-30 91944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2009-10-29 93696]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2009-10-29 76800]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-10-30 140376]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-06 7841568]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-11-11 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-07 2212640]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-08-06 244736]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-10-08 62464]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20131029.039\ENG64.SYS [2013-10-30 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20131029.039\EX64.SYS [2013-10-30 2099288]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2009-08-19 11392]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-10-30 177312]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2009-11-02 293936]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-09 1542656]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-18 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-11-18 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-18 21160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-11-09 84512]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225); C:\Windows\system32\DRIVERS\qcfilterSny2k.sys [2009-12-03 6400]
S3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225); C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys [2009-12-03 240640]
S3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225); C:\Windows\system32\DRIVERS\qcusbserSny2k.sys [2009-12-03 121216]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SyDvCtrl;SyDvCtrl; \??\C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\SyDvCtrl64.sys [2013-05-30 34800]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-20 30312]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 1420560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-11-02 392296]
R2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony); C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-03 330488]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 831760]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 SepMasterService;Symantec Endpoint Protection; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe [2013-05-30 144368]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [2010-05-28 205168]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-01-29 822784]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
R3 SmcService;Symantec Management Client; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\Smc.exe [2013-05-30 2316184]
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [2012-10-26 1286784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-14 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 133104]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-02 194032]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
S3 SNAC;Symantec Network Access Control; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\snac64.exe [2013-05-30 334736]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-09 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
-----------------EOF-----------------
Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2013-10-30 13:49:48
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 226 GB (77%) free of 293 GB
Total RAM: 3767 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:56, on 30.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\Štěpánka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Gobi 2000 Download Service (Sony) (QDLService2kSony) - QUALCOMM, Inc. - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\snac64.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WTGService - Unknown owner - C:\Program Files (x86)\OneClickInternet\WTGService.exe
--
End of file - 13165 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-36228627-33bd-4c52-b4c4-7098b9997071 -SystemEventPortName:HostProcess-9967f44f-45bf-4f5f-ac66-8429d45aac08 -IoCancelEventPortName:HostProcess-beaea3ff-a01b-42ab-8e8f-f7c191b357b0 -NonStateChangingEventPortName:HostProcess-0aa83639-136a-43df-90b1-59dc453ec8db -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ea161867-5eb6-486d-8041-7f8113814587 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 28437248
\??\C:\Windows\system32\conhost.exe "-1193799321559717833353001181967342375-1958977324-9385933577376521126101624
taskeng.exe {92341B7F-8DED-40ED-BDA8-4310103B2771}
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe" /s "Symantec Endpoint Protection" /m "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\sms.dll" /prefetch:1
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\OneClickInternet\WTGService.exe"
WLIDSvcM.exe 2516
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\Smc.exe" /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bca70ab4-7b6d-4827-ade4-714a36d8f02f -SystemEventPortName:HostProcess-216a1285-7d0e-4221-b390-8c8a08c48a12 -IoCancelEventPortName:HostProcess-26d9e9d5-636b-4b0b-8d96-40d76953a98b -NonStateChangingEventPortName:HostProcess-bc465236-a433-4beb-8f7c-302a8a2aa9a6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:63e8133b-d320-4ce3-bbbd-8e5964686d4c -DeviceGroupId:WpdFsGroup
"C:\Program Files\Protector Suite\upeksvr.exe"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe" /u /c /a /s "UserSession"
taskeng.exe {C2EDF58B-5599-43F0-BBE1-13835CF1FFFB}
/Device:000000a5
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Protector Suite\psqltray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {68AE57CA-6004-4B1A-9F0C-0E2365D78B41}
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files\Sony\VAIO Update\VUAgent.exe"
taskmgr.exe /2
C:\Windows\System32\svchost.exe -k WerSvcGroup
"F:\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-14 256080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-29 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Vulnerability Protection - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\bin\IPS\IPSBHO.DLL [2013-05-30 387040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-14 194640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-01-19 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-14 256080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-14 194640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-11-02 16395880]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-07 9636896]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-02 1861416]
"PSQLLauncher"=C:\Program Files\Protector Suite\launcher.exe [2009-07-20 84744]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-06 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-06 390680]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-06 410136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-19 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-08-26 320880]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-06-17 538472]
"MarketingTools"=C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2010-01-19 26624]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2010-01-19 149280]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-06 268800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\Protector Suite\psqlpwd.dll [2009-07-20 135944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Protector Suite\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SepMasterService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-30 13:48:15 ----D---- C:\rsit
2013-10-30 13:31:48 ----D---- C:\Program Files\AuthenTec
2013-10-30 13:30:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-10-30 13:30:59 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-10-30 13:30:59 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-10-30 13:30:55 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-10-30 13:30:55 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-10-30 13:30:51 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\wksprtPS.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\wksprt.exe
2013-10-30 13:30:51 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-10-30 13:30:51 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\tsgqec.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\rdpudd.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-10-30 13:30:51 ----A---- C:\Windows\system32\aaclient.dll
2013-10-30 13:30:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-10-30 13:30:50 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-10-30 13:30:50 ----A---- C:\Windows\system32\rdpcorets.dll
2013-10-30 13:30:50 ----A---- C:\Windows\system32\mstscax.dll
2013-10-30 13:30:50 ----A---- C:\Windows\system32\mstsc.exe
2013-10-30 13:29:56 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-10-30 13:29:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-10-30 13:29:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-10-30 13:29:56 ----A---- C:\Windows\system32\schannel.dll
2013-10-30 13:29:56 ----A---- C:\Windows\system32\lsasrv.dll
2013-10-30 13:29:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-10-30 13:29:56 ----A---- C:\Windows\system32\drivers\cng.sys
2013-10-30 13:29:54 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-10-30 13:29:54 ----A---- C:\Windows\system32\qdvd.dll
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-30 13:17:16 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-30 13:06:54 ----D---- C:\AdwCleaner
2013-10-30 12:48:21 ----D---- C:\Program Files\Symantec
2013-10-30 12:48:21 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-10-30 12:48:21 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2013-10-30 12:45:50 ----A---- C:\Windows\SYSWOW64\sysferThunk.dll
2013-10-30 12:45:50 ----A---- C:\Windows\SYSWOW64\SymVPN.dll
2013-10-30 12:45:50 ----A---- C:\Windows\SYSWOW64\snacnp.dll
2013-10-30 12:45:50 ----A---- C:\Windows\SYSWOW64\FwsVpn.dll
2013-10-30 12:45:50 ----A---- C:\Windows\system32\SymVPN.dll
2013-10-30 12:45:50 ----A---- C:\Windows\system32\snacnp.dll
2013-10-30 12:45:50 ----A---- C:\Windows\system32\FwsVpn.dll
2013-10-30 12:45:50 ----A---- C:\Windows\system32\drivers\WGX64.SYS
2013-10-30 12:45:49 ----A---- C:\Windows\SYSWOW64\sysfer.dll
2013-10-30 12:45:49 ----A---- C:\Windows\system32\sysferThunk.dll
2013-10-30 12:45:49 ----A---- C:\Windows\system32\sysfer.dll
2013-10-30 12:45:49 ----A---- C:\Windows\system32\drivers\SysPlant.sys
2013-10-30 12:45:36 ----D---- C:\ProgramData\regid.1992-12.com.symantec
2013-10-30 12:45:11 ----D---- C:\Windows\system32\drivers\SEP
2013-10-30 12:04:05 ----A---- C:\Windows\system32\s000000.dat
2013-10-30 11:53:31 ----D---- C:\Program Files\trend micro
2013-10-22 14:28:52 ----D---- C:\Program Files\McAfee Security Scan
2013-10-15 05:57:29 ----D---- C:\Program Files (x86)\GUM1038.tmp
2013-10-15 05:57:29 ----A---- C:\Program Files (x86)\GUT1039.tmp
2013-10-15 02:39:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-15 02:39:10 ----A---- C:\Windows\system32\ieui.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-15 02:39:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-15 02:39:08 ----A---- C:\Windows\system32\iesetup.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\iernonce.dll
2013-10-15 02:39:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-15 02:39:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-15 02:39:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-15 02:39:06 ----A---- C:\Windows\system32\iertutil.dll
2013-10-15 02:39:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-15 02:39:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-15 02:39:05 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-15 02:39:05 ----A---- C:\Windows\system32\jscript.dll
2013-10-15 02:39:04 ----A---- C:\Windows\system32\jscript9.dll
2013-10-15 02:39:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-15 02:39:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-15 02:39:02 ----A---- C:\Windows\system32\urlmon.dll
2013-10-15 02:39:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-15 02:39:00 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-15 02:38:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-15 02:38:59 ----A---- C:\Windows\system32\wininet.dll
2013-10-15 02:38:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-15 02:38:57 ----A---- C:\Windows\system32\ieframe.dll
2013-10-15 02:38:55 ----A---- C:\Windows\system32\mshtml.dll
2013-10-15 02:38:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-14 15:50:31 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-14 15:50:31 ----A---- C:\Windows\system32\comctl32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-14 15:50:27 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\lpk.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\fontsub.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\dciman32.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\atmlib.dll
2013-10-14 15:50:27 ----A---- C:\Windows\system32\atmfd.dll
2013-10-14 15:50:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-14 15:50:25 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-14 15:50:25 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-14 15:50:23 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-14 15:50:23 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-14 15:50:21 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-14 15:50:21 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-14 15:50:21 ----A---- C:\Windows\system32\davclnt.dll
2013-10-14 15:50:18 ----A---- C:\Windows\system32\mswsock.dll
2013-10-14 15:50:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-14 15:50:18 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-14 15:50:17 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-14 15:50:15 ----A---- C:\Windows\system32\win32k.sys
2013-10-14 15:50:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-14 15:50:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-14 15:50:01 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-14 15:50:01 ----A---- C:\Windows\system32\advapi32.dll
2013-10-14 15:50:00 ----A---- C:\Windows\system32\tdh.dll
2013-10-14 15:50:00 ----A---- C:\Windows\system32\ntdll.dll
2013-10-14 15:49:59 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-14 15:49:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-14 15:49:58 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-14 15:49:58 ----A---- C:\Windows\system32\wow64.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-14 15:49:57 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-14 15:49:38 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-14 15:49:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-14 15:49:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-14 15:49:36 ----A---- C:\Windows\system32\scavengeui.dll
======List of files/folders modified in the last 1 month======
2013-10-30 13:49:25 ----D---- C:\Windows\Temp
2013-10-30 13:42:49 ----D---- C:\Windows
2013-10-30 13:42:47 ----D---- C:\Windows\system32\config
2013-10-30 13:42:46 ----D---- C:\Windows\winsxs
2013-10-30 13:42:21 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-30 13:40:57 ----SHD---- C:\System Volume Information
2013-10-30 13:38:10 ----D---- C:\Windows\system32\WinBioPlugIns
2013-10-30 13:38:10 ----D---- C:\Windows\system32\drivers\UMDF
2013-10-30 13:38:10 ----D---- C:\Windows\System32
2013-10-30 13:37:08 ----D---- C:\Windows\SYSWOW64\wbem
2013-10-30 13:37:08 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-30 13:37:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-10-30 13:37:08 ----D---- C:\Windows\SysWOW64
2013-10-30 13:37:07 ----D---- C:\Windows\system32\wbem
2013-10-30 13:37:07 ----D---- C:\Windows\system32\en-US
2013-10-30 13:37:07 ----D---- C:\Windows\system32\drivers\en-US
2013-10-30 13:37:07 ----D---- C:\Windows\system32\drivers
2013-10-30 13:37:07 ----D---- C:\Windows\system32\cs-CZ
2013-10-30 13:37:07 ----D---- C:\Windows\PolicyDefinitions
2013-10-30 13:37:05 ----D---- C:\Windows\system32\DriverStore
2013-10-30 13:37:00 ----D---- C:\Windows\inf
2013-10-30 13:31:48 ----RD---- C:\Program Files
2013-10-30 13:31:46 ----D---- C:\Windows\system32\catroot
2013-10-30 13:31:33 ----D---- C:\Windows\system32\catroot2
2013-10-30 13:18:14 ----SHD---- C:\Windows\Installer
2013-10-30 13:18:13 ----SHD---- C:\Config.Msi
2013-10-30 13:07:57 ----HD---- C:\ProgramData
2013-10-30 13:00:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-30 12:48:21 ----D---- C:\Program Files\Common Files
2013-10-30 12:45:03 ----D---- C:\ProgramData\Symantec
2013-10-30 10:16:32 ----D---- C:\Windows\system32\appmgmt
2013-10-30 10:12:59 ----D---- C:\Program Files (x86)\Symantec
2013-10-30 10:12:28 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-23 02:16:22 ----D---- C:\Windows\Prefetch
2013-10-22 14:28:51 ----RD---- C:\Program Files (x86)
2013-10-16 17:31:46 ----D---- C:\Windows\rescache
2013-10-15 03:10:15 ----D---- C:\Windows\Microsoft.NET
2013-10-15 03:10:00 ----RSD---- C:\Windows\assembly
2013-10-15 02:59:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-15 02:59:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-15 02:57:27 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-15 02:57:26 ----D---- C:\Program Files\Internet Explorer
2013-10-15 02:57:22 ----D---- C:\Windows\AppPatch
2013-10-15 02:41:22 ----D---- C:\ProgramData\Microsoft Help
2013-10-15 02:13:54 ----D---- C:\Windows\system32\MRT
2013-10-15 02:11:12 ----A---- C:\Windows\system32\MRT.exe
2013-10-14 15:44:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2009-10-02 537112]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 shpf;Sony HDD Protection Filter Driver; C:\Windows\system32\DRIVERS\shpf.sys [2009-05-28 25120]
R0 SymDS;Symantec Data Store; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMDS64.SYS [2013-05-30 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMEFA64.SYS [2013-05-30 1139800]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\BASHDefs\20131024.011\BHDrvx64.sys [2013-10-28 1524824]
R1 ccSettings_{9AE22220-1F5C-4398-99A9-B2C0AC00138A};Symantec Endpoint Protection 12.1.3001.165.105 Settings Manager; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\ccSetx64.sys [2013-05-30 169048]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-10-30 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\IPSDefs\20131029.012\IDSVia64.sys [2013-10-29 521816]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SRTSP64.SYS [2013-05-30 796760]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SRTSPX64.SYS [2013-05-30 36952]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\Ironx64.SYS [2013-05-30 224416]
R1 SYMNETS;Symantec Network Security WFP Driver; C:\Windows\system32\Drivers\SEP\0C010BB9\00A5.105\x64\SYMNETS.SYS [2013-05-30 433752]
R1 SysPlant;SysPlant for NT; C:\Windows\system32\Drivers\SysPlant.sys [2013-10-30 159472]
R1 Teefer2;Symantec Endpoint Protection Firewall; C:\Windows\system32\DRIVERS\Teefer.sys [2013-05-30 91944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2009-10-29 93696]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2009-10-29 76800]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-10-30 140376]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-06 7841568]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-11-11 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-07 2212640]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-08-06 244736]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-10-08 62464]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20131029.039\ENG64.SYS [2013-10-30 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Definitions\VirusDefs\20131029.039\EX64.SYS [2013-10-30 2099288]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2009-08-19 11392]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-10-30 177312]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2009-11-02 293936]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-09 1542656]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-18 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-11-18 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-18 21160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-11-09 84512]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225); C:\Windows\system32\DRIVERS\qcfilterSny2k.sys [2009-12-03 6400]
S3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225); C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys [2009-12-03 240640]
S3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225); C:\Windows\system32\DRIVERS\qcusbserSny2k.sys [2009-12-03 121216]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SyDvCtrl;SyDvCtrl; \??\C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\SyDvCtrl64.sys [2013-05-30 34800]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-20 30312]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 1420560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-11-02 392296]
R2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony); C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-03 330488]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 831760]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 SepMasterService;Symantec Endpoint Protection; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin\ccSvcHst.exe [2013-05-30 144368]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [2010-05-28 205168]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-01-29 822784]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
R3 SmcService;Symantec Management Client; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\Smc.exe [2013-05-30 2316184]
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [2012-10-26 1286784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-14 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-19 133104]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-02 194032]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
S3 SNAC;Symantec Network Access Control; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Bin64\snac64.exe [2013-05-30 334736]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-09 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pravděpodobný malware
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Google\GoogleToolbarNotifier
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\s000000.dat
C:\Program Files (x86)\GUM1038.tmp
C:\Program Files (x86)\GUT1039.tmp
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?