Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Díky za kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
vollf
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 15 srp 2014 10:30

Díky za kontrolu

#1 Příspěvek od vollf »

Ahoj,

prosím o kontrolu logů. Zobrazovaly se mi reklamy v prohlížečích, zkoušel jsem několik čištění dle návodů tady z fóra, ale nejsem si jistý, zda to stačilo.

RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by mfanta at 2014-08-15 11:31:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 35 GB (35%) free of 102 GB
Total RAM: 3241 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:31:39, on 15.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\PdaNet for Android\PdaNetPC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\taskeng.exe
D:\Instal\AntiVir portable\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\mfanta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
O4 - HKLM\..\Run: [FreeFallProtection] C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Samsung.PCSync] "C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Samsung.PCSync] "C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Microsoft Outlook 2010.lnk = ?
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O15 - Trusted Zone: http://www.evropa2.cz
O16 - DPF: {7340F0E4-AEDA-47C6-8971-9DB314030BD7} (CAxH264Dec Class) - http://192.168.74.6/activex/decoder/h264_dec.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://192.168.140.6/activex/AMC.cab
O16 - DPF: {EA80AD01-A12C-4699-894C-5A87F929608A} (WebCamX Control) - http://88.103.127.198:8888/WebCamX.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pmu.local
O17 - HKLM\Software\..\Telephony: DomainName = pmu.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C695A7D-AEA8-426B-98FD-5FFBF6C692AB}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pmu.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = pmu.local
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SEP - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll (file missing)
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: 4b68701ac8b0fdf.exe - Unknown owner - C:\Users\pjilkova\AppData\Local\ba2dfbae47fa6de193fd14ab536de8f4\4b68701ac8b0fdf.exe (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: 8bfc24a7a4df867.exe - Unknown owner - C:\Users\pjilkova\AppData\Local\362f8d3c6858f265b69ae053f3d966a1\8bfc24a7a4df867.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DriverRegisterRepository.exe - Unknown owner - C:\Users\mfanta\AppData\Local\DriverRegisterRepository\DriverRegisterRepository.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Services\IPT\jhi_service.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMotionSyntax.exe - Unknown owner - C:\Users\mfanta\AppData\Local\LogMotionSyntax\LogMotionSyntax.exe (file missing)
O23 - Service: MagikSrv - ADVANteach s.r.o. - C:\Program files\MagikSrv\MagikSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Program Files\O2 Internet\UpdateDog\ouc.exe
O23 - Service: O2FLASH - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: O2SDIOAssist - Unknown owner - c:\Windows\system32\srvany.exe (file missing)
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\snac.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware vCenter Converter Standalone Agent (vmware-converter-agent) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
O23 - Service: VMware vCenter Converter Standalone Server (vmware-converter-server) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: VMware vCenter Converter Standalone Worker (vmware-converter-worker) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

--
End of file - 14292 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\restart_new.job - \\servermu\Public\9MU_IT\restart.bat

=========Mozilla firefox=========

ProfilePath - C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\IPSFF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=5.1.0.00000]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=5.5.0.00000]
"Description"=VMware VMRC Browser Plugin
"Path"=C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nplansweepershellexec.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default\extensions\
lansweeperplugin@lansweeper.com
LogMeInClient@logmein.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\bin\IPS\IPSBHO.DLL [2011-09-17 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-15 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-04-05 501104]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2011-01-25 536668]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-28 142616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-28 177432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-28 176408]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2011-01-15 5955072]
"FreeFallProtection"=C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2011-04-22 686704]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-03-12 462993]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2010-04-29 50472]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2014-01-17 421888]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-06-23 3816272]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-05-26 152392]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
""= []
"DellSystemDetect"=C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [2014-05-23 254976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2012-02-20 1666560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\mfanta\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
C:\Windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2013-11-28 6144]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

C:\Users\mfanta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
PdaNet Desktop.lnk - C:\Program Files\PdaNet for Android\PdaNetPC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-10 293888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SEP]
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-08 115440]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SepMasterService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRecentDocsNetHood"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-15 11:26:33 ----D---- C:\FRST
2014-08-15 11:15:01 ----SHD---- C:\$RECYCLE.BIN
2014-08-15 11:11:58 ----A---- C:\Windows\zoek-delete.exe
2014-08-15 11:11:55 ----D---- C:\Windows\Temp
2014-08-15 10:19:27 ----D---- C:\zoek_backup
2014-08-15 10:07:36 ----A---- C:\Windows\system32\sqlite3.dll
2014-08-15 10:06:24 ----D---- C:\AdwCleaner
2014-08-15 09:51:15 ----D---- C:\Windows\ERUNT
2014-08-15 09:43:14 ----D---- C:\Program Files\trend micro
2014-08-15 09:43:13 ----D---- C:\rsit
2014-08-15 09:08:20 ----D---- C:\Users\mfanta\AppData\Roaming\Oracle
2014-08-15 09:07:24 ----D---- C:\Program Files\Common Files\Java
2014-08-15 09:07:06 ----A---- C:\Windows\system32\javaws.exe
2014-08-15 09:06:55 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-08-15 09:06:55 ----A---- C:\Windows\system32\javaw.exe
2014-08-15 09:06:55 ----A---- C:\Windows\system32\java.exe
2014-08-15 08:26:48 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-15 08:26:48 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-08-15 08:26:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-08-15 08:23:30 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-15 08:23:26 ----A---- C:\Windows\system32\icardres.dll
2014-08-15 08:23:23 ----A---- C:\Windows\system32\icardagt.exe
2014-08-15 08:23:22 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 14:43:42 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 14:43:41 ----A---- C:\Windows\system32\win32k.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 14:43:41 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\cdd.dll
2014-08-14 14:43:40 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\msi.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\consent.exe
2014-08-14 14:43:34 ----A---- C:\Windows\system32\authui.dll
2014-08-14 14:43:31 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 14:43:31 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 14:43:31 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 14:43:31 ----A---- C:\Windows\system32\jscript.dll
2014-08-14 14:43:31 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 14:43:30 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 14:43:30 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 14:43:30 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 14:43:29 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 14:43:28 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 14:43:28 ----A---- C:\Windows\system32\url.dll
2014-08-14 14:43:28 ----A---- C:\Windows\system32\mshta.exe
2014-08-14 14:43:28 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-14 14:43:28 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-14 14:43:28 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 14:43:28 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 14:43:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 14:43:28 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 14:43:28 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 14:42:52 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-12 09:23:12 ----D---- C:\Windows\pss
2014-08-12 09:05:17 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-08-12 09:04:39 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wups2.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wucltux.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wups.dll
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wudriver.dll
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wuapi.dll
2014-08-01 10:53:27 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-01 10:53:27 ----A---- C:\Windows\system32\wuapp.exe
2014-07-30 09:40:33 ----D---- C:\Program Files\Mozilla Firefox
2014-07-17 10:34:52 ----A---- C:\Windows\system32\drivers\hcmon.sys
2014-07-17 10:31:30 ----D---- C:\Program Files\Common Files\VMware

======List of files/folders modified in the last 1 month======

2014-08-15 11:27:59 ----RD---- C:\Users
2014-08-15 11:26:36 ----D---- C:\Windows
2014-08-15 11:18:03 ----D---- C:\Windows\system32\config
2014-08-15 11:16:42 ----A---- C:\Windows\system32\log.txt
2014-08-15 11:15:05 ----D---- C:\Windows\system32\catroot2
2014-08-15 11:13:12 ----SHD---- C:\System Volume Information
2014-08-15 11:03:16 ----RD---- C:\Program Files
2014-08-15 11:03:16 ----HD---- C:\ProgramData
2014-08-15 11:03:16 ----D---- C:\Windows\system32\Tasks
2014-08-15 10:25:06 ----D---- C:\Windows\system32\drivers\etc
2014-08-15 10:19:29 ----D---- C:\Windows\System32
2014-08-15 09:07:38 ----D---- C:\ProgramData\Oracle
2014-08-15 09:07:24 ----SHD---- C:\Windows\Installer
2014-08-15 09:07:24 ----D---- C:\Program Files\Common Files
2014-08-15 09:06:13 ----D---- C:\Windows\Microsoft.NET
2014-08-15 09:06:10 ----RSD---- C:\Windows\assembly
2014-08-15 09:02:46 ----D---- C:\Windows\winsxs
2014-08-15 09:01:52 ----D---- C:\Windows\Prefetch
2014-08-15 08:59:47 ----D---- C:\Windows\system32\drivers
2014-08-15 08:58:32 ----D---- C:\Windows\ehome
2014-08-15 08:58:31 ----D---- C:\Windows\system32\cs-CZ
2014-08-15 08:58:29 ----D---- C:\Windows\system32\migration
2014-08-15 08:58:28 ----D---- C:\Program Files\Internet Explorer
2014-08-15 08:58:22 ----RSD---- C:\Windows\Fonts
2014-08-15 08:29:46 ----D---- C:\ProgramData\Microsoft Help
2014-08-15 08:24:34 ----D---- C:\Windows\system32\catroot
2014-08-14 21:02:39 ----D---- C:\Windows\inf
2014-08-14 21:02:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-12 15:29:40 ----D---- C:\Windows\Tasks
2014-08-12 09:05:36 ----D---- C:\ProgramData\Malwarebytes
2014-08-11 09:18:26 ----D---- C:\Users\mfanta\AppData\Roaming\VMware
2014-08-02 17:49:04 ----D---- C:\Windows\rescache
2014-08-01 10:46:18 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-07-25 15:53:50 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-25 12:45:30 ----D---- C:\Program Files\Java
2014-07-17 10:34:49 ----D---- C:\Windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 17648]
R0 SymDS;Symantec Data Store; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMDS.SYS [2011-07-16 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMEFA.SYS [2011-08-27 758904]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20140801.011\BHDrvx86.sys [2014-05-10 1101616]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-06-12 377648]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20140813.001\IDSvix86.sys [2014-05-13 395992]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2008-03-17 19584]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSP.SYS [2011-09-27 522872]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSPX.SYS [2011-09-27 31864]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\Ironx86.SYS [2011-09-13 137336]
R1 SYMNETS;Symantec Network Security WFP Driver; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMNETS.SYS [2011-09-08 299640]
R1 SysPlant;SysPlant for NT; C:\Windows\system32\Drivers\SysPlant.sys [2012-05-29 90032]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2008-06-19 306299]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-08-17 41936]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-04-18 36600]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 43888]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-04-05 295032]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2011-02-08 349736]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2011-01-15 18496]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-01-15 4248128]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 144576]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-03-29 125328]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-06-12 109872]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-01-23 77696]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-06-10 10788352]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 269824]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20140814.025\NAVENG.SYS [2014-07-01 93272]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20140814.025\NAVEX15.SYS [2014-07-01 1612376]
R3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\DRIVERS\O2MDRw7.sys [2011-01-05 62440]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7.sys [2011-03-23 63976]
R3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-07-19 13312]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2011-01-25 435200]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2012-05-29 127096]
S0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BIFLAK;BIFLAK; \??\C:\PcScan\biflak.sys []
S3 Blfp;Broadcom Advanced Server Program Driver; C:\Windows\system32\DRIVERS\basp.sys [2010-09-03 88064]
S3 bmdrvr;Modified Clusters Tracking Driver; C:\Windows\system32\drivers\bmdrvr.sys [2013-08-28 54992]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-09-02 302120]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-09-02 93224]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2011-09-02 114728]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-02 33832]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-09-02 18728]
S3 CtAudDrv;Provides advanced audio effects for audio devices.; \??\C:\Windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 11904]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-02 57800]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-02 72520]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2010-10-08 25856]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2013-01-25 97408]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2013-01-23 27776]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2013-02-17 207360]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2013-01-23 199296]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-27 132480]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-12-30 94336]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7.sys [2011-01-04 60904]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RegFltrX86;RegFltrX86; \??\C:\Users\mfanta\AppData\Local\DriverRegisterRepository\RegFltrX86.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SyDvCtrl;SyDvCtrl; \??\C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\SyDvCtrl32.sys [2011-10-30 23984]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-07-01 26624]
S3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2011-08-19 26112]
S3 testousbser;testousbser; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2012-05-30 23600]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-11 120088]
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BrcmMgmtAgent;Broadcom Management Agent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-06-29 127488]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-02-08 660768]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2008-06-19 1528608]
R2 HWDeviceService.exe;HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 375056]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-04 325656]
R2 MSSQL$SQLEXP_VIM;SQL Server (SQLEXP_VIM); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 MSSQL$SQLLANSWEEPER2K8;SQL Server (SQLLANSWEEPER2K8); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe [2010-09-17 42773336]
R2 O2FLASH;O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [2010-02-11 72296]
R2 SepMasterService;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe [2011-09-20 137224]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2010-11-20 47616]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-09-17 97624]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-25 274514]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 553288]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe [2011-10-30 1667328]
S2 4b68701ac8b0fdf.exe;4b68701ac8b0fdf.exe; C:\Users\pjilkova\AppData\Local\ba2dfbae47fa6de193fd14ab536de8f4\4b68701ac8b0fdf.exe []
S2 8bfc24a7a4df867.exe;8bfc24a7a4df867.exe; C:\Users\pjilkova\AppData\Local\362f8d3c6858f265b69ae053f3d966a1\8bfc24a7a4df867.exe []
S2 DriverRegisterRepository.exe;DriverRegisterRepository.exe; C:\Users\mfanta\AppData\Local\DriverRegisterRepository\DriverRegisterRepository.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-08 136176]
S2 LogMotionSyntax.exe;LogMotionSyntax.exe; C:\Users\mfanta\AppData\Local\LogMotionSyntax\LogMotionSyntax.exe []
S2 MagikSrv;MagikSrv; C:\Program files\MagikSrv\MagikSrv.exe [2011-11-06 193112]
S2 MSSQL$MAGIKINFO;SQL Server (MAGIKINFO); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S2 O2 Internet. RunOuc;O2 Internet. OUC; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [2012-11-12 657504]
S2 O2SDIOAssist;O2SDIOAssist; c:\Windows\system32\srvany.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-08 136176]
S3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-06-23 1889616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\snac.exe [2011-10-30 280496]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-09-19 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLAgent$SQLLANSWEEPER2K8;SQL Server Agent (SQLLANSWEEPER2K8); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 370008]

-----------------EOF-----------------


FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-08-2014
Ran by mfanta (administrator) on JILKOVA-NTB on 15-08-2014 11:26:52
Running from D:\Instal\AntiVir portable
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\Services\IPT\jhi_service.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
() C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Dell) C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\PdaNet for Android\PdaNetPC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\SymCorpUI.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\SmcGui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\SEP: C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll [X]
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll [X]
HKU\.DEFAULT\...\Run: [Samsung.PCSync] => C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe [1294336 2009-06-04] (Nokia)
HKU\S-1-5-21-2403438089-738067901-2572150994-1173\...\Run: [] => [X]
HKU\S-1-5-21-2403438089-738067901-2572150994-1173\...\Run: [DellSystemDetect] => C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [254976 2014-05-23] (Dell)
HKU\S-1-5-21-2403438089-738067901-2572150994-1173\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKU\S-1-5-21-2403438089-738067901-2572150994-1173\...\MountPoints2: {a6983e5c-6942-11e3-b62f-d45593646d84} - E:\AutoRun.exe
HKU\S-1-5-21-2403438089-738067901-2572150994-1173\...\MountPoints2: {a6983e7e-6942-11e3-b62f-d45593646d84} - E:\AutoRun.exe
HKU\S-1-5-21-2403438089-738067901-2572150994-1173\...\MountPoints2: {d1b54d89-8ae5-11e2-b11f-d067e536d0c9} - E:\AutoRun.exe
HKU\S-1-5-21-2403438089-738067901-2572150994-1173\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2403438089-738067901-2572150994-1173\...A8F59079A8D5}\localserver32: <==== ATTENTION!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\mfanta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\mfanta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files\PdaNet for Android\PdaNetPC.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\bin\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {7340F0E4-AEDA-47C6-8971-9DB314030BD7} http://192.168.74.6/activex/decoder/h264_dec.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://192.168.140.6/activex/AMC.cab
DPF: {EA80AD01-A12C-4699-894C-5A87F929608A} http://88.103.127.198:8888/WebCamX.cab
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{3C695A7D-AEA8-426B-98FD-5FFBF6C692AB}: [NameServer]160.218.161.60 194.228.211.33

FireFox:
========
FF ProfilePath: C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nplansweepershellexec.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: LanSweeper Shellexec plugin - C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default\Extensions\lansweeperplugin@lansweeper.com [2012-03-22]
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default\Extensions\LogMeInClient@logmein.com [2014-06-13]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\IPSFF [2013-10-04]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\mfanta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-10]
CHR Extension: (Google Drive) - C:\Users\mfanta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-10]
CHR Extension: (YouTube) - C:\Users\mfanta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-10]
CHR Extension: (Google Search) - C:\Users\mfanta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-10]
CHR Extension: (Google Wallet) - C:\Users\mfanta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-10]
CHR Extension: (Gmail) - C:\Users\mfanta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-10]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [127488 2010-06-29] (Broadcom Corporation) [File not signed]
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-06-19] (Cisco Systems, Inc.)
S3 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1889616 2014-06-23] (LogMeIn Inc.)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 jhi_service; C:\Program Files\Intel\Services\IPT\jhi_service.exe [212944 2011-02-24] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-15] (LogMeIn, Inc.)
S2 MagikSrv; C:\Program files\MagikSrv\MagikSrv.exe [193112 2011-11-06] (ADVANteach s.r.o.)
S2 MSSQL$MAGIKINFO; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
R2 MSSQL$SQLEXP_VIM; C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
R2 MSSQL$SQLLANSWEEPER2K8; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe [42773336 2010-09-17] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
S2 O2 Internet. RunOuc; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72296 2010-02-11] (O2Micro International)
R2 SepMasterService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe [137224 2011-09-20] (Symantec Corporation)
R3 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe [1667328 2011-10-30] (Symantec Corporation)
S3 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\snac.exe [280496 2011-10-30] (Symantec Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
S4 SQLAgent$SQLLANSWEEPER2K8; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE [370008 2010-09-17] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [274514 2011-01-25] (IDT, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [715344 2013-08-17] (VMware, Inc.)
R2 vmware-converter-agent; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479960 2014-06-10] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960 2014-06-10] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960 2014-06-10] (VMware, Inc.)
S3 wampapache; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [10959360 2014-05-01] () [File not signed]
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5210112 2011-01-15] (Dell Inc.) [File not signed]
S2 4b68701ac8b0fdf.exe; C:\Users\pjilkova\AppData\Local\ba2dfbae47fa6de193fd14ab536de8f4\4b68701ac8b0fdf.exe [X]
S2 8bfc24a7a4df867.exe; C:\Users\pjilkova\AppData\Local\362f8d3c6858f265b69ae053f3d966a1\8bfc24a7a4df867.exe [X]
S2 DriverRegisterRepository.exe; C:\Users\mfanta\AppData\Local\DriverRegisterRepository\DriverRegisterRepository.exe [X]
S2 LogMotionSyntax.exe; C:\Users\mfanta\AppData\Local\LogMotionSyntax\LogMotionSyntax.exe [X]
S2 O2SDIOAssist; c:\Windows\system32\srvany.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Acceler; C:\Windows\System32\DRIVERS\Accelern.sys [43888 2010-12-13] (ST Microelectronics)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2011-01-15] (Broadcom Corporation)
R1 BHDrvx86; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20140801.011\BHDrvx86.sys [1101616 2014-05-10] (Symantec Corporation)
S3 Blfp; C:\Windows\System32\DRIVERS\basp.sys [88064 2010-09-03] (Broadcom Corporation)
S3 bmdrvr; C:\Windows\System32\drivers\bmdrvr.sys [54992 2013-08-28] (VMware, Inc.)
S3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [302120 2011-09-02] (Broadcom Corporation.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306299 2008-06-19] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-06-12] (Symantec Corporation)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [57800 2010-07-02] (FTDI Ltd.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41936 2013-08-17] (VMware, Inc.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [25856 2010-10-08] (Huawei Tech. Co., Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [97408 2013-01-25] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27776 2013-01-23] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [207360 2013-02-17] (Huawei Technologies Co., Ltd.)
R1 IDSVix86; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20140813.001\IDSvix86.sys [395992 2014-05-13] (Symantec Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [94336 2012-12-30] (ITE )
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-20] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20140814.025\NAVENG.SYS [93272 2014-07-01] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20140814.025\NAVEX15.SYS [1612376 2014-07-01] (Symantec Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] () [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
S3 O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7.sys [60904 2011-01-04] (O2Micro )
R3 O2MDRRDR; C:\Windows\System32\DRIVERS\O2MDRw7.sys [62440 2011-01-05] (O2Micro )
R3 O2SDJRDR; C:\Windows\System32\DRIVERS\o2sdjw7.sys [63976 2011-03-23] (O2Micro )
R3 pneteth; C:\Windows\System32\DRIVERS\pneteth.sys [13312 2011-07-19] (June Fabrics Technology Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSP.SYS [522872 2011-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSPX.SYS [31864 2011-09-27] (Symantec Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17648 2010-08-20] (ST Microelectronics)
S3 SyDvCtrl; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\SyDvCtrl32.sys [23984 2011-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x86\SYMDS.SYS [340088 2011-07-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x86\SYMEFA.SYS [758904 2011-08-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2012-05-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x86\Ironx86.SYS [137336 2011-09-13] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x86\SYMNETS.SYS [299640 2011-09-08] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [90032 2012-05-29] (Symantec Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-07-01] (The OpenVPN Project)
S3 testousbser; C:\Windows\System32\DRIVERS\usbser.sys [28160 2013-08-29] (Microsoft Corporation)
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [23600 2012-05-30] (EnTech Taiwan) [File not signed]
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2013-08-17] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-08-28] (VMware, Inc.)
S3 BIFLAK; \??\C:\PcScan\biflak.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U3 hasplms;
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S0 PBADRV; system32\DRIVERS\PBADRV.sys [X]
S3 RegFltrX86; \??\C:\Users\mfanta\AppData\Local\DriverRegisterRepository\RegFltrX86.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-15 11:26 - 2014-08-15 11:26 - 00000000 ____D () C:\FRST
2014-08-15 11:23 - 2014-08-15 11:25 - 00029696 _____ () C:\Users\mfanta\AppData\Local\MSGBOX.EXE
2014-08-15 11:15 - 2014-08-15 11:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
2014-08-15 11:11 - 2014-08-15 10:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-08-15 10:24 - 2014-08-15 11:14 - 00019405 _____ () C:\zoek-results.log
2014-08-15 10:19 - 2014-08-15 11:07 - 00000000 ____D () C:\zoek_backup
2014-08-15 10:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-15 10:06 - 2014-08-15 10:11 - 00000000 ____D () C:\AdwCleaner
2014-08-15 10:04 - 2014-08-15 10:04 - 00002080 _____ () C:\Users\mfanta\Desktop\JRT.txt
2014-08-15 09:51 - 2014-08-15 09:51 - 00000000 ____D () C:\Windows\ERUNT
2014-08-15 09:43 - 2014-08-15 09:43 - 00000000 ____D () C:\rsit
2014-08-15 09:43 - 2014-08-15 09:43 - 00000000 ____D () C:\Program Files\trend micro
2014-08-15 09:08 - 2014-08-15 09:08 - 00000000 ____D () C:\Users\mfanta\AppData\Roaming\Oracle
2014-08-15 09:07 - 2014-08-15 09:07 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-15 09:07 - 2014-08-15 09:06 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-15 09:06 - 2014-08-15 09:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-15 09:06 - 2014-08-15 09:06 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-15 09:06 - 2014-08-15 09:06 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-15 09:06 - 2014-08-15 09:06 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-15 08:26 - 2014-08-15 08:26 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-15 08:26 - 2014-08-15 08:26 - 00001069 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-15 08:26 - 2014-08-15 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-15 08:26 - 2014-08-15 08:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-15 08:26 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-15 08:26 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-15 08:23 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 08:23 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 08:23 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 08:23 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 14:43 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 14:43 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 14:43 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 14:43 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 14:43 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 14:43 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 14:43 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 14:43 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 14:43 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 14:43 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 14:43 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 14:43 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 14:43 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 14:43 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 14:43 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 14:43 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 14:43 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 14:43 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 14:43 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 14:43 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 14:43 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 14:43 - 2014-07-16 04:47 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 14:43 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 14:43 - 2014-07-16 03:47 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 14:43 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 14:43 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 14:43 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-14 14:43 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 14:43 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 14:43 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 14:43 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 14:43 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 14:42 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 14:42 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 14:42 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 14:42 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 14:42 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 14:42 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 14:42 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-12 10:02 - 2014-08-12 10:02 - 00000600 _____ () C:\Users\mfanta\AppData\Roaming\winscp.rnd
2014-08-12 09:23 - 2014-08-12 09:23 - 00000000 ____D () C:\Windows\pss
2014-08-12 09:05 - 2014-08-15 08:28 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-12 09:04 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 10:53 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 10:53 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 10:53 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 10:53 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 10:53 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 10:53 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 10:53 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 10:53 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 10:53 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-30 09:40 - 2014-07-30 09:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-25 13:32 - 2014-07-25 13:32 - 00000000 ____D () C:\Users\mfanta\AppData\Local\CheckCode
2014-07-17 10:34 - 2014-07-17 10:34 - 00002407 _____ () C:\Users\Public\Desktop\VMware vSphere Client.lnk
2014-07-17 10:34 - 2014-07-17 10:34 - 00002407 _____ () C:\ProgramData\Desktop\VMware vSphere Client.lnk
2014-07-17 10:34 - 2013-08-17 08:03 - 00041936 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2014-07-17 10:31 - 2014-07-17 10:31 - 00000000 ____D () C:\Program Files\Common Files\VMware

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-15 11:26 - 2014-08-15 11:26 - 00000000 ____D () C:\FRST
2014-08-15 11:25 - 2014-08-15 11:23 - 00029696 _____ () C:\Users\mfanta\AppData\Local\MSGBOX.EXE
2014-08-15 11:21 - 2009-07-14 06:34 - 00021312 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-15 11:21 - 2009-07-14 06:34 - 00021312 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-15 11:18 - 2014-01-28 20:00 - 00000000 ____D () C:\Users\mfanta\AppData\Local\LogMeIn Hamachi
2014-08-15 11:18 - 2011-09-02 22:48 - 01489114 _____ () C:\Windows\WindowsUpdate.log
2014-08-15 11:15 - 2014-08-15 11:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
2014-08-15 11:14 - 2014-08-15 10:24 - 00019405 _____ () C:\zoek-results.log
2014-08-15 11:14 - 2012-06-28 07:28 - 00142724 _____ () C:\Windows\error.log
2014-08-15 11:14 - 2012-03-08 15:06 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-15 11:14 - 2011-09-12 15:13 - 00000112 _____ () C:\Windows\system32\config\netlogon.ftl
2014-08-15 11:14 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-15 11:13 - 2013-05-23 21:07 - 00157248 _____ () C:\Windows\PFRO.log
2014-08-15 11:13 - 2012-06-28 07:28 - 00132491 _____ () C:\Windows\setupact.log
2014-08-15 11:13 - 2012-06-28 07:28 - 00031158 _____ () C:\Windows\errord.log
2014-08-15 11:07 - 2014-08-15 10:19 - 00000000 ____D () C:\zoek_backup
2014-08-15 10:46 - 2012-04-05 07:34 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-15 10:19 - 2014-08-15 11:11 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-08-15 10:13 - 2012-03-08 15:06 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-15 10:12 - 2009-07-14 06:33 - 00341048 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-15 10:11 - 2014-08-15 10:06 - 00000000 ____D () C:\AdwCleaner
2014-08-15 10:04 - 2014-08-15 10:04 - 00002080 _____ () C:\Users\mfanta\Desktop\JRT.txt
2014-08-15 09:51 - 2014-08-15 09:51 - 00000000 ____D () C:\Windows\ERUNT
2014-08-15 09:43 - 2014-08-15 09:43 - 00000000 ____D () C:\rsit
2014-08-15 09:43 - 2014-08-15 09:43 - 00000000 ____D () C:\Program Files\trend micro
2014-08-15 09:19 - 2011-12-28 11:44 - 00007630 _____ () C:\Users\mfanta\AppData\Local\Resmon.ResmonCfg
2014-08-15 09:08 - 2014-08-15 09:08 - 00000000 ____D () C:\Users\mfanta\AppData\Roaming\Oracle
2014-08-15 09:07 - 2014-08-15 09:07 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-15 09:07 - 2014-08-15 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-15 09:07 - 2014-05-15 09:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-15 09:06 - 2014-08-15 09:07 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-15 09:06 - 2014-08-15 09:06 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-15 09:06 - 2014-08-15 09:06 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-15 09:06 - 2014-08-15 09:06 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-08-15 09:06 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-15 08:29 - 2011-09-12 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 08:28 - 2014-08-12 09:05 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 08:26 - 2014-08-15 08:26 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-15 08:26 - 2014-08-15 08:26 - 00001069 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-15 08:26 - 2014-08-15 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-15 08:26 - 2014-08-15 08:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-14 21:02 - 2010-11-20 23:01 - 02048718 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-13 14:47 - 2011-09-19 11:20 - 00000600 _____ () C:\Users\mfanta\PUTTY.RND
2014-08-12 10:02 - 2014-08-12 10:02 - 00000600 _____ () C:\Users\mfanta\AppData\Roaming\winscp.rnd
2014-08-12 09:23 - 2014-08-12 09:23 - 00000000 ____D () C:\Windows\pss
2014-08-12 09:18 - 2014-06-05 06:43 - 00000000 ____D () C:\Users\pjilkova\AppData\Local\5c780fa3b5ff9decf22c2f3aac15e727
2014-08-12 09:05 - 2014-07-01 11:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-11 09:18 - 2011-11-04 15:50 - 00000000 ____D () C:\Users\mfanta\AppData\Roaming\VMware
2014-08-02 17:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-08-01 10:46 - 2012-05-02 12:35 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-30 09:40 - 2014-07-30 09:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-25 15:53 - 2011-09-02 23:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 13:32 - 2014-07-25 13:32 - 00000000 ____D () C:\Users\mfanta\AppData\Local\CheckCode
2014-07-25 12:45 - 2012-02-27 09:18 - 00000000 ____D () C:\Program Files\Java
2014-07-25 08:21 - 2011-09-02 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 20:07 - 2014-08-14 14:43 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 19:58 - 2014-08-14 14:43 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 19:57 - 2014-08-14 14:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 19:52 - 2014-08-14 14:43 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 19:51 - 2014-08-14 14:43 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 19:51 - 2014-08-14 14:43 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 19:50 - 2014-08-14 14:43 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 19:50 - 2014-08-14 14:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 19:49 - 2014-08-14 14:43 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 19:49 - 2014-08-14 14:43 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 19:49 - 2014-08-14 14:43 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 19:49 - 2014-08-14 14:43 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 19:49 - 2014-08-14 14:43 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 19:48 - 2014-08-14 14:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 19:48 - 2014-08-14 14:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 19:48 - 2014-08-14 14:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 19:48 - 2014-08-14 14:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 19:48 - 2014-08-14 14:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-14 14:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 19:48 - 2014-08-14 14:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 19:47 - 2014-08-14 14:43 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-17 10:34 - 2014-07-17 10:34 - 00002407 _____ () C:\Users\Public\Desktop\VMware vSphere Client.lnk
2014-07-17 10:34 - 2014-07-17 10:34 - 00002407 _____ () C:\ProgramData\Desktop\VMware vSphere Client.lnk
2014-07-17 10:34 - 2014-06-27 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2014-07-17 10:31 - 2014-07-17 10:31 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-07-16 04:47 - 2014-08-14 14:43 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-16 04:46 - 2014-08-14 14:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-16 03:47 - 2014-08-14 14:43 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-07 08:29

==================== End Of Log ============================


DDÍÍÍÍÍK
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119428
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Díky za kontrolu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
vollf
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 15 srp 2014 10:30

Re: Díky za kontrolu

#3 Příspěvek od vollf »

Tak log tady. Promiň že tak pozdě, byl jsem teď pár dní mimo.

Kód: Vybrat vše

# AdwCleaner v3.307 - Report created 20/08/2014 at 09:28:00
# Updated 17/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : mfanta - JILKOVA-NTB
# Running from : D:\Instal\AntiVir portable\adwcleaner_3.307.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\fanta\AppData\Roaming\Mozilla\Firefox\Profiles\8xy3kgko.default\prefs.js ]


[ File : C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default\prefs.js ]


-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\mfanta\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3535 octets] - [15/08/2014 10:06:45]
AdwCleaner[R1].txt - [1288 octets] - [20/08/2014 09:26:25]
AdwCleaner[S0].txt - [3660 octets] - [15/08/2014 10:10:57]
AdwCleaner[S1].txt - [1211 octets] - [20/08/2014 09:28:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1271 octets] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119428
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Díky za kontrolu

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
vollf
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 15 srp 2014 10:30

Re: Díky za kontrolu

#5 Příspěvek od vollf »

Logfile of random's system information tool 1.10 (written by random/random)
Run by mfanta at 2014-08-22 08:41:51
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 33 GB (33%) free of 102 GB
Total RAM: 3241 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:42:01, on 22.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\PdaNet for Android\PdaNetPC.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe
C:\Program Files\Java\jre7\bin\jp2launcher.exe
D:\Instal\AntiVir portable\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\mfanta.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
O4 - HKLM\..\Run: [FreeFallProtection] C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Samsung.PCSync] "C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Samsung.PCSync] "C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Microsoft Outlook 2010.lnk = ?
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O15 - Trusted Zone: http://www.evropa2.cz
O16 - DPF: {7340F0E4-AEDA-47C6-8971-9DB314030BD7} (CAxH264Dec Class) - http://192.168.74.6/activex/decoder/h264_dec.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://192.168.140.6/activex/AMC.cab
O16 - DPF: {EA80AD01-A12C-4699-894C-5A87F929608A} (WebCamX Control) - http://88.103.127.198:8888/WebCamX.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pmu.local
O17 - HKLM\Software\..\Telephony: DomainName = pmu.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C695A7D-AEA8-426B-98FD-5FFBF6C692AB}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pmu.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = pmu.local
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SEP - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll (file missing)
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: 4b68701ac8b0fdf.exe - Unknown owner - C:\Users\pjilkova\AppData\Local\ba2dfbae47fa6de193fd14ab536de8f4\4b68701ac8b0fdf.exe (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: 8bfc24a7a4df867.exe - Unknown owner - C:\Users\pjilkova\AppData\Local\362f8d3c6858f265b69ae053f3d966a1\8bfc24a7a4df867.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DriverRegisterRepository.exe - Unknown owner - C:\Users\mfanta\AppData\Local\DriverRegisterRepository\DriverRegisterRepository.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Services\IPT\jhi_service.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMotionSyntax.exe - Unknown owner - C:\Users\mfanta\AppData\Local\LogMotionSyntax\LogMotionSyntax.exe (file missing)
O23 - Service: MagikSrv - ADVANteach s.r.o. - C:\Program files\MagikSrv\MagikSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Program Files\O2 Internet\UpdateDog\ouc.exe
O23 - Service: O2FLASH - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: O2SDIOAssist - Unknown owner - c:\Windows\system32\srvany.exe (file missing)
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\snac.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware vCenter Converter Standalone Agent (vmware-converter-agent) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
O23 - Service: VMware vCenter Converter Standalone Server (vmware-converter-server) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: VMware vCenter Converter Standalone Worker (vmware-converter-worker) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

--
End of file - 14516 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\restart_new.job - \\servermu\Public\9MU_IT\restart.bat

=========Mozilla firefox=========

ProfilePath - C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "file:///D:/Stranka_nemazat/katacz.htm"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\IPSFF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=5.1.0.00000]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=5.5.0.00000]
"Description"=VMware VMRC Browser Plugin
"Path"=C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nplansweepershellexec.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default\extensions\
lansweeperplugin@lansweeper.com
LogMeInClient@logmein.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\bin\IPS\IPSBHO.DLL [2011-09-17 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-15 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-04-05 501104]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2011-01-25 536668]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-28 142616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-28 177432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-28 176408]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2011-01-15 5955072]
"FreeFallProtection"=C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2011-04-22 686704]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-03-12 462993]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2010-04-29 50472]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2014-01-17 421888]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-06-23 3816272]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-05-26 152392]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
""= []
"DellSystemDetect"=C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [2014-05-23 254976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2012-02-20 1666560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\mfanta\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
C:\Windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2013-11-28 6144]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

C:\Users\mfanta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
PdaNet Desktop.lnk - C:\Program Files\PdaNet for Android\PdaNetPC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-10 293888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SEP]
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-08 115440]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SepMasterService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRecentDocsNetHood"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-20 08:54:59 ----A---- C:\Windows\system32\urlmon.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-20 08:54:59 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-20 08:54:59 ----A---- C:\Windows\system32\iernonce.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-20 08:54:59 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\vbscript.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\msrating.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\iesetup.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-20 08:54:57 ----A---- C:\Windows\system32\wininet.dll
2014-08-20 08:54:57 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-20 08:54:57 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-20 08:54:56 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-20 08:54:56 ----A---- C:\Windows\system32\ieui.dll
2014-08-20 08:54:56 ----A---- C:\Windows\system32\ieframe.dll
2014-08-20 08:54:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-20 08:54:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-20 08:54:55 ----A---- C:\Windows\system32\iertutil.dll
2014-08-20 08:54:54 ----A---- C:\Windows\system32\mshtml.dll
2014-08-20 08:54:54 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-20 08:54:54 ----A---- C:\Windows\system32\jscript9.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\wextract.exe
2014-08-19 06:19:02 ----A---- C:\Windows\system32\webcheck.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\url.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 06:19:02 ----A---- C:\Windows\system32\occache.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\msls31.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\licmgr10.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\jsIntl.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\inseng.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\iexpress.exe
2014-08-19 06:19:02 ----A---- C:\Windows\system32\ieapfltr.dat
2014-08-19 06:19:02 ----A---- C:\Windows\system32\icardie.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\elshyph.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 06:19:01 ----A---- C:\Windows\system32\pngfilt.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\mshtmler.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\mshta.exe
2014-08-19 06:19:01 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-19 06:19:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\jscript.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\imgutil.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\iesysprep.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\iepeers.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-08-15 11:59:12 ----D---- C:\Avenger
2014-08-15 11:59:12 ----A---- C:\avenger.txt
2014-08-15 11:26:33 ----D---- C:\FRST
2014-08-15 11:15:01 ----SHD---- C:\$RECYCLE.BIN
2014-08-15 11:11:58 ----A---- C:\Windows\zoek-delete.exe
2014-08-15 11:11:55 ----D---- C:\Windows\Temp
2014-08-15 10:19:27 ----D---- C:\zoek_backup
2014-08-15 10:07:36 ----A---- C:\Windows\system32\sqlite3.dll
2014-08-15 10:06:24 ----D---- C:\AdwCleaner
2014-08-15 09:51:15 ----D---- C:\Windows\ERUNT
2014-08-15 09:43:14 ----D---- C:\Program Files\trend micro
2014-08-15 09:43:13 ----D---- C:\rsit
2014-08-15 09:08:20 ----D---- C:\Users\mfanta\AppData\Roaming\Oracle
2014-08-15 09:07:24 ----D---- C:\Program Files\Common Files\Java
2014-08-15 09:07:06 ----A---- C:\Windows\system32\javaws.exe
2014-08-15 09:06:55 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-08-15 09:06:55 ----A---- C:\Windows\system32\javaw.exe
2014-08-15 09:06:55 ----A---- C:\Windows\system32\java.exe
2014-08-15 08:26:48 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-15 08:26:48 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-08-15 08:26:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-08-15 08:23:30 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-15 08:23:26 ----A---- C:\Windows\system32\icardres.dll
2014-08-15 08:23:23 ----A---- C:\Windows\system32\icardagt.exe
2014-08-15 08:23:22 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 14:43:42 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 14:43:41 ----A---- C:\Windows\system32\win32k.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 14:43:41 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\cdd.dll
2014-08-14 14:43:40 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\msi.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\consent.exe
2014-08-14 14:43:34 ----A---- C:\Windows\system32\authui.dll
2014-08-14 14:42:52 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-12 09:23:12 ----D---- C:\Windows\pss
2014-08-12 09:05:17 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-08-12 09:04:39 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wups2.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wucltux.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wups.dll
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wudriver.dll
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wuapi.dll
2014-08-01 10:53:27 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-01 10:53:27 ----A---- C:\Windows\system32\wuapp.exe
2014-07-30 09:40:33 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-08-22 08:24:30 ----D---- C:\Windows\system32\config
2014-08-22 08:11:29 ----A---- C:\Windows\system32\log.txt
2014-08-22 08:06:38 ----SHD---- C:\System Volume Information
2014-08-21 11:48:56 ----D---- C:\Windows\Prefetch
2014-08-20 14:26:36 ----D---- C:\Users\mfanta\AppData\Roaming\VMware
2014-08-20 12:00:52 ----D---- C:\Windows\rescache
2014-08-20 09:32:58 ----D---- C:\Windows\winsxs
2014-08-20 09:28:24 ----D---- C:\Windows\system32\cs-CZ
2014-08-20 09:28:24 ----D---- C:\Windows\PolicyDefinitions
2014-08-20 09:28:23 ----D---- C:\Windows\system32\en-US
2014-08-20 09:28:23 ----D---- C:\Windows\System32
2014-08-20 09:28:22 ----D---- C:\Program Files\Internet Explorer
2014-08-20 08:56:22 ----D---- C:\Windows\system32\catroot
2014-08-20 08:56:21 ----D---- C:\Windows\system32\catroot2
2014-08-19 09:49:08 ----D---- C:\Windows\inf
2014-08-19 09:49:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-19 08:40:40 ----D---- C:\Users\mfanta\AppData\Roaming\Download Manager
2014-08-19 06:27:55 ----D---- C:\Windows\panther
2014-08-19 06:23:24 ----D---- C:\Windows\system32\migration
2014-08-19 06:21:35 ----D---- C:\Windows\Logs
2014-08-19 06:17:01 ----D---- C:\Windows
2014-08-15 13:45:13 ----D---- C:\Windows\Microsoft.NET
2014-08-15 13:40:53 ----RD---- C:\Users
2014-08-15 13:04:49 ----RSD---- C:\Windows\assembly
2014-08-15 11:59:12 ----D---- C:\Windows\system32\drivers
2014-08-15 11:03:16 ----RD---- C:\Program Files
2014-08-15 11:03:16 ----HD---- C:\ProgramData
2014-08-15 11:03:16 ----D---- C:\Windows\system32\Tasks
2014-08-15 10:25:06 ----D---- C:\Windows\system32\drivers\etc
2014-08-15 09:07:38 ----D---- C:\ProgramData\Oracle
2014-08-15 09:07:24 ----SHD---- C:\Windows\Installer
2014-08-15 09:07:24 ----D---- C:\Program Files\Common Files
2014-08-15 08:58:32 ----D---- C:\Windows\ehome
2014-08-15 08:58:22 ----RSD---- C:\Windows\Fonts
2014-08-15 08:29:46 ----D---- C:\ProgramData\Microsoft Help
2014-08-12 15:29:40 ----D---- C:\Windows\Tasks
2014-08-12 09:05:36 ----D---- C:\ProgramData\Malwarebytes
2014-08-01 10:46:18 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-07-25 15:53:50 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-25 12:45:30 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 17648]
R0 SymDS;Symantec Data Store; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMDS.SYS [2011-07-16 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMEFA.SYS [2011-08-27 758904]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20140801.011\BHDrvx86.sys [2014-05-10 1101616]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-06-12 377648]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20140819.001\IDSvix86.sys [2014-05-13 395992]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2008-03-17 19584]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSP.SYS [2011-09-27 522872]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSPX.SYS [2011-09-27 31864]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\Ironx86.SYS [2011-09-13 137336]
R1 SYMNETS;Symantec Network Security WFP Driver; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMNETS.SYS [2011-09-08 299640]
R1 SysPlant;SysPlant for NT; C:\Windows\system32\Drivers\SysPlant.sys [2012-05-29 90032]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2008-06-19 306299]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-08-17 41936]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-04-18 36600]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 43888]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-04-05 295032]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2011-02-08 349736]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2011-01-15 18496]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-01-15 4248128]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 144576]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-03-29 125328]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-06-12 109872]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-01-23 77696]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-06-10 10788352]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 269824]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20140819.033\NAVENG.SYS [2014-07-01 93272]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20140819.033\NAVEX15.SYS [2014-07-01 1612376]
R3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\DRIVERS\O2MDRw7.sys [2011-01-05 62440]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7.sys [2011-03-23 63976]
R3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-07-19 13312]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2011-01-25 435200]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2012-05-29 127096]
S0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BIFLAK;BIFLAK; \??\C:\PcScan\biflak.sys []
S3 Blfp;Broadcom Advanced Server Program Driver; C:\Windows\system32\DRIVERS\basp.sys [2010-09-03 88064]
S3 bmdrvr;Modified Clusters Tracking Driver; C:\Windows\system32\drivers\bmdrvr.sys [2013-08-28 54992]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-09-02 302120]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-09-02 93224]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2011-09-02 114728]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-02 33832]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-09-02 18728]
S3 CtAudDrv;Provides advanced audio effects for audio devices.; \??\C:\Windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 11904]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-02 57800]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-02 72520]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2010-10-08 25856]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2013-01-25 97408]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2013-01-23 27776]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2013-02-17 207360]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2013-01-23 199296]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-27 132480]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-12-30 94336]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7.sys [2011-01-04 60904]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RegFltrX86;RegFltrX86; \??\C:\Users\mfanta\AppData\Local\DriverRegisterRepository\RegFltrX86.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SyDvCtrl;SyDvCtrl; \??\C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\SyDvCtrl32.sys [2011-10-30 23984]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-07-01 26624]
S3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2011-08-19 26112]
S3 testousbser;testousbser; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2012-05-30 23600]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-11 120088]
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BrcmMgmtAgent;Broadcom Management Agent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-06-29 127488]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-02-08 660768]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2008-06-19 1528608]
R2 HWDeviceService.exe;HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 375056]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-04 325656]
R2 MSSQL$SQLEXP_VIM;SQL Server (SQLEXP_VIM); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 MSSQL$SQLLANSWEEPER2K8;SQL Server (SQLLANSWEEPER2K8); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe [2010-09-17 42773336]
R2 O2FLASH;O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [2010-02-11 72296]
R2 SepMasterService;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe [2011-09-20 137224]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2010-11-20 47616]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-09-17 97624]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-25 274514]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 553288]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe [2011-10-30 1667328]
S2 4b68701ac8b0fdf.exe;4b68701ac8b0fdf.exe; C:\Users\pjilkova\AppData\Local\ba2dfbae47fa6de193fd14ab536de8f4\4b68701ac8b0fdf.exe []
S2 8bfc24a7a4df867.exe;8bfc24a7a4df867.exe; C:\Users\pjilkova\AppData\Local\362f8d3c6858f265b69ae053f3d966a1\8bfc24a7a4df867.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 DriverRegisterRepository.exe;DriverRegisterRepository.exe; C:\Users\mfanta\AppData\Local\DriverRegisterRepository\DriverRegisterRepository.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-08 136176]
S2 LogMotionSyntax.exe;LogMotionSyntax.exe; C:\Users\mfanta\AppData\Local\LogMotionSyntax\LogMotionSyntax.exe []
S2 MagikSrv;MagikSrv; C:\Program files\MagikSrv\MagikSrv.exe [2011-11-06 193112]
S2 MSSQL$MAGIKINFO;SQL Server (MAGIKINFO); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S2 O2 Internet. RunOuc;O2 Internet. OUC; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [2012-11-12 657504]
S2 O2SDIOAssist;O2SDIOAssist; c:\Windows\system32\srvany.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-08 136176]
S3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-06-23 1889616]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\snac.exe [2011-10-30 280496]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-09-19 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLAgent$SQLLANSWEEPER2K8;SQL Server Agent (SQLLANSWEEPER2K8); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 370008]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119428
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Díky za kontrolu

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\mfanta\AppData\Local\Akamai

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]

:services
4b68701ac8b0fdf.exe;4b68701ac8b0fdf.exe
8bfc24a7a4df867.exe;8bfc24a7a4df867.exe

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
vollf
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 15 srp 2014 10:30

Re: Díky za kontrolu

#7 Příspěvek od vollf »

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by mfanta at 2014-08-31 21:45:50
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 33 GB (33%) free of 102 GB
Total RAM: 3241 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:45:59, on 31.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\notepad.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\PdaNet for Android\PdaNetPC.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
D:\Instal\AntiVir portable\RSIT.exe
C:\Program Files\trend micro\mfanta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
O1 - Hosts: ::1 localhost
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
O4 - HKLM\..\Run: [FreeFallProtection] C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Samsung.PCSync] "C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Samsung.PCSync] "C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Microsoft Outlook 2010.lnk = ?
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O15 - Trusted Zone: http://www.evropa2.cz
O16 - DPF: {7340F0E4-AEDA-47C6-8971-9DB314030BD7} (CAxH264Dec Class) - http://192.168.74.6/activex/decoder/h264_dec.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://192.168.140.6/activex/AMC.cab
O16 - DPF: {EA80AD01-A12C-4699-894C-5A87F929608A} (WebCamX Control) - http://88.103.127.198:8888/WebCamX.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pmu.local
O17 - HKLM\Software\..\Telephony: DomainName = pmu.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C695A7D-AEA8-426B-98FD-5FFBF6C692AB}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pmu.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = pmu.local
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SEP - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll (file missing)
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: 4b68701ac8b0fdf.exe - Unknown owner - C:\Users\pjilkova\AppData\Local\ba2dfbae47fa6de193fd14ab536de8f4\4b68701ac8b0fdf.exe (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: 8bfc24a7a4df867.exe - Unknown owner - C:\Users\pjilkova\AppData\Local\362f8d3c6858f265b69ae053f3d966a1\8bfc24a7a4df867.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DriverRegisterRepository.exe - Unknown owner - C:\Users\mfanta\AppData\Local\DriverRegisterRepository\DriverRegisterRepository.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Services\IPT\jhi_service.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMotionSyntax.exe - Unknown owner - C:\Users\mfanta\AppData\Local\LogMotionSyntax\LogMotionSyntax.exe (file missing)
O23 - Service: MagikSrv - ADVANteach s.r.o. - C:\Program files\MagikSrv\MagikSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Program Files\O2 Internet\UpdateDog\ouc.exe
O23 - Service: O2FLASH - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: O2SDIOAssist - Unknown owner - c:\Windows\system32\srvany.exe (file missing)
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\snac.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware vCenter Converter Standalone Agent (vmware-converter-agent) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
O23 - Service: VMware vCenter Converter Standalone Server (vmware-converter-server) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: VMware vCenter Converter Standalone Worker (vmware-converter-worker) - VMware, Inc. - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

--
End of file - 14444 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\restart_new.job - \\servermu\Public\9MU_IT\restart.bat  

=========Mozilla firefox=========

ProfilePath - C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "file:///D:/Stranka_nemazat/katacz.htm"
prefs.js - "keyword.URL" -  "http://www.google.com/search?btnG=Google+Search&q="

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\IPSFF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=5.1.0.00000]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@vmware.com/vmrc,version=5.5.0.00000]
"Description"=VMware VMRC Browser Plugin
"Path"=C:\Program Files\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nplansweepershellexec.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Users\mfanta\AppData\Roaming\Mozilla\Firefox\Profiles\a5dv3lo5.default\extensions\
lansweeperplugin@lansweeper.com
LogMeInClient@logmein.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\bin\IPS\IPSBHO.DLL [2011-09-17 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-15 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-04-05 501104]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2011-01-25 536668]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-28 142616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-28 177432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-28 176408]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2011-01-15 5955072]
"FreeFallProtection"=C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2011-04-22 686704]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-03-12 462993]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2010-04-29 50472]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2014-01-17 421888]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-06-23 3816272]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-05-26 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
""= []
"DellSystemDetect"=C:\Users\mfanta\AppData\Local\Apps\2.0\EV2EXYLL.JGO\H1592WJR.58E\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [2014-05-23 254976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2012-02-20 1666560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

C:\Users\mfanta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
PdaNet Desktop.lnk - C:\Program Files\PdaNet for Android\PdaNetPC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-10 293888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SEP]
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-08 115440]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SepMasterService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRecentDocsNetHood"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-20 08:54:59 ----A---- C:\Windows\system32\urlmon.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-20 08:54:59 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-20 08:54:59 ----A---- C:\Windows\system32\iernonce.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-20 08:54:59 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-20 08:54:59 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\vbscript.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\msrating.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\iesetup.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-20 08:54:58 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-20 08:54:57 ----A---- C:\Windows\system32\wininet.dll
2014-08-20 08:54:57 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-20 08:54:57 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-20 08:54:56 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-20 08:54:56 ----A---- C:\Windows\system32\ieui.dll
2014-08-20 08:54:56 ----A---- C:\Windows\system32\ieframe.dll
2014-08-20 08:54:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-20 08:54:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-20 08:54:55 ----A---- C:\Windows\system32\iertutil.dll
2014-08-20 08:54:54 ----A---- C:\Windows\system32\mshtml.dll
2014-08-20 08:54:54 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-20 08:54:54 ----A---- C:\Windows\system32\jscript9.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\wextract.exe
2014-08-19 06:19:02 ----A---- C:\Windows\system32\webcheck.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\url.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-19 06:19:02 ----A---- C:\Windows\system32\occache.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\msls31.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\licmgr10.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\jsIntl.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\inseng.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\iexpress.exe
2014-08-19 06:19:02 ----A---- C:\Windows\system32\ieapfltr.dat
2014-08-19 06:19:02 ----A---- C:\Windows\system32\icardie.dll
2014-08-19 06:19:02 ----A---- C:\Windows\system32\elshyph.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-08-19 06:19:01 ----A---- C:\Windows\system32\pngfilt.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\mshtmler.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\mshta.exe
2014-08-19 06:19:01 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-19 06:19:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\jscript.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\imgutil.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\iesysprep.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\iepeers.dll
2014-08-19 06:19:01 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-08-15 11:59:12 ----D---- C:\Avenger
2014-08-15 11:59:12 ----A---- C:\avenger.txt
2014-08-15 11:26:33 ----D---- C:\FRST
2014-08-15 11:15:01 ----SHD---- C:\$RECYCLE.BIN
2014-08-15 11:11:58 ----A---- C:\Windows\zoek-delete.exe
2014-08-15 11:11:55 ----D---- C:\Windows\Temp
2014-08-15 10:19:27 ----D---- C:\zoek_backup
2014-08-15 10:07:36 ----A---- C:\Windows\system32\sqlite3.dll
2014-08-15 10:06:24 ----D---- C:\AdwCleaner
2014-08-15 09:51:15 ----D---- C:\Windows\ERUNT
2014-08-15 09:43:14 ----D---- C:\Program Files\trend micro
2014-08-15 09:43:13 ----D---- C:\rsit
2014-08-15 09:08:20 ----D---- C:\Users\mfanta\AppData\Roaming\Oracle
2014-08-15 09:07:24 ----D---- C:\Program Files\Common Files\Java
2014-08-15 09:07:06 ----A---- C:\Windows\system32\javaws.exe
2014-08-15 09:06:55 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-08-15 09:06:55 ----A---- C:\Windows\system32\javaw.exe
2014-08-15 09:06:55 ----A---- C:\Windows\system32\java.exe
2014-08-15 08:26:48 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-15 08:26:48 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-08-15 08:26:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-08-15 08:23:30 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-15 08:23:26 ----A---- C:\Windows\system32\icardres.dll
2014-08-15 08:23:23 ----A---- C:\Windows\system32\icardagt.exe
2014-08-15 08:23:22 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 14:43:42 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 14:43:41 ----A---- C:\Windows\system32\win32k.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 14:43:41 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 14:43:41 ----A---- C:\Windows\system32\cdd.dll
2014-08-14 14:43:40 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\msi.dll
2014-08-14 14:43:34 ----A---- C:\Windows\system32\consent.exe
2014-08-14 14:43:34 ----A---- C:\Windows\system32\authui.dll
2014-08-14 14:42:52 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 14:42:49 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-12 09:23:12 ----D---- C:\Windows\pss
2014-08-12 09:05:17 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-08-12 09:04:39 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wups2.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wucltux.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-01 10:53:59 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wups.dll
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wudriver.dll
2014-08-01 10:53:41 ----A---- C:\Windows\system32\wuapi.dll
2014-08-01 10:53:27 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-01 10:53:27 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2014-08-31 21:45:59 ----D---- C:\Windows\Prefetch
2014-08-31 21:44:12 ----A---- C:\Windows\system32\log.txt
2014-08-31 21:39:37 ----SHD---- C:\System Volume Information
2014-08-31 21:38:55 ----D---- C:\Windows\system32\config
2014-08-31 21:37:39 ----D---- C:\Windows
2014-08-31 21:36:33 ----D---- C:\Windows\Tasks
2014-08-31 21:36:33 ----D---- C:\Windows\system32\Tasks
2014-08-31 21:06:27 ----D---- C:\Windows\System32
2014-08-31 21:06:27 ----D---- C:\Windows\inf
2014-08-31 21:06:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:59:00 ----D---- C:\Windows\system32\catroot2
2014-08-22 08:58:21 ----D---- C:\Users\mfanta\AppData\Roaming\VMware
2014-08-20 12:00:52 ----D---- C:\Windows\rescache
2014-08-20 09:32:58 ----D---- C:\Windows\winsxs
2014-08-20 09:28:24 ----D---- C:\Windows\system32\cs-CZ
2014-08-20 09:28:24 ----D---- C:\Windows\PolicyDefinitions
2014-08-20 09:28:23 ----D---- C:\Windows\system32\en-US
2014-08-20 09:28:22 ----D---- C:\Program Files\Internet Explorer
2014-08-20 08:56:22 ----D---- C:\Windows\system32\catroot
2014-08-19 08:40:40 ----D---- C:\Users\mfanta\AppData\Roaming\Download Manager
2014-08-19 06:27:55 ----D---- C:\Windows\panther
2014-08-19 06:23:24 ----D---- C:\Windows\system32\migration
2014-08-19 06:21:35 ----D---- C:\Windows\Logs
2014-08-15 13:45:13 ----D---- C:\Windows\Microsoft.NET
2014-08-15 13:40:53 ----RD---- C:\Users
2014-08-15 13:04:49 ----RSD---- C:\Windows\assembly
2014-08-15 11:59:12 ----D---- C:\Windows\system32\drivers
2014-08-15 11:03:16 ----RD---- C:\Program Files
2014-08-15 11:03:16 ----HD---- C:\ProgramData
2014-08-15 10:25:06 ----D---- C:\Windows\system32\drivers\etc
2014-08-15 09:07:38 ----D---- C:\ProgramData\Oracle
2014-08-15 09:07:24 ----SHD---- C:\Windows\Installer
2014-08-15 09:07:24 ----D---- C:\Program Files\Common Files
2014-08-15 08:58:32 ----D---- C:\Windows\ehome
2014-08-15 08:58:22 ----RSD---- C:\Windows\Fonts
2014-08-15 08:29:46 ----D---- C:\ProgramData\Microsoft Help
2014-08-12 09:05:36 ----D---- C:\ProgramData\Malwarebytes
2014-08-01 10:46:18 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 17648]
R0 SymDS;Symantec Data Store; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMDS.SYS [2011-07-16 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMEFA.SYS [2011-08-27 758904]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20140801.011\BHDrvx86.sys [2014-05-10 1101616]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-06-12 377648]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20140821.001\IDSvix86.sys [2014-05-13 395992]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2008-03-17 19584]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSP.SYS [2011-09-27 522872]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSPX.SYS [2011-09-27 31864]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\Ironx86.SYS [2011-09-13 137336]
R1 SYMNETS;Symantec Network Security WFP Driver; C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMNETS.SYS [2011-09-08 299640]
R1 SysPlant;SysPlant for NT; C:\Windows\system32\Drivers\SysPlant.sys [2012-05-29 90032]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2008-06-19 306299]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-08-17 41936]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-04-18 36600]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 43888]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-04-05 295032]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2011-02-08 349736]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2011-01-15 18496]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-01-15 4248128]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-09-02 302120]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-09-02 93224]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2011-09-02 114728]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-02 33832]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-09-02 18728]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 144576]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-03-29 125328]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-06-12 109872]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-01-23 77696]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-06-10 10788352]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 269824]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20140821.022\NAVENG.SYS [2014-08-22 95704]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20140821.022\NAVEX15.SYS [2014-08-22 1636696]
R3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\DRIVERS\O2MDRw7.sys [2011-01-05 62440]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7.sys [2011-03-23 63976]
R3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-07-19 13312]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2011-01-25 435200]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2012-05-29 127096]
S0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BIFLAK;BIFLAK; \??\C:\PcScan\biflak.sys []
S3 Blfp;Broadcom Advanced Server Program Driver; C:\Windows\system32\DRIVERS\basp.sys [2010-09-03 88064]
S3 bmdrvr;Modified Clusters Tracking Driver; C:\Windows\system32\drivers\bmdrvr.sys [2013-08-28 54992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 CtAudDrv;Provides advanced audio effects for audio devices.; \??\C:\Windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 95232]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 11904]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-02 57800]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-02 72520]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2010-10-08 25856]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2013-01-25 97408]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2013-01-23 27776]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2013-02-17 207360]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2013-01-23 199296]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-27 132480]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-12-30 94336]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7.sys [2011-01-04 60904]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RegFltrX86;RegFltrX86; \??\C:\Users\mfanta\AppData\Local\DriverRegisterRepository\RegFltrX86.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 SyDvCtrl;SyDvCtrl; \??\C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\SyDvCtrl32.sys [2011-10-30 23984]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-07-01 26624]
S3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2011-08-19 26112]
S3 testousbser;testousbser; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2012-05-30 23600]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-11 120088]
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BrcmMgmtAgent;Broadcom Management Agent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-06-29 127488]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-02-08 660768]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2008-06-19 1528608]
R2 HWDeviceService.exe;HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 375056]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-04 325656]
R2 MSSQL$SQLEXP_VIM;SQL Server (SQLEXP_VIM); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 MSSQL$SQLLANSWEEPER2K8;SQL Server (SQLLANSWEEPER2K8); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe [2010-09-17 42773336]
R2 O2FLASH;O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [2010-02-11 72296]
R2 SepMasterService;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe [2011-09-20 137224]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2010-11-20 47616]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-09-17 97624]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-25 274514]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 553288]
R3 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe [2011-10-30 1667328]
S2 4b68701ac8b0fdf.exe;4b68701ac8b0fdf.exe; C:\Users\pjilkova\AppData\Local\ba2dfbae47fa6de193fd14ab536de8f4\4b68701ac8b0fdf.exe []
S2 8bfc24a7a4df867.exe;8bfc24a7a4df867.exe; C:\Users\pjilkova\AppData\Local\362f8d3c6858f265b69ae053f3d966a1\8bfc24a7a4df867.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 DriverRegisterRepository.exe;DriverRegisterRepository.exe; C:\Users\mfanta\AppData\Local\DriverRegisterRepository\DriverRegisterRepository.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-08 136176]
S2 LogMotionSyntax.exe;LogMotionSyntax.exe; C:\Users\mfanta\AppData\Local\LogMotionSyntax\LogMotionSyntax.exe []
S2 MagikSrv;MagikSrv; C:\Program files\MagikSrv\MagikSrv.exe [2011-11-06 193112]
S2 MSSQL$MAGIKINFO;SQL Server (MAGIKINFO); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S2 O2 Internet. RunOuc;O2 Internet. OUC; C:\Program Files\O2 Internet\UpdateDog\ouc.exe [2012-11-12 657504]
S2 O2SDIOAssist;O2SDIOAssist; c:\Windows\system32\srvany.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-08 136176]
S3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-06-23 1889616]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\snac.exe [2011-10-30 280496]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-09-19 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLAgent$SQLLANSWEEPER2K8;SQL Server Agent (SQLLANSWEEPER2K8); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 370008]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119428
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Díky za kontrolu

#8 Příspěvek od Rudy »

Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
vollf
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 15 srp 2014 10:30

Re: Díky za kontrolu

#9 Příspěvek od vollf »

Notebook se chová standardně a reklamy v prohlížečích se už neobjevují.

Těžko říct, jak dlouho tento stav vydrží. Již několikrát se mi podařilo různými utilitami reklam zbavit, ale cca. po 2 týdnech se objevily znovu.

Každopádně díky.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119428
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Díky za kontrolu

#10 Příspěvek od Rudy »

Asi navštěvujete weby, z kterých si je natáhnete. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“