PC zamrzá

[Junfan]

Zdravím,

Počítač vždy zamrzá při instalaci SW, při čištění atd... I scan RSIT byl problém a musel jsem spustit PC a ihned spustit RSIT jinak by to zamrzlo.
Prosím o kontrolu logu
Ve stavu nouze je vše OK


info.txt logfile of random's system information tool 1.10 2015-06-25 19:16:15

======MBR======

0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003FB0F86F000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
-->MsiExec /X{B455E95A-B804-439F-B533-336B1635AE97}
7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
AMD Accelerated Video Transcoding-->MsiExec.exe /X{29910AC9-FC1A-BB69-177D-8A78B11086AB}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{B0D0F0F0-CFBA-973B-7046-6AF505A78255} REBOOT=ReallySuppress
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
Catalyst Control Center - Branding-->MsiExec.exe /I{25A3B953-1423-3F15-640E-B620DD0F419A}
Catalyst Control Center - Branding-->MsiExec.exe /I{C2A5755E-965A-4E6D-808D-A56FBBA6BE98}
Catalyst Control Center-->"C:\AMD\WU-CCC2\ccc2_install\WULaunchApp.exe" -uninstall
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
Curse of Mermos-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/352160
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall
CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
Cyberlink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\Setup.exe" /z-uninstall
Cyberlink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\Setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Dota 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/570
Fotogaléria-->MsiExec.exe /X{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}
Fotogalerie-->MsiExec.exe /X{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}
Gear Up-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/214420
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hewlett-Packard ACLM.NET v1.2.2.3-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HP Connected Music (Meridian - installer)-->"C:\Program Files (x86)\HPConnectedMusic\Uninstall.exe"
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Postscript Converter-->MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
HP Quick Start-->MsiExec.exe /X{574F0207-8E98-46CD-8F79-318348C98C46}
HP Registration Service-->MsiExec.exe /X{D1E8F2D7-7794-4245-B286-87ED86C1893C}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe" -runfromtemp -l0x0409 -removeonly
HydraVision-->MsiExec.exe /X{EBEAE9C6-E289-CBCB-9308-99D0A46ACCCE}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Interstellar Marines-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/236370
Killing Floor - Toy Master-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/326960
Killing Floor 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/232090
Killing Floor-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1250
Left 4 Dead 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/550
Malwarebytes Anti-Malware verze 2.1.4.1018-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office-->MsiExec.exe /X{90150000-0138-0409-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Movie Maker-->MsiExec.exe /X{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}
Movie Maker-->MsiExec.exe /X{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}
Movie Maker-->MsiExec.exe /X{A035950F-15BA-41C0-9D8F-165FC0536012}
Movie Maker-->MsiExec.exe /X{ED6C77F9-4D7E-447C-9EC0-9A212D075535}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
No More Room in Hell-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/224260
Norton Internet Security-->"C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\21.7.0.11\InstStub.exe" /X /ARP
NVIDIA PhysX-->MsiExec.exe /I{B455E95A-B804-439F-B533-336B1635AE97}
Orcs Must Die! 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/201790
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
Overlord Raising Hell version 12.0.0.58851-->"C:\Program Files (x86)\Codemasters\Overlord\unins000.exe"
Painkiller Hell & Damnation-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/214870
Path of Exile-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/238960
Photo Common-->MsiExec.exe /X{49110532-D289-4BFF-807C-45B782E66A7C}
Photo Common-->MsiExec.exe /X{C67BC332-A59A-4D40-977F-664F60AB21D8}
Photo Common-->MsiExec.exe /X{EB91007A-0110-42A6-B869-2709955A9B2A}
Photo Gallery-->MsiExec.exe /X{30F99474-EBE3-4134-A02B-F6CD38CFE243}
Photo Gallery-->MsiExec.exe /X{63824BC0-B747-43F3-9863-1066D64AD919}
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Quake Live-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/282440
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly
Recovery Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
Source SDK Base 2007-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/218
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
Team Fortress 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/440
Titan Quest: Immortal Throne-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/4550
Titan Quest-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/4540
Tom Clancy's Ghost Recon Phantoms - EU-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/272350
TP-LINK TL-WN721N_TL-WN722N Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}\setup.exe" -runfromtemp -l0x0009 -removeonly DriverOnly
Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
Walkover-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/348700
Warface-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/291480
Windows Live Communications Platform-->MsiExec.exe /I{0454BB9A-2A7A-4214-BDFF-937F7A711A44}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}
Windows Live Essentials-->MsiExec.exe /I{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}
Windows Live Essentials-->MsiExec.exe /I{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}
Windows Live Installer-->MsiExec.exe /I{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}
Windows Live Photo Common-->MsiExec.exe /X{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}
Windows Live PIMT Platform-->MsiExec.exe /I{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}
Windows Live SOXE Definitions-->MsiExec.exe /I{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}
Windows Live SOXE-->MsiExec.exe /I{FE7C0B3D-50B9-4951-BE78-A321CBF86552}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{56232E3D-7EA9-45E0-A371-26CD80510AF7}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E18F981B-401C-4D90-BC57-D8903564D558}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}
Windows Live UX Platform-->MsiExec.exe /I{4CCBD1F4-CEEC-452A-9CB8-46564B501315}

======System event log======

Computer Name: PC-HP
Event Code: 6
Message: Filtr systému souborů eeCtrl (verze 6.1, ‎2015‎-‎05‎-‎15T04:23:14.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 59011
Source Name: Microsoft-Windows-FilterManager
Time Written: 20150625170658.356820-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: PC-HP
Event Code: 6
Message: Filtr systému souborů BHDrvx64 (verze 6.1, ‎2015‎-‎05‎-‎12T22:20:53.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 59010
Source Name: Microsoft-Windows-FilterManager
Time Written: 20150625170658.122442-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: PC-HP
Event Code: 6
Message: Filtr systému souborů SymEFA (verze 6.0, ‎2014‎-‎02‎-‎28T01:32:07.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 59009
Source Name: Microsoft-Windows-FilterManager
Time Written: 20150625170655.763066-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: PC-HP
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 59008
Source Name: Microsoft-Windows-Eventlog
Time Written: 20150625170633.622435-000
Event Type: Informace
User: PC-HP\HP

Computer Name: PC-HP
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 59007
Source Name: Microsoft-Windows-Eventlog
Time Written: 20150625170633.575561-000
Event Type: Informace
User: PC-HP\HP

=====Application event log=====

Computer Name: PC-HP
Event Code: 900
Message: Služba Ochrana softwaru se spouští.
Parametry:<none>
Record Number: 29764
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20150625170655.000000-000
Event Type: Informace
User:

Computer Name: PC-HP
Event Code: 35
Message: The 'NIS' service has started.
Record Number: 29763
Source Name: NIS
Time Written: 20150625170655.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: PC-HP
Event Code: 34
Message: The 'NIS' service is starting.
Record Number: 29762
Source Name: NIS
Time Written: 20150625170653.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: PC-HP
Event Code: 0
Message: Služba byla úspěšně spuštěna.
Record Number: 29761
Source Name: HP Support Assistant Service
Time Written: 20150625170653.000000-000
Event Type: Informace
User:

Computer Name: PC-HP
Event Code: 0
Message:
Record Number: 29760
Source Name: gupdate
Time Written: 20150625170651.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: PC-HP
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC-HP$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x28c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 40333
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150625171047.233341-000
Event Type: Úspěšný audit
User:

Computer Name: PC-HP
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 40332
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150625170715.263075-000
Event Type: Úspěšný audit
User:

Computer Name: PC-HP
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC-HP$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x28c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 40331
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150625170715.263075-000
Event Type: Úspěšný audit
User:

Computer Name: PC-HP
Event Code: 6406
Message: Položka Norton Internet Security byla zaregistrována do brány Windows Firewall, aby řídila filtrování následujících položek:
BootTimeRuleCategory, StealthRuleCategory, FirewallRuleCategory.
Record Number: 40330
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150625170709.638073-000
Event Type: Úspěšný audit
User:

Computer Name: PC-HP
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-1694331133-1373063566-3514709734-1001
Název účtu: HP
Název domény: PC-HP
ID přihlášení: 0x14926
Record Number: 40329
Source Name: Microsoft-Windows-Eventlog
Time Written: 20150625170633.559935-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=21
"PROCESSOR_IDENTIFIER"=AMD64 Family 21 Model 16 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=1001
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared
"OnlineServices"=Online Services
"Platform"=HPD
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------

[Junfan]

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2015-06-25 19:16:11
Microsoft Windows 8.1
System drive C: has 671 GB (71%) free of 938 GB
Total RAM: 8133 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:13, on 25. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\HP.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6202 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
taskeng.exe {E3130A6B-DE92-4C63-A702-3C15DAACC966}
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f573d967-7249-4fbc-8ac4-9ff3cf439861 -SystemEventPortName:HostProcess-d889ef96-1297-410b-9c25-4b26a9f4e862 -IoCancelEventPortName:HostProcess-c181cafc-6a07-41ac-87ee-096addc3acca -NonStateChangingEventPortName:HostProcess-5f5d211f-d6fc-488c-b430-5b6967af9472 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:386bb86e-d97c-41bf-9276-05610293caec -DeviceGroupId:WpdFsGroup
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\WINDOWS\system32\GWX\GWX.exe"


"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\HP\Desktop\RSIT\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForHP.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12 931640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-12 664376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05 392344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12 931640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-12 664376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-01-30 1702912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-05-08 8322328]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-25 19:15:33 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-25 19:13:01 ----D---- C:\rsit
2015-06-25 19:13:01 ----D---- C:\Program Files\trend micro
2015-06-25 19:07:39 ----A---- C:\TDSSKiller.3.0.0.16_25.06.2015_19.07.39_log.txt
2015-06-25 17:27:47 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-06-25 17:26:38 ----D---- C:\ProgramData\Malwarebytes
2015-06-25 17:26:38 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-25 17:26:38 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-06-25 17:26:38 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-06-25 17:26:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-06-25 17:22:45 ----D---- C:\Program Files\CCleaner
2015-06-25 16:48:30 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2015-06-25 16:48:29 ----D---- C:\ProgramData\RogueKiller
2015-06-25 16:46:14 ----A---- C:\WINDOWS\system32\drivers\athuw8x.sys
2015-06-25 16:46:14 ----A---- C:\WINDOWS\system32\athuw8x.sys
2015-06-25 16:44:59 ----D---- C:\ProgramData\TP-LINK
2015-06-23 07:09:39 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-06-23 07:09:39 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-06-11 15:35:32 ----D---- C:\Program Files\Common Files\AV
2015-06-10 16:48:23 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-10 16:48:23 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-10 16:48:21 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-06-10 16:48:21 ----A---- C:\WINDOWS\system32\localspl.dll
2015-06-10 16:48:20 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-06-10 16:48:20 ----A---- C:\WINDOWS\system32\compstui.dll
2015-06-10 16:48:18 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-06-10 16:48:18 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-06-10 16:48:17 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-06-10 16:48:17 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-06-10 16:48:16 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-06-10 16:48:08 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-06-10 16:48:08 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\tquery.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\mssph.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\comctl32.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\authz.dll
2015-06-10 16:48:06 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2015-06-10 16:48:04 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-06-10 16:48:04 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-06-10 16:48:02 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-06-10 16:48:01 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-06-10 16:48:01 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-06-10 16:48:01 ----A---- C:\WINDOWS\system32\wininet.dll
2015-06-10 16:48:01 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-06-10 16:48:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-06-10 16:48:00 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-06-10 16:48:00 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-06-10 16:47:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-06-10 16:47:59 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2015-06-10 16:47:59 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-06-10 16:47:58 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-06-10 16:47:58 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-06-10 16:47:58 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\jscript.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\ieui.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-06-10 16:47:47 ----A---- C:\WINDOWS\system32\win32k.sys
2015-06-06 00:37:27 ----D---- C:\Spacekace
2015-06-05 18:00:50 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-06-05 18:00:50 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\invagent.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\devinv.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\aepic.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-06-05 18:00:48 ----A---- C:\WINDOWS\system32\aepdu.dll

======List of files/folders modified in the last 1 month======

2015-06-25 19:15:57 ----D---- C:\WINDOWS\Temp
2015-06-25 19:15:43 ----D---- C:\Windows
2015-06-25 19:15:33 ----RD---- C:\WINDOWS\System32
2015-06-25 19:15:05 ----D---- C:\WINDOWS\Prefetch
2015-06-25 19:13:01 ----RD---- C:\Program Files
2015-06-25 19:07:45 ----D---- C:\WINDOWS\system32\drivers
2015-06-25 19:07:14 ----SHD---- C:\System Volume Information
2015-06-25 19:04:05 ----D---- C:\AdwCleaner
2015-06-25 19:00:46 ----D---- C:\Program Files (x86)\Steam
2015-06-25 19:00:43 ----DC---- C:\WINDOWS\Panther
2015-06-25 19:00:43 ----D---- C:\WINDOWS\SoftwareDistribution
2015-06-25 19:00:43 ----D---- C:\WINDOWS\Logs
2015-06-25 19:00:43 ----D---- C:\WINDOWS\Inf
2015-06-25 19:00:43 ----D---- C:\WINDOWS\debug
2015-06-25 17:31:27 ----D---- C:\WINDOWS\system32\Tasks
2015-06-25 17:26:38 ----RD---- C:\Program Files (x86)
2015-06-25 17:26:38 ----HD---- C:\ProgramData
2015-06-25 17:17:11 ----D---- C:\WINDOWS\system32\config
2015-06-25 17:03:02 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-25 17:02:50 ----D---- C:\WINDOWS\WinSxS
2015-06-25 17:00:05 ----D---- C:\WINDOWS\system32\sru
2015-06-25 16:54:35 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-25 16:49:14 ----D---- C:\ProgramData\Origin
2015-06-25 16:49:12 ----SD---- C:\ProgramData\Microsoft
2015-06-25 16:46:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-06-25 16:43:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-24 20:20:56 ----D---- C:\WINDOWS\CbsTemp
2015-06-24 20:20:46 ----D---- C:\WINDOWS\SysWOW64
2015-06-23 07:09:42 ----SHD---- C:\WINDOWS\Installer
2015-06-23 00:00:22 ----RSD---- C:\WINDOWS\assembly
2015-06-22 17:54:32 ----D---- C:\WINDOWS\LiveKernelReports
2015-06-21 13:14:55 ----D---- C:\WINDOWS\AppReadiness
2015-06-21 13:14:54 ----HD---- C:\Program Files\WindowsApps
2015-06-20 12:36:58 ----D---- C:\WINDOWS\Tasks
2015-06-20 05:02:45 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-06-18 22:51:27 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2015-06-18 22:05:52 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-13 23:34:15 ----D---- C:\WINDOWS\system32\NDF
2015-06-13 17:09:40 ----D---- C:\WINDOWS\system32\catroot2
2015-06-11 20:53:57 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrA.exe
2015-06-11 20:52:27 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2015-06-11 18:03:09 ----D---- C:\WINDOWS\rescache
2015-06-11 15:35:32 ----D---- C:\Program Files\Common Files
2015-06-10 23:57:50 ----RD---- C:\WINDOWS\ToastData
2015-06-10 23:57:50 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-06-10 23:57:50 ----D---- C:\WINDOWS\system32\cs-CZ
2015-06-10 23:57:50 ----D---- C:\WINDOWS\PolicyDefinitions
2015-06-10 23:57:50 ----D---- C:\Program Files\Internet Explorer
2015-06-10 19:14:40 ----D---- C:\WINDOWS\system32\MRT
2015-06-10 19:11:29 ----A---- C:\WINDOWS\system32\MRT.exe
2015-06-07 16:33:53 ----SD---- C:\WINDOWS\system32\CompatTel
2015-06-07 16:33:53 ----D---- C:\WINDOWS\system32\appraiser
2015-06-07 16:33:53 ----D---- C:\WINDOWS\apppatch
2015-06-03 21:02:31 ----D---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-20 59648]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 athur;@oem45.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem36.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2012-08-22 91648]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-03-17 25816]
R3 RSUSBSTOR;@oem43.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2015-01-31 263896]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-01-30 544768]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\System32\drivers\usbfilter.sys [2012-07-17 57000]
S0 amdkmafd;@oem24.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 SymELAM;Symantec ELAM Driver; C:\WINDOWS\system32\drivers\NISx64\1507000.00B\SymELAM.sys [2014-08-26 23568]
S3 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20150617.001\BHDrvx64.sys [2015-06-17 1648880]
S3 ccSet_NIS;NIS Settings Manager; C:\WINDOWS\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [2014-02-21 162392]
S3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2015-06-05 489776]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-05-27 145200]
S3 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20150624.001\IDSvia64.sys [2015-06-20 692984]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-03-17 64216]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150624.037\ENG64.SYS [2015-06-25 138488]
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150624.037\EX64.SYS [2015-06-25 2146040]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\WINDOWS\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [2014-08-26 876248]
S3 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\WINDOWS\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [2014-08-26 37592]
S3 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NISx64\1507000.00B\SYMDS64.SYS [2014-08-26 493656]
S3 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [2014-08-26 1148120]
S3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2015-02-01 177752]
S3 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [2014-08-06 266968]
S3 SymNetS;Symantec Network Security WFP Driver; C:\WINDOWS\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [2014-08-26 593112]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-06-25 37624]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-07-04 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2015-06-11 76152]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-01-30 331776]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30 107912]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [2015-03-07 276336]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30 107912]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-02-27 1910640]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Junfan]

Opět nešel provést scan.. Musel jsem restartovat PC a ihned spustit ADW

# AdwCleaner v4.207 - Log vytvořen 26/06/2015 v 08:51:48
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : HP - PC-HP
# Spuštěno z : C:\Users\HP\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.130


*************************

AdwCleaner[R0].txt - [10417 bytů] - [30/09/2014 20:49:15]
AdwCleaner[R1].txt - [843 bytů] - [26/06/2015 08:51:01]
AdwCleaner[S0].txt - [9680 bytů] - [30/09/2014 20:50:35]
AdwCleaner[S1].txt - [769 bytů] - [26/06/2015 08:51:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [826 bytů] ##########

[Rudy]

OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[Junfan]

Odinstaloval jsem Norton a poté provedl novou instalaci a vypadá to, že OK


Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2015-06-27 11:08:44
Microsoft Windows 8.1
System drive C: has 680 GB (72%) free of 938 GB
Total RAM: 8133 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:46, on 27. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\HP.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe -AutoStart
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6107 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spoolsv.exe
taskhostex.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\diMaster.dll" /prefetch:1
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /c /a /s UserSession2
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1188 CREDAT:267521 /prefetch:2
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1694331133-1373063566-3514709734-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1694331133-1373063566-3514709734-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac

C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\HP\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\HPCeeScheduleForHP.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-26 392336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-01-30 1702912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-05-08 8322328]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-06-26 3632472]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-27 11:08:44 ----D---- C:\rsit
2015-06-27 11:06:50 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-27 11:05:37 ----D---- C:\_OTM
2015-06-26 11:56:07 ----D---- C:\Program Files\Common Files\Symantec Shared
2015-06-26 11:56:07 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT64x86.SYS
2015-06-26 11:55:36 ----D---- C:\WINDOWS\system32\drivers\NISx64
2015-06-26 11:55:34 ----D---- C:\Program Files (x86)\Norton Internet Security
2015-06-26 10:49:25 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-06-26 10:46:11 ----D---- C:\AdwCleaner
2015-06-25 19:13:01 ----D---- C:\Program Files\trend micro
2015-06-25 17:26:38 ----D---- C:\ProgramData\Malwarebytes
2015-06-25 17:22:45 ----D---- C:\Program Files\CCleaner
2015-06-25 16:48:30 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2015-06-25 16:48:29 ----D---- C:\ProgramData\RogueKiller
2015-06-25 16:46:14 ----A---- C:\WINDOWS\system32\drivers\athuw8x.sys
2015-06-25 16:46:14 ----A---- C:\WINDOWS\system32\athuw8x.sys
2015-06-25 16:44:59 ----D---- C:\ProgramData\TP-LINK
2015-06-23 07:09:39 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-06-23 07:09:39 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-06-11 15:35:32 ----D---- C:\Program Files\Common Files\AV
2015-06-10 16:48:23 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-10 16:48:23 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-10 16:48:21 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-06-10 16:48:21 ----A---- C:\WINDOWS\system32\localspl.dll
2015-06-10 16:48:20 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-06-10 16:48:20 ----A---- C:\WINDOWS\system32\compstui.dll
2015-06-10 16:48:18 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-06-10 16:48:18 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-06-10 16:48:17 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-06-10 16:48:17 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-06-10 16:48:16 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-06-10 16:48:08 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-06-10 16:48:08 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-06-10 16:48:07 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\tquery.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\mssph.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\comctl32.dll
2015-06-10 16:48:07 ----A---- C:\WINDOWS\system32\authz.dll
2015-06-10 16:48:06 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2015-06-10 16:48:04 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-06-10 16:48:04 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-06-10 16:48:02 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-06-10 16:48:01 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-06-10 16:48:01 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-06-10 16:48:01 ----A---- C:\WINDOWS\system32\wininet.dll
2015-06-10 16:48:01 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-06-10 16:48:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-06-10 16:48:00 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-06-10 16:48:00 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-06-10 16:47:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-06-10 16:47:59 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2015-06-10 16:47:59 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-06-10 16:47:58 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-06-10 16:47:58 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-06-10 16:47:58 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\jscript.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\ieui.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 16:47:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-06-10 16:47:47 ----A---- C:\WINDOWS\system32\win32k.sys
2015-06-06 00:37:27 ----D---- C:\Spacekace
2015-06-05 18:00:50 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-06-05 18:00:50 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\invagent.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\devinv.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\aepic.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-06-05 18:00:49 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-06-05 18:00:48 ----A---- C:\WINDOWS\system32\aepdu.dll

======List of files/folders modified in the last 1 month======

2015-06-27 11:07:47 ----D---- C:\WINDOWS\Prefetch
2015-06-27 11:07:00 ----D---- C:\Windows
2015-06-27 11:06:50 ----RD---- C:\WINDOWS\System32
2015-06-27 11:05:37 ----D---- C:\WINDOWS\Tasks
2015-06-27 11:05:17 ----D---- C:\WINDOWS\Temp
2015-06-27 11:05:11 ----HD---- C:\Program Files\WindowsApps
2015-06-27 11:05:03 ----D---- C:\WINDOWS\AppReadiness
2015-06-27 11:04:07 ----D---- C:\WINDOWS\system32\Tasks
2015-06-27 11:02:59 ----D---- C:\Program Files (x86)\Steam
2015-06-27 11:00:58 ----D---- C:\WINDOWS\SoftwareDistribution
2015-06-27 11:00:56 ----D---- C:\WINDOWS\system32\sru
2015-06-26 12:06:32 ----D---- C:\Users\HP\AppData\Roaming\Origin
2015-06-26 12:06:26 ----D---- C:\ProgramData\Origin
2015-06-26 12:06:16 ----D---- C:\Program Files (x86)\Origin
2015-06-26 12:01:12 ----SHD---- C:\System Volume Information
2015-06-26 11:57:50 ----D---- C:\ProgramData\Norton
2015-06-26 11:56:07 ----HD---- C:\WINDOWS\ELAMBKUP
2015-06-26 11:56:07 ----D---- C:\WINDOWS\system32\drivers
2015-06-26 11:56:07 ----D---- C:\Program Files\Common Files
2015-06-26 11:55:34 ----RD---- C:\Program Files (x86)
2015-06-26 11:55:19 ----D---- C:\Program Files (x86)\NortonInstaller
2015-06-26 10:56:31 ----D---- C:\WINDOWS\Inf
2015-06-26 10:56:31 ----D---- C:\WINDOWS\debug
2015-06-26 10:54:27 ----D---- C:\WINDOWS\system32\wdi
2015-06-26 10:47:40 ----RD---- C:\Program Files
2015-06-26 10:08:25 ----D---- C:\WINDOWS\system32\config
2015-06-26 10:04:09 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-26 10:02:53 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-25 19:00:43 ----DC---- C:\WINDOWS\Panther
2015-06-25 19:00:43 ----D---- C:\WINDOWS\Logs
2015-06-25 17:26:38 ----HD---- C:\ProgramData
2015-06-25 17:02:50 ----D---- C:\WINDOWS\WinSxS
2015-06-25 16:49:12 ----SD---- C:\ProgramData\Microsoft
2015-06-25 16:46:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-06-25 16:43:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-24 20:20:56 ----D---- C:\WINDOWS\CbsTemp
2015-06-24 20:20:46 ----D---- C:\WINDOWS\SysWOW64
2015-06-23 07:09:42 ----SHD---- C:\WINDOWS\Installer
2015-06-23 00:00:22 ----RSD---- C:\WINDOWS\assembly
2015-06-22 17:54:32 ----D---- C:\WINDOWS\LiveKernelReports
2015-06-20 05:02:45 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-06-18 22:51:27 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2015-06-18 22:05:52 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-13 23:34:15 ----D---- C:\WINDOWS\system32\NDF
2015-06-13 17:09:40 ----D---- C:\WINDOWS\system32\catroot2
2015-06-11 20:53:57 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrA.exe
2015-06-11 20:52:27 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2015-06-11 18:03:09 ----D---- C:\WINDOWS\rescache
2015-06-10 23:57:50 ----RD---- C:\WINDOWS\ToastData
2015-06-10 23:57:50 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-06-10 23:57:50 ----D---- C:\WINDOWS\system32\cs-CZ
2015-06-10 23:57:50 ----D---- C:\WINDOWS\PolicyDefinitions
2015-06-10 23:57:50 ----D---- C:\Program Files\Internet Explorer
2015-06-10 19:14:40 ----D---- C:\WINDOWS\system32\MRT
2015-06-10 19:11:29 ----A---- C:\WINDOWS\system32\MRT.exe
2015-06-07 16:33:53 ----SD---- C:\WINDOWS\system32\CompatTel
2015-06-07 16:33:53 ----D---- C:\WINDOWS\system32\appraiser
2015-06-07 16:33:53 ----D---- C:\WINDOWS\apppatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NISx64\1506000.020\SYMDS64.SYS [2014-08-26 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS [2014-08-26 1148120]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20140801.001\BHDrvx64.sys [2014-08-26 1530160]
R1 ccSet_NIS;NIS Settings Manager; C:\WINDOWS\system32\drivers\NISx64\1506000.020\ccSetx64.sys [2014-02-21 162392]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20140717.001\IDSVia64.sys [2014-08-26 525016]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\WINDOWS\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [2014-08-26 37592]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NISx64\1506000.020\Ironx64.SYS [2014-08-06 266968]
R1 SymNetS;Symantec Network Security WFP Driver; C:\WINDOWS\system32\drivers\NISx64\1506000.020\SYMNETS.SYS [2014-08-26 593112]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-20 59648]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 athur;@oem45.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem36.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2012-08-22 91648]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 RSUSBSTOR;@oem43.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2015-01-31 263896]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-01-30 544768]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [2015-06-26 177752]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\System32\drivers\usbfilter.sys [2012-07-17 57000]
S0 amdkmafd;@oem24.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 SymELAM;Symantec ELAM Driver; C:\WINDOWS\system32\drivers\NISx64\1506000.020\SymELAM.sys [2014-08-26 23568]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150131.003\ENG64.SYS [2014-11-15 129752]
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150131.003\EX64.SYS [2014-11-15 2137304]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\WINDOWS\system32\drivers\NISx64\1506000.020\SRTSP64.SYS [2014-08-26 876248]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-06-25 37624]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-07-04 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [2014-09-21 276376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2015-06-11 76152]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-01-30 331776]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-06-26 1997168]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30 107912]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?