Prosím o preventivní kontrolu logu Hijack This

[danny12]

Poslední týdny mi nějak zpomaluje internet. Při "normálním" projíždění se náhle sekne a poměrně dlouze načítá běžné stránky typu iDnes. Totéž se /opakovaně/děje i při prohlížení filmu třeba na webu ČT/ a to jak v pc,tak i tv/. Jako jednu z prvních prevencí prosím o kontrolu logu z Hijak This.
Předem děkuji.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:06, on 14.9.2014
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\ABService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9270 bytes

[Roli]

Zdravím, raději poprosím o log.txt z Rsit protože je podrobnější.

[danny12]

Dobrý den, děkuji za reakci, zde je Vámi požadovaný log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by DanRad at 2014-09-14 19:05:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 72 GB (48%) free of 150 GB
Total RAM: 8175 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:05:35, on 14.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
C:\Program Files\trend micro\DanRad.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\ABService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8969 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\SysWOW64\bgsvcgen.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PSIService.exe
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
"C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2088
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"taskhost.exe"
\??\C:\Windows\system32\conhost.exe "-1351919017-1580203867-760789245-168660342521457066891317575381-342625840-2082072276
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe" /c /a /s UserSession
"C:\Program Files\Rainlendar2\Rainlendar2.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

C:\Windows\system32\wbem\wmiprvse.exe
"D:\Downloady\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\Windows\tasks\Wise Turbo Checker.job - D:\Downloady\1.Programy\ProgrPortabl\WC365Portable\Wise Care 365\WiseTurbo.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\DanRad\AppData\Roaming\Mozilla\Firefox\Profiles\sqk0z60r.default-1376704353856

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll


C:\Users\DanRad\AppData\Roaming\Mozilla\Firefox\Profiles\sqk0z60r.default-1376704353856\extensions\
cs@dictionaries.addons.mozilla.org
foxmarks@kei.com
support@lastpass.com
{2d3fbcf7-be69-4433-8858-c621a8d0e58d}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\DanRad\AppData\Roaming\Mozilla\Firefox\Profiles\sqk0z60r.default-1376704353856\searchplugins\
hellspy.xml
sfd.xml
ulozto.xml
vyhledvn-vide-ve-slub-youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll [2014-07-31 916320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll [2014-07-31 654688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL [2014-07-23 392336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-15 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll [2014-07-31 916320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll [2014-07-31 654688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2012-12-29 4359680]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GMouse]
C:\GIGABYTE FORCE\GIGABYTE FORCE.EXE [2011-11-08 667648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-03-22 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-25 2403104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13662936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung Link]
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2014-08-13 596320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe [2014-05-29 784392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2014-07-25 1283136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive]
C:\Users\DanRad\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2013-08-17 257136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Color Calibration.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^DanRad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verbatim GREEN BUTTON.lnk]
C:\PROGRA~2\Verbatim\GREENB~1\GREENB~1.EXE [2012-10-24 508176]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-09-14 19:05:27 ----D---- C:\rsit
2014-09-14 19:05:27 ----D---- C:\Program Files\trend micro
2014-09-12 22:00:41 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-10 08:29:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-10 08:29:19 ----A---- C:\Windows\system32\ieui.dll
2014-09-10 08:29:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-10 08:29:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-10 08:29:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-10 08:29:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 08:29:18 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 08:29:18 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 08:29:18 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 08:29:18 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 08:29:18 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 08:29:18 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 08:29:18 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-10 08:29:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-10 08:29:17 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 08:29:17 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 08:29:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 08:29:17 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 08:29:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 08:29:17 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 08:29:17 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 08:29:17 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 08:29:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-10 08:29:16 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-10 08:29:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-10 08:29:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 08:29:16 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-10 08:29:16 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 08:29:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 08:29:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 08:29:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 08:29:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-10 08:29:15 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 08:29:15 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 08:29:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-10 08:29:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-10 08:29:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-10 08:29:14 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 08:29:14 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 08:29:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-10 08:29:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-10 08:29:13 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 08:24:52 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-10 08:24:52 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 08:24:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-10 08:24:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-10 08:24:07 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-10 08:24:07 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 08:24:07 ----A---- C:\Windows\system32\kerberos.dll
2014-09-10 08:23:58 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-10 08:23:58 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-10 08:23:44 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-10 08:23:44 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-10 08:21:51 ----A---- C:\Windows\system32\aepdu.dll
2014-09-10 08:21:48 ----A---- C:\Windows\system32\aeinv.dll
2014-09-04 20:51:30 ----D---- C:\Users\DanRad\AppData\Roaming\XnSketch
2014-08-31 19:47:40 ----D---- C:\Program Files\Samsung
2014-08-28 20:58:12 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 20:58:12 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 20:58:12 ----A---- C:\Windows\system32\gdi32.dll
2014-08-27 12:06:17 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2014-08-22 09:43:58 ----D---- C:\NVIDIA Corporation
2014-08-21 20:53:33 ----D---- C:\AdwCleaner
2014-08-19 17:43:13 ----D---- C:\Users\DanRad\AppData\Roaming\Skype
2014-08-19 17:43:02 ----RD---- C:\Program Files (x86)\Skype
2014-08-19 17:42:53 ----D---- C:\ProgramData\Skype
2014-08-17 15:08:07 ----D---- C:\Users\DanRad\AppData\Roaming\uTorrent
2014-08-15 16:37:47 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-15 16:37:41 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-15 16:37:41 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-15 16:37:41 ----A---- C:\Windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 month======

2014-09-14 19:05:27 ----RAD---- C:\Program Files
2014-09-14 18:23:19 ----D---- C:\Windows\system32\config
2014-09-14 18:12:05 ----D---- C:\Windows\temp
2014-09-14 18:10:02 ----SHD---- C:\System Volume Information
2014-09-14 18:09:40 ----D---- C:\ProgramData\NVIDIA
2014-09-14 18:09:28 ----D---- C:\Windows\system32\drivers
2014-09-14 18:09:28 ----D---- C:\Windows\system
2014-09-14 14:09:49 ----D---- C:\Windows
2014-09-13 20:27:11 ----RD---- C:\Program Files (x86)
2014-09-13 11:08:48 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-11 17:05:24 ----D---- C:\ProgramData\CanonIJPLM
2014-09-11 11:31:48 ----D---- C:\Windows\inf
2014-09-11 11:31:42 ----D---- C:\Windows\debug
2014-09-10 10:03:43 ----D---- C:\Windows\rescache
2014-09-10 09:31:28 ----D---- C:\Windows\Microsoft.NET
2014-09-10 09:29:52 ----RSD---- C:\Windows\assembly
2014-09-10 09:06:01 ----D---- C:\Windows\winsxs
2014-09-10 09:04:15 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-10 09:04:15 ----D---- C:\Windows\SysWOW64
2014-09-10 09:04:15 ----D---- C:\Windows\system32\en-US
2014-09-10 09:04:15 ----D---- C:\Windows\System32
2014-09-10 09:04:15 ----D---- C:\Program Files\Internet Explorer
2014-09-10 09:04:14 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-10 08:58:19 ----D---- C:\Users\DanRad\AppData\Roaming\KeePass
2014-09-10 08:32:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-10 08:31:01 ----SHD---- C:\Windows\Installer
2014-09-10 08:29:32 ----D---- C:\Windows\system32\catroot2
2014-09-10 08:29:32 ----D---- C:\Windows\system32\catroot
2014-09-10 08:27:50 ----D---- C:\Windows\system32\MRT
2014-09-10 08:25:22 ----A---- C:\Windows\system32\MRT.exe
2014-09-10 08:24:42 ----SD---- C:\Windows\system32\CompatTel
2014-09-08 09:44:00 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2014-09-08 08:11:45 ----D---- C:\Windows\system32\Tasks
2014-09-07 10:24:25 ----A---- C:\Windows\Sandboxie.ini
2014-09-01 15:55:59 ----D---- C:\Windows\system32\drivers\NISx64
2014-08-30 17:53:41 ----D---- C:\Program Files (x86)\Calibre2
2014-08-28 21:01:04 ----AD---- C:\ProgramData\TEMP
2014-08-28 21:00:52 ----D---- C:\Users\DanRad\AppData\Roaming\Mp3tag
2014-08-28 21:00:02 ----D---- C:\Program Files (x86)\Mp3tag
2014-08-27 13:51:12 ----D---- C:\Program Files\CCleaner
2014-08-23 12:08:54 ----D---- C:\Program Files (x86)\SpeedFan
2014-08-21 22:06:15 ----D---- C:\Users\DanRad\AppData\Roaming\DAEMON Tools Lite
2014-08-21 21:37:02 ----D---- C:\Users\DanRad\AppData\Roaming\vlc
2014-08-19 17:43:02 ----D---- C:\Program Files (x86)\Common Files
2014-08-19 17:42:53 ----D---- C:\ProgramData
2014-08-18 16:30:13 ----D---- C:\Program Files (x86)\Aiseesoft Studio
2014-08-18 16:30:12 ----D---- C:\ProgramData\Aiseesoft Studio
2014-08-15 16:37:51 ----D---- C:\ProgramData\Oracle

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2013-05-07 30648]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-03-22 678384]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-03-22 28656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1505000.013\SYMDS64.SYS [2013-09-10 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1505000.013\SYMEFA64.SYS [2014-03-04 1148120]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [2014-08-19 1588016]
R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys [2013-09-26 162392]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-15 283064]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-09-09 487216]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140912.001\IDSvia64.sys [2014-08-30 633560]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1505000.013\SRTSPX64.SYS [2013-09-10 36952]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2013-09-10 78936]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS [2013-09-27 264280]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS [2014-02-18 593112]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-06-08 230864]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2013-05-07 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2013-02-06 17848]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-09 142640]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2000-01-01 65152]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2000-01-01 88832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 3707864]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-03-20 118272]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140912.023\ENG64.SYS [2014-08-21 129752]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140912.023\EX64.SYS [2014-08-21 2137304]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1505000.013\SRTSP64.SYS [2014-02-13 875736]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-11-17 177752]
S1 SASDIFSV;SASDIFSV; \??\C:\Users\DanRad\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV64.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Users\DanRad\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL64.SYS []
S3 7ByteIo;7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 DigiartyVirtualCDBus;Digiarty Virtual Driver; C:\Windows\system32\drivers\DigiartyVirtualCDBus.sys [2014-08-02 276256]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-06-17 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-06-17 27760]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2010-02-03 113280]
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2014-05-29 185352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\SysWOW64\bgsvcgen.exe [2007-06-15 145504]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-31 368600]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [2014-07-31 276376]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 18956064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2014-08-13 604512]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [2014-02-23 186760]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI Backupper Professional Edition 2.0\ABService.exe [2014-04-08 29912]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-22 15344]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-12 114288]
S3 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2014-05-29 174088]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-08 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Roli]

V první řadě restartuj modem (na minutku ho odpoj z elektřiny).


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[danny12]

Dobrý den, zde jsou logy:

# AdwCleaner v3.310 - Report created 16/09/2014 at 19:09:04
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : DanRad - DANRAD-PC
# Running from : D:\Downloady\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.1 (x86 cs)

[ File : C:\Users\DanRad\AppData\Roaming\Mozilla\Firefox\Profiles\sqk0z60r.default-1376704353856\prefs.js ]


*************************

AdwCleaner[R0].txt - [1210 octets] - [21/08/2014 20:53:37]
AdwCleaner[R1].txt - [1029 octets] - [16/09/2014 19:08:19]
AdwCleaner[S0].txt - [1279 octets] - [21/08/2014 20:55:26]
AdwCleaner[S1].txt - [954 octets] - [16/09/2014 19:09:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1013 octets] ##########


Combo Fix:

ComboFix 14-09-16.01 - DanRad 16.09.2014 19:18:22.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8175.6231 [GMT 2:00]
Spuštěný z: d:\downloady\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\TEMP\sqlite-3.7.151-amd64-sqlitejdbc.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-16 do 2014-09-16 )))))))))))))))))))))))))))))))
.
.
2014-09-16 17:22 . 2014-09-16 17:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-09-16 17:22 . 2014-09-16 17:22 -------- d-----w- c:\users\kshr\AppData\Local\temp
2014-09-16 17:22 . 2014-09-16 17:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-14 17:05 . 2014-09-14 17:05 -------- d-----w- C:\rsit
2014-09-14 17:05 . 2014-09-14 17:05 -------- d-----w- c:\program files\trend micro
2014-09-10 06:32 . 2014-09-10 06:32 -------- d-----w- c:\users\DanRad\AppData\Local\Adobe
2014-09-10 06:24 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 06:24 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 06:24 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 06:24 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 06:24 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-10 06:24 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-10 06:24 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-10 06:23 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-10 06:23 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 06:23 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 06:23 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-10 06:21 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-10 06:21 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-04 18:51 . 2014-09-04 18:54 -------- d-----w- c:\users\DanRad\AppData\Roaming\XnSketch
2014-08-31 17:47 . 2014-08-31 17:48 -------- d-----w- c:\program files\Samsung
2014-08-28 18:58 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 18:58 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-28 18:58 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-27 10:06 . 2014-08-27 10:06 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-08-27 10:06 . 2014-08-27 10:06 -------- d-----w- c:\users\DanRad\SystemRequirementsLab
2014-08-22 07:43 . 2014-08-22 07:43 -------- d-----w- C:\NVIDIA Corporation
2014-08-21 18:53 . 2014-09-16 17:09 -------- d-----w- C:\AdwCleaner
2014-08-19 15:43 . 2014-08-19 15:43 -------- d-----w- c:\users\DanRad\AppData\Local\Skype
2014-08-19 15:43 . 2014-08-23 17:08 -------- d-----w- c:\users\DanRad\AppData\Roaming\Skype
2014-08-19 15:43 . 2014-08-19 15:43 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-19 15:43 . 2014-08-19 15:43 -------- d-----r- c:\program files (x86)\Skype
2014-08-19 15:42 . 2014-08-19 15:43 -------- d-----w- c:\programdata\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-14 18:10 . 2014-07-06 17:34 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-10 06:32 . 2014-04-03 16:03 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 06:32 . 2014-04-03 16:03 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-10 06:25 . 2012-03-08 16:30 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-09-08 07:44 . 2013-07-31 08:29 6382 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2014-08-28 10:11 . 2012-07-17 13:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-15 14:37 . 2014-08-15 14:37 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-02 15:31 . 2013-04-14 13:58 276256 ----a-w- c:\windows\system32\drivers\DigiartyVirtualCDBus.sys
2014-07-25 13:50 . 2014-07-29 14:03 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-07-25 13:50 . 2013-11-01 07:37 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-07-25 13:50 . 2014-07-29 14:03 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-07-25 13:50 . 2013-11-01 07:37 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-13 13:54 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-13 13:54 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-13 13:53 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-13 13:53 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-13 13:54 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-13 13:54 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-13 13:54 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-13 13:54 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-13 13:54 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-13 13:54 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-13 13:54 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-07-02 20:48 . 2014-07-29 15:19 944928 ----a-w- c:\windows\system32\NvIFR64.dll
2014-07-02 20:48 . 2014-07-29 15:19 907096 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-07-02 20:48 . 2014-07-29 15:19 903624 ----a-w- c:\windows\system32\NvFBC64.dll
2014-07-02 20:48 . 2014-07-29 15:19 869152 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-07-02 20:48 . 2014-07-29 15:19 846832 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-07-02 20:48 . 2014-07-29 15:19 4247000 ----a-w- c:\windows\system32\nvcuvid.dll
2014-07-02 20:48 . 2014-07-29 15:19 3989960 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-07-02 20:48 . 2014-07-29 15:19 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-07-02 20:48 . 2014-07-29 15:19 31512520 ----a-w- c:\windows\system32\nvoglv64.dll
2014-07-02 20:48 . 2014-07-29 15:19 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-07-02 20:48 . 2014-07-29 15:19 24196896 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-07-02 20:48 . 2014-07-29 15:19 22994208 ----a-w- c:\windows\system32\nvcompiler.dll
2014-07-02 20:48 . 2014-07-29 15:19 1890080 ----a-w- c:\windows\system32\nvdispco6434052.dll
2014-07-02 20:48 . 2014-07-29 15:19 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-07-02 20:48 . 2014-07-29 15:19 16122344 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-07-02 20:48 . 2014-07-29 15:19 1539928 ----a-w- c:\windows\system32\nvdispgenco6434052.dll
2014-07-02 20:48 . 2014-07-29 15:19 15294296 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-07-02 20:48 . 2014-07-29 15:19 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-07-02 20:48 . 2014-07-29 15:19 13922752 ----a-w- c:\windows\system32\nvopencl.dll
2014-07-02 20:48 . 2014-07-29 15:19 13835208 ----a-w- c:\windows\system32\nvcuda.dll
2014-07-02 20:48 . 2014-07-29 15:19 12866008 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-07-02 20:48 . 2014-07-29 15:19 11283344 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-07-02 20:48 . 2014-07-29 15:19 11222048 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-07-02 20:48 . 2013-11-25 11:22 17555104 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-07-02 20:48 . 2013-07-27 17:20 14498552 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-07-02 20:48 . 2013-07-27 17:20 2814656 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-07-02 20:48 . 2013-07-27 17:01 75040 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-02 20:48 . 2013-07-27 17:01 61912 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-07-02 20:48 . 2013-07-07 19:45 965312 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2013-07-07 19:45 3196816 ----a-w- c:\windows\system32\nvapi64.dll
2014-07-02 20:48 . 2013-07-07 19:45 18626304 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-07-02 18:55 . 2013-07-27 16:50 6783776 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:55 . 2013-07-27 16:50 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-02 18:55 . 2013-07-27 16:50 935368 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-02 18:55 . 2013-07-27 16:50 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-02 18:55 . 2013-07-27 16:50 386520 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 18:55 . 2013-07-27 16:50 2559960 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-02 17:44 . 2014-07-29 15:22 609240 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-07-02 10:14 . 2013-07-27 16:50 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2014-06-30 22:24 . 2014-08-13 13:55 8856 ----a-w- c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-13 13:55 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-06-25 02:05 . 2014-08-13 13:53 14175744 ----a-w- c:\windows\system32\shell32.dll
2012-03-22 16:20 . 2012-03-22 16:20 10134560 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-17 12:50 222832 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-17 12:50 222832 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-17 12:50 222832 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2012-12-29 4359680]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R1 SASDIFSV;SASDIFSV;c:\users\DanRad\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV64.SYS;c:\users\DanRad\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\DanRad\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL64.SYS;c:\users\DanRad\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL64.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 7ByteIo;7ByteIo;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [x]
R3 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
R3 Backupper Service;AOMEI Backupper Scheduler Service;c:\program files (x86)\AOMEI Backupper Professional Edition 2.0\ABService.exe;c:\program files (x86)\AOMEI Backupper Professional Edition 2.0\ABService.exe [x]
R3 DigiartyVirtualCDBus;Digiarty Virtual Driver;c:\windows\system32\drivers\DigiartyVirtualCDBus.sys;c:\windows\SYSNATIVE\drivers\DigiartyVirtualCDBus.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 ambakdrv;ambakdrv;c:\windows\system32\ambakdrv.sys;c:\windows\SYSNATIVE\ambakdrv.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1505000.013\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1505000.013\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1505000.013\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1505000.013\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1505000.013\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140915.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140915.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1505000.013\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1505000.013\SYMNETS.SYS [x]
S2 ammntdrv;ammntdrv;c:\windows\system32\ammntdrv.sys;c:\windows\SYSNATIVE\ammntdrv.sys [x]
S2 amwrtdrv;amwrtdrv;c:\windows\system32\amwrtdrv.sys;c:\windows\SYSNATIVE\amwrtdrv.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-20 c:\windows\Tasks\Wise Turbo Checker.job
- d:\downloady\1.Programy\ProgrPortabl\WC365Portable\Wise Care 365\WiseTurbo.exe [2013-05-31 12:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-17 12:50 261744 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-17 12:50 261744 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-17 12:50 261744 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\DanRad\AppData\Roaming\Mozilla\Firefox\Profiles\sqk0z60r.default-1376704353856\
FF - prefs.js: browser.search.selectedEngine - Uloz.to!
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{83BEA36E-7680-4598-A4DF-994426F6E78D} - (no file)
ShellIconOverlayIdentifiers-{845B7388-6F85-4F32-9FD5-F02DC7882B89} - (no file)
ShellIconOverlayIdentifiers-{F6378A7A-F753-449B-AE1B-997A96132E61} - (no file)
ShellIconOverlayIdentifiers-{3A511828-777D-46F8-82F4-5B530C1B3D9E} - (no file)
ShellIconOverlayIdentifiers-{C8C88204-5B14-40EC-BA72-8AEBC762047E} - (no file)
ShellIconOverlayIdentifiers-{ACFF45C3-3EEB-4351-86C2-6696BA264239} - (no file)
ShellIconOverlayIdentifiers-{29AF997F-488B-46F0-AE78-7146F1B89CC3} - (no file)
ShellIconOverlayIdentifiers-{03F9AD29-1C78-4B66-8890-B177B5430C53} - (no file)
AddRemove-MiniTool Power Data Recovery_is1 - e:\powerdatarecovery6.8\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19;c:\program files (x86)\Norton Internet Security\Engine64\21.5.0.19"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2014-09-16 19:24:23
ComboFix-quarantined-files.txt 2014-09-16 17:24
.
Před spuštěním: Volných bajtů: 81 936 740 352
Po spuštění: Volných bajtů: 81 283 440 640
.
- - End Of File - - 290AAD7425E9DFBB94A7FFA2BBB9A004
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC, respektive co ten net.