VIRY.CZ

Dobrý den, prosím o konttrolu logu, neboť se mi samovolně vypíná AV N360, někdy začne samovolný posun kurzoru po monitoru, běží mi WIFI na routru, ačkoliv nejsem bezdrátově připojen. Za pomoc předem děkuji a věřím, že se mnou budete mít trpělivost, neboť jsem již starší pán.

Logfile of random's system information tool 1.06 (written by random/random)
Run by PackardBell at 2013-02-19 16:00:22
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 28 GB (62%) free of 45 GB
Total RAM: 2047 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:00:29, on 19.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Katka\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\PackardBell.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.2.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.2.1.22\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.2.1.22\coIEPlg.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-789336058-1383384898-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Katka')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7771959437
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 4759 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files\Norton 360\Engine\20.2.1.22\coIEPlg.dll [2013-01-09 509264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files\Norton 360\Engine\20.2.1.22\IPS\IPSBHO.DLL [2012-09-06 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-05-18 329504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-05-18 59168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-05-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\20.2.1.22\coIEPlg.dll [2013-01-09 509264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Documents and Settings\PackardBell\Local Settings\Temp\7zS534C\HPDiagnosticCoreUI.exe"="C:\Documents and Settings\PackardBell\Local Settings\Temp\7zS534C\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"
"C:\Documents and Settings\PackardBell\Local Settings\Temp\7zS53C5\HPDiagnosticCoreUI.exe"="C:\Documents and Settings\PackardBell\Local Settings\Temp\7zS53C5\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2013-02-18 18:38:37 ----D---- C:\WINDOWS\LastGood
2013-02-18 18:20:16 ----A---- C:\WINDOWS\ntbtlog.txt
2013-02-11 15:37:07 ----D---- C:\Documents and Settings\PackardBell\Data aplikací\ElevatedDiagnostics
2013-02-11 15:35:41 ----D---- C:\WINDOWS\system32\windowspowershell
2013-02-11 15:35:32 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$
2013-02-08 16:51:30 ----D---- C:\Program Files\Symantec
2013-02-08 16:51:30 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-02-08 16:49:57 ----D---- C:\Program Files\Norton 360
2013-01-29 18:34:06 ----D---- C:\Program Files\Common Files\Skype
2013-01-29 18:34:05 ----RD---- C:\Program Files\Skype
2013-01-26 18:02:54 ----D---- C:\Program Files\trend micro
2013-01-26 18:02:51 ----D---- C:\rsit

======List of files/folders modified in the last 1 months======

2013-02-19 16:00:29 ----D---- C:\WINDOWS\Prefetch
2013-02-19 16:00:23 ----D---- C:\WINDOWS\Temp
2013-02-18 18:38:39 ----HD---- C:\WINDOWS\inf
2013-02-18 18:38:39 ----D---- C:\WINDOWS\system32\drivers
2013-02-18 18:38:37 ----D---- C:\WINDOWS
2013-02-18 18:32:11 ----A---- C:\boot.ini
2013-02-18 18:25:04 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-18 18:22:17 ----SHD---- C:\System Volume Information
2013-02-18 18:19:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-18 17:18:26 ----D---- C:\WINDOWS\system32
2013-02-14 14:31:51 ----HD---- C:\WINDOWS\$hf_mig$
2013-02-11 17:29:12 ----D---- C:\WINDOWS\Microsoft.NET
2013-02-11 17:19:57 ----RSD---- C:\WINDOWS\assembly
2013-02-11 16:43:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-02-11 16:38:41 ----D---- C:\WINDOWS\system32\config
2013-02-11 16:35:43 ----A---- C:\WINDOWS\wincmd.ini
2013-02-11 16:03:36 ----D---- C:\Program Files\Mozilla Firefox
2013-02-11 16:01:34 ----D---- C:\WINDOWS\AppPatch
2013-02-11 16:01:33 ----RD---- C:\Program Files
2013-02-11 15:21:45 ----SHD---- C:\WINDOWS\Installer
2013-02-11 15:21:44 ----HD---- C:\Config.Msi
2013-02-11 15:21:10 ----D---- C:\WINDOWS\WinSxS
2013-02-11 15:20:25 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-11 15:20:18 ----D---- C:\Program Files\Internet Explorer
2013-02-11 15:20:12 ----D---- C:\WINDOWS\pchealth
2013-02-11 15:13:44 ----A---- C:\WINDOWS\imsins.BAK
2013-02-08 16:51:30 ----D---- C:\Program Files\Common Files
2013-02-08 16:49:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2013-02-08 16:49:32 ----D---- C:\Program Files\NortonInstaller
2013-02-02 16:30:50 ----SD---- C:\Documents and Settings\PackardBell\Data aplikací\Microsoft
2013-01-29 18:34:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-01-20 20:07:18 ----D---- C:\Program Files\Windows Media Player
2013-01-20 20:05:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-01-20 19:55:30 ----A---- C:\WINDOWS\win.ini
2013-01-20 19:53:31 ----D---- C:\WINDOWS\Help
2013-01-20 19:53:30 ----D---- C:\Program Files\Windows Media Connect 2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130208.001\BHDrvx86.sys []
R1 ccSet_N360;Norton 360 Settings Manager; C:\WINDOWS\system32\drivers\N360\1402010.016\ccSetx86.sys [2012-08-20 134304]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\1402010.016\SRTSPX.SYS [2012-09-06 32888]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\1402010.016\Ironx86.SYS [2012-09-06 175264]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\system32\drivers\N360\1402010.016\SYMTDI.SYS [2012-09-06 394656]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 26600]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130216.001\IDSxpx86.sys []
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2008-04-14 126686]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130218.025\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130218.025\NAVEX15.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2008-04-14 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2008-04-14 13240]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\system32\drivers\N360\1402010.016\SRTSP.SYS [2012-10-08 586400]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2012-09-06 44064]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2008-04-14 1309184]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2008-04-14 180360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2008-04-14 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2012-09-06 44064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-05-18 153376]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe [2012-12-04 143928]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

-----------------EOF-----------------

Zdravím!
Log, až na pár zbytečností vypadá čistý.

Dvouklikem na soubor C:\Program Files\trend micro\PackardBell.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-789336058-1383384898-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Katka')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

Klikněte na >FixChecked< a restartujte PC. Norton zkuste přeinstalovat. Zapnuté wifi na routeru, musíte vypnout na něm, pokud se nepřipojujete přes WiFi. Zapntá WiFi však ničemu nevadí. Pokud by se i po reinstalu Norotn vxypínal, dejte vědět, zvolíme jiný postup.

Děkuji za radu, provedeno. AV jsem již přeinstalovával předtím a opakovaly se problémy již 3x. Problém s WIFI je v tom, že dioda indikuje činnost v době, kdy nejsem připojen. Používám WIFI k připojení NB. Dále mám ještě jeden problém, který snad ani neřeším. Jde mi spíš o chování WMP. Při přehrávání z USB nebo DVD hraje první klip normálně se zvukem bez potíží. Druhý klip téhož filmu mi běží obraz bez zvuku, třetí klip má někdy zvuk a někdy ne, čtvrtý hraje se zvukem. Tentýž film na NB běží bez problému. Nesetkali jste se již s něčím podobným. Sám jsem sledoval několik různých for, ale nic jsem nenašel. Jak dál?
Edit: Právě mi znovu vyhodilo chybu NORTON AV.

Zřejmě se vám na wifi připojuje někdo další z vašeho okolí v dosahu. K WMP: zkuste přeinstalovat kodeky, případně použijte jiný přehrávač. WMP je na můj vkus poněkud těžkopádný program. Používám KMPlayer: http://www.stahuj.centrum.cz/multimedia ... /kmplayer/ . Ještě dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Dobrý den, zde je log z Combofixu.

ComboFix 13-02-18.02 - PackardBell 20.02.2013 15:19:08.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1296 [GMT 1:00]
Spuštěný z: c:\documents and settings\PackardBell\Plocha\ComboFix.exe
AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-20 do 2013-02-20 )))))))))))))))))))))))))))))))
.
.
2013-02-18 17:38 . 2012-09-06 18:05 44064 ----a-r- c:\windows\system32\drivers\SymIM.sys
2013-02-11 14:37 . 2013-02-11 14:37 -------- d-----w- c:\documents and settings\PackardBell\Data aplikací\ElevatedDiagnostics
2013-02-08 15:51 . 2013-02-08 16:00 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-02-08 15:51 . 2013-02-08 15:51 -------- d-----w- c:\program files\Symantec
2013-02-08 15:51 . 2013-02-08 15:51 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-02-08 15:49 . 2013-02-08 15:50 -------- d-----w- c:\program files\Norton 360
2013-01-29 17:34 . 2013-01-29 17:34 -------- d-----w- c:\program files\Common Files\Skype
2013-01-29 17:34 . 2013-01-29 17:34 -------- d-----r- c:\program files\Skype
2013-01-26 17:02 . 2013-02-19 20:17 -------- d-----w- c:\program files\trend micro
2013-01-26 17:02 . 2013-01-26 17:03 -------- d-----w- C:\rsit
2013-01-23 15:36 . 2013-02-08 15:56 -------- d-----w- c:\windows\system32\drivers\N360\1402010.016
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 12:23 . 2008-04-14 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2011-08-12 06:10 . 2012-05-18 07:14 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
.
c:\documents and settings\Default User\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1402010.016\SymDS.sys [8.2.2013 16:50 368288]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1402010.016\SymEFA.sys [8.2.2013 16:50 927904]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130208.001\BHDrvx86.sys [13.2.2013 15:40 997464]
R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1402010.016\ccSetx86.sys [8.2.2013 16:50 134304]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1402010.016\Ironx86.sys [8.2.2013 16:50 175264]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe [8.2.2013 16:50 143928]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [11.2.2013 16:30 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130216.001\IDSXpx86.sys [19.2.2013 11:23 373728]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 93.181.97.1 192.168.0.1
FF - ProfilePath - c:\documents and settings\PackardBell\Data aplikací\Mozilla\Firefox\Profiles\zqfil1mm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-20 15:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.2.1.22\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3404)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2013-02-20 15:30:26
ComboFix-quarantined-files.txt 2013-02-20 14:30
.
Před spuštěním: Volných bajtů: 29 206 355 968
Po spuštění: Volných bajtů: 29 174 173 696
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 2225381BAE830AD105D9EEBF34F2D374

Log vypadá OK. Zkuste antivir přeinstalovat.

Dobrý den přeji. Antivir jsem dnes přeinstaloval, neboť mi to stále padalo do chyby. Uvidím jak se bude PC chovat. Poraďte, jak zjistit, kdo se mi připojuje na WIFI. Odpoledne byla síť v klidu a teď mi zase jede jako divá. Děkuji.

josebor píše:Poraďte, jak zjistit, kdo se mi připojuje na WIFI.

To lze běžnými prostředky těžko. Pokud máte tzv. volnou wifi a vadí vám, že se na ni někdo připojuje, změňte ji na zabezpečenou (pod heslem). Pokud zabezpečená je, haslo změňte.

Děkuji za radu, zkusím nové heslo a uvidíme. Zatím díky a kdyby něco, zkusím se ozvat. Přeji hodně zdaru a pohody.

Totéž přeji i já vám a nemáte zač!

Přeji hezký den, PC běží zatím v pohodě. Měl bych dotaz. Když budu potřebovat znovu kontrolu, mám si založit nové téma nebo mohu použít toto? Chtěl bych ještě udělat kontrolu NB. Mohu v tomto tématu nebo musím založit nové: Děkuji za odpověď .

Téma je odemčené, můžete klidně dát nový log.

Zde je RSIT z NB, prosím o kontrolu logu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Josef at 2013-03-05 19:39:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 77 GB (70%) free of 110 GB
Total RAM: 3955 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:35, on 5.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
F:\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\Josef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1912636707-3705121007-1248075270-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Bob')
O4 - HKUS\S-1-5-21-1912636707-3705121007-1248075270-1001\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe -update plugin (User 'Bob')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - S-1-5-21-1912636707-3705121007-1248075270-1001 Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Bob')
O4 - S-1-5-21-1912636707-3705121007-1248075270-1001 User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Bob')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12430 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 23479120
\??\C:\Windows\system32\conhost.exe "1384479256-432454642-1238710336-214399336111380410521877873174-1846232787-2041922314
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1852
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
atieclxx
"taskhost.exe"
"C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe" /c /a /s UserSession2
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {5FF28C6B-3056-4D8F-8F53-9B85C89396A3}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4384.89fbac0.993821946 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4384 plugin \\.\pipe\gecko-crash-server-pipe.4384
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"F:\totalcmd\TOTALCMD.EXE"
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"F:\UTILITY\RSIT\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\7dug1h6c.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
prefs.js - "extensions.enabledItems" - "{BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.0.68 - 1, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll [2013-02-01 512408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL [2012-06-21 210400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll [2013-02-01 512408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 595816]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-07-28 2120808]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-27 16:57:22 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-27 16:57:22 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-27 16:57:22 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 16:57:22 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 16:57:20 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-27 16:57:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 16:57:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-27 16:57:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-27 16:57:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 16:57:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-27 16:57:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-27 16:57:17 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-27 16:57:17 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\d2d1.dll
2013-02-27 16:57:11 ----A---- C:\Windows\system32\ieframe.dll
2013-02-27 16:57:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-27 16:57:08 ----A---- C:\Windows\system32\mshtml.dll
2013-02-27 16:57:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-27 16:57:05 ----A---- C:\Windows\system32\wininet.dll
2013-02-27 16:57:05 ----A---- C:\Windows\system32\iertutil.dll
2013-02-27 16:57:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-27 16:57:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-27 16:57:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-27 16:57:04 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-27 16:57:03 ----A---- C:\Windows\system32\urlmon.dll
2013-02-27 16:57:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-27 16:56:59 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-27 16:56:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-27 16:56:59 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-27 16:56:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-27 16:56:59 ----A---- C:\Windows\system32\url.dll
2013-02-27 16:56:59 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-27 16:56:59 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-27 16:56:59 ----A---- C:\Windows\system32\ieui.dll
2013-02-27 16:56:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-27 16:56:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-27 16:56:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-27 16:56:42 ----A---- C:\Windows\system32\win32k.sys
2013-02-27 16:56:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-27 16:56:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-27 16:56:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-27 16:56:41 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-27 16:56:41 ----A---- C:\Windows\system32\winsrv.dll
2013-02-27 16:56:40 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-27 16:56:39 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-27 16:56:39 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-18 18:30:48 ----RA---- C:\Windows\system32\drivers\SymIMV.sys
2013-02-08 15:32:01 ----A---- C:\Windows\system32\Wdfres.dll
2013-02-08 15:32:01 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-02-08 15:32:01 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-02-07 19:51:25 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-02-07 19:51:25 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-02-07 19:51:25 ----A---- C:\Windows\system32\atmlib.dll
2013-02-07 19:51:25 ----A---- C:\Windows\system32\atmfd.dll
2013-02-07 19:51:06 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-02-07 19:51:06 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-02-07 19:51:06 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-02-07 19:51:06 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-02-07 19:51:05 ----A---- C:\Windows\system32\WUDFx.dll
2013-02-07 19:51:05 ----A---- C:\Windows\system32\WUDFHost.exe
2013-02-07 19:51:05 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-02-07 19:49:13 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-02-07 19:49:13 ----A---- C:\Windows\system32\win32spl.dll
2013-02-07 19:49:06 ----A---- C:\Windows\system32\Wpc.dll
2013-02-07 19:49:05 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-02-07 19:49:05 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-02-07 19:49:05 ----A---- C:\Windows\system32\gameux.dll
2013-02-07 19:48:51 ----A---- C:\Windows\system32\shell32.dll
2013-02-07 19:48:49 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-02-07 19:48:47 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-02-07 19:48:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-02-07 19:48:37 ----A---- C:\Windows\system32\tzres.dll
2013-02-07 19:48:15 ----A---- C:\Windows\system32\schannel.dll
2013-02-07 19:48:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-02-07 19:48:15 ----A---- C:\Windows\system32\drivers\cng.sys
2013-02-07 19:48:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-02-07 19:48:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-02-07 19:48:14 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-02-07 19:48:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-02-07 19:48:13 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-02-07 19:48:13 ----A---- C:\Windows\system32\kerberos.dll
2013-02-07 19:48:12 ----A---- C:\Windows\system32\vbscript.dll
2013-02-07 19:48:12 ----A---- C:\Windows\system32\jscript.dll
2013-02-07 19:48:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-07 19:48:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-07 19:48:11 ----A---- C:\Windows\system32\msi.dll
2013-02-07 19:48:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-02-07 19:48:10 ----A---- C:\Windows\system32\taskhost.exe
2013-02-07 19:48:09 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-02-07 19:48:09 ----A---- C:\Windows\system32\synceng.dll
2013-02-07 19:48:09 ----A---- C:\Windows\system32\dpnet.dll
2013-02-07 19:48:08 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-02-07 19:47:55 ----A---- C:\Windows\system32\profsvc.dll
2013-02-07 19:47:49 ----A---- C:\Windows\system32\KernelBase.dll
2013-02-07 19:47:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-02-07 19:47:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-02-07 19:47:48 ----A---- C:\Windows\system32\kernel32.dll
2013-02-07 19:47:48 ----A---- C:\Windows\system32\conhost.exe
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-07 19:47:47 ----A---- C:\Windows\system32\wow64win.dll
2013-02-07 19:47:47 ----A---- C:\Windows\system32\wow64cpu.dll
2013-02-07 19:47:47 ----A---- C:\Windows\system32\wow64.dll
2013-02-07 19:47:47 ----A---- C:\Windows\system32\ntvdm64.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-02-07 19:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-02-07 19:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-02-07 19:47:36 ----A---- C:\Windows\system32\msxml6.dll
2013-02-07 19:47:36 ----A---- C:\Windows\system32\msxml3.dll
2013-02-07 19:47:35 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-02-07 19:47:35 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-02-07 19:47:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-02-07 19:47:35 ----A---- C:\Windows\system32\msxml3r.dll
2013-02-07 19:47:34 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-02-07 19:47:34 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-02-07 19:47:34 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-02-07 19:47:34 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\nlasvc.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\nlaapi.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\netevent.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\netcorehc.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\ncsi.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-02-07 19:47:34 ----A---- C:\Windows\system32\drivers\netio.sys
2013-02-07 19:47:27 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-02-07 19:47:27 ----A---- C:\Windows\system32\cdosys.dll
2013-02-07 19:47:21 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-02-07 19:47:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-02-07 19:47:19 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-02-07 19:47:19 ----A---- C:\Windows\system32\srcore.dll
2013-02-07 19:47:19 ----A---- C:\Windows\system32\ncrypt.dll
2013-02-07 19:47:19 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-02-07 19:47:19 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-02-07 19:47:18 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-02-07 19:47:18 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-02-07 19:47:18 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-02-07 19:47:18 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-02-07 19:47:16 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-02-07 19:47:16 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-02-07 19:47:16 ----A---- C:\Windows\system32\netapi32.dll
2013-02-07 19:47:16 ----A---- C:\Windows\system32\localspl.dll
2013-02-07 19:47:16 ----A---- C:\Windows\system32\browser.dll
2013-02-07 19:47:16 ----A---- C:\Windows\system32\browcli.dll
2013-02-07 19:47:15 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-02-07 19:47:15 ----A---- C:\Windows\system32\usp10.dll
2013-02-07 19:47:14 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-02-07 19:47:14 ----A---- C:\Windows\system32\wintrust.dll
2013-02-07 19:47:14 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-02-07 19:47:14 ----A---- C:\Windows\system32\rdpwsx.dll
2013-02-07 19:47:14 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-02-07 19:47:13 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-02-07 19:44:49 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-02-07 19:44:49 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-02-07 19:44:49 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-02-07 19:44:49 ----A---- C:\Windows\system32\cryptsvc.dll
2013-02-07 19:44:49 ----A---- C:\Windows\system32\cryptnet.dll
2013-02-07 19:44:49 ----A---- C:\Windows\system32\crypt32.dll
2013-02-07 19:42:10 ----A---- C:\Windows\system32\spoolsv.exe
2013-02-07 19:42:10 ----A---- C:\Windows\splwow64.exe
2013-02-07 17:48:35 ----D---- C:\Windows\system32\drivers\N360x64
2013-02-07 17:48:19 ----D---- C:\Program Files (x86)\Norton 360
2013-02-07 17:29:14 ----A---- C:\Windows\system32\wups2.dll
2013-02-07 17:29:14 ----A---- C:\Windows\system32\wuauclt.exe
2013-02-07 17:29:13 ----A---- C:\Windows\system32\wucltux.dll
2013-02-07 17:29:13 ----A---- C:\Windows\system32\wuaueng.dll
2013-02-07 17:29:10 ----A---- C:\Windows\system32\wups.dll
2013-02-07 17:29:10 ----A---- C:\Windows\system32\wudriver.dll
2013-02-07 17:29:10 ----A---- C:\Windows\system32\wuapi.dll
2013-02-07 17:29:06 ----A---- C:\Windows\system32\wuwebv.dll
2013-02-07 17:29:06 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2013-03-05 19:39:34 ----D---- C:\Program Files\trend micro
2013-03-05 19:39:30 ----D---- C:\Windows\Temp
2013-02-27 17:51:32 ----D---- C:\Windows\system32\config
2013-02-27 17:38:54 ----SHD---- C:\System Volume Information
2013-02-27 17:37:13 ----D---- C:\Windows\winsxs
2013-02-27 17:37:12 ----A---- C:\Windows\SYSWOW64\log.txt
2013-02-27 17:35:36 ----D---- C:\Windows\SysWOW64
2013-02-27 17:35:36 ----D---- C:\Windows\System32
2013-02-27 17:30:50 ----D---- C:\Windows\Microsoft.NET
2013-02-27 17:30:49 ----RSD---- C:\Windows\assembly
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\migration
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-27 17:06:04 ----D---- C:\Windows\system32\migration
2013-02-27 17:06:04 ----D---- C:\Windows\system32\drivers
2013-02-27 17:06:04 ----D---- C:\Windows\AppPatch
2013-02-27 17:06:04 ----D---- C:\Program Files\Internet Explorer
2013-02-27 17:06:04 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-02-27 17:06:02 ----D---- C:\Windows\SYSWOW64\en-US
2013-02-27 17:06:02 ----D---- C:\Windows\system32\zh-TW
2013-02-27 17:06:02 ----D---- C:\Windows\system32\zh-HK
2013-02-27 17:06:02 ----D---- C:\Windows\system32\zh-CN
2013-02-27 17:06:02 ----D---- C:\Windows\system32\tr-TR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\sv-SE
2013-02-27 17:06:02 ----D---- C:\Windows\system32\ru-RU
2013-02-27 17:06:02 ----D---- C:\Windows\system32\pt-PT
2013-02-27 17:06:02 ----D---- C:\Windows\system32\pt-BR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\pl-PL
2013-02-27 17:06:02 ----D---- C:\Windows\system32\nl-NL
2013-02-27 17:06:02 ----D---- C:\Windows\system32\nb-NO
2013-02-27 17:06:02 ----D---- C:\Windows\system32\ko-KR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\ja-JP
2013-02-27 17:06:02 ----D---- C:\Windows\system32\it-IT
2013-02-27 17:06:02 ----D---- C:\Windows\system32\hu-HU
2013-02-27 17:06:02 ----D---- C:\Windows\system32\fr-FR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\fi-FI
2013-02-27 17:06:02 ----D---- C:\Windows\system32\es-ES
2013-02-27 17:06:02 ----D---- C:\Windows\system32\el-GR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\de-DE
2013-02-27 17:06:02 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 17:06:01 ----D---- C:\Windows\system32\en-US
2013-02-27 17:06:01 ----D---- C:\Windows\system32\da-DK
2013-02-27 17:01:52 ----A---- C:\Windows\system32\MRT.exe
2013-02-27 17:01:47 ----SHD---- C:\Windows\Installer
2013-02-27 17:01:46 ----HD---- C:\Config.Msi
2013-02-27 17:00:20 ----D---- C:\Windows\inf
2013-02-27 17:00:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-27 16:58:02 ----D---- C:\Windows\system32\catroot
2013-02-27 16:58:00 ----D---- C:\Windows\system32\catroot2
2013-02-26 20:08:37 ----D---- C:\ProgramData\Adobe
2013-02-26 19:54:13 ----D---- C:\Windows\system32\NDF
2013-02-18 19:51:58 ----D---- C:\Windows\Prefetch
2013-02-18 18:30:45 ----D---- C:\Windows\system32\DriverStore
2013-02-08 15:46:01 ----D---- C:\Windows\system32\wbem
2013-02-08 15:46:01 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-02-07 21:15:22 ----RSD---- C:\Windows\Fonts
2013-02-07 21:15:20 ----D---- C:\Windows
2013-02-07 20:42:47 ----D---- C:\Windows\rescache
2013-02-07 18:23:27 ----D---- C:\Windows\system32\drivers\etc
2013-02-07 18:23:26 ----D---- C:\Windows\system32\drivers\UMDF
2013-02-07 18:23:19 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-07 18:23:18 ----D---- C:\Windows\system32\CodeIntegrity
2013-02-07 18:23:04 ----D---- C:\Windows\AppCompat
2013-02-07 18:23:03 ----D---- C:\Users\Josef\AppData\Roaming\GHISLER
2013-02-07 18:23:00 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-02-07 18:23:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-07 18:22:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-07 18:22:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-07 18:21:29 ----D---- C:\Windows\registration
2013-02-07 18:14:27 ----D---- C:\Windows\system32\Tasks
2013-02-07 18:05:29 ----RD---- C:\Program Files
2013-02-07 18:05:29 ----D---- C:\ProgramData\Malwarebytes
2013-02-07 18:05:24 ----D---- C:\Program Files\Common Files
2013-02-07 18:05:18 ----D---- C:\Program Files (x86)\NortonInstaller
2013-02-07 17:50:32 ----D---- C:\Program Files\Symantec
2013-02-07 17:48:19 ----RD---- C:\Program Files (x86)
2013-02-07 17:48:19 ----D---- C:\ProgramData\Norton
2013-02-07 17:24:47 ----D---- C:\Windows\Tasks
2013-02-07 17:24:47 ----D---- C:\Windows\SYSWOW64\wbem
2013-02-07 17:24:47 ----D---- C:\Windows\system32\wfp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2010-03-22 46192]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0604010.00E\SYMDS64.SYS [2011-08-15 451192]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [2012-05-22 1129120]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-01-16 1388120]
R1 ccSet_N360;Norton 360 Settings Manager; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [2012-06-07 167072]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-02-07 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130226.002\IDSvia64.sys [2013-02-06 513184]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [2012-07-06 37536]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2011-11-23 43640]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [2011-11-16 190072]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [2011-11-16 405624]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-05 7884288]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-05 285696]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-05 2637824]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2011-03-04 20592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-02-07 138912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 24904]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130227.003\ENG64.SYS [2013-02-07 126192]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130227.003\EX64.SYS [2013-02-07 2087664]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [2012-07-06 737952]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-02-07 175736]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2010-04-07 214248]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2010-06-18 18872]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-05-13 59704]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-07 232992]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver; C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-05 203264]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-27 1811456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [2012-06-16 138272]
R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 489384]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-19 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
C:\Program Files (x86)\Skype\Toolbars

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Dobrý večer, zde je nový log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Josef at 2013-03-05 21:17:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 77 GB (70%) free of 110 GB
Total RAM: 3955 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:56, on 5.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\trend micro\Josef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\Bob\Desktop\OTM.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1912636707-3705121007-1248075270-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Bob')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - S-1-5-21-1912636707-3705121007-1248075270-1001 Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Bob')
O4 - S-1-5-21-1912636707-3705121007-1248075270-1001 User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Bob')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12103 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 26988928
\??\C:\Windows\system32\conhost.exe "5148255-479648636-6797700332101667332914643200805670183-19898147771242406879
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2068
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe" /c /a /s UserSession2
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d91fc939-0394-4512-9708-27d33219920b -SystemEventPortName:HostProcess-9938ab6f-b152-4ca5-8bfe-5f2f74f03f5e -IoCancelEventPortName:HostProcess-7bbc517c-6e25-4895-9a71-0dc065b2e4b1 -NonStateChangingEventPortName:HostProcess-524c0080-389c-4aa5-b589-a97a0f8ede6d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7d2e3561-78b1-4313-afac-5f2bcebb2864 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
taskeng.exe {BD46E976-C605-4B65-851A-947AFE239337}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"F:\UTILITY\RSIT\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\7dug1h6c.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
prefs.js - "extensions.enabledItems" - "{BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.0.68 - 1, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll [2013-02-01 512408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL [2012-06-21 210400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll [2013-02-01 512408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 595816]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-07-28 2120808]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\Bob\Desktop\OTM.exe [2013-03-05 522240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-05 21:15:16 ----D---- C:\_OTM
2013-02-27 16:57:22 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-27 16:57:22 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-27 16:57:22 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 16:57:22 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 16:57:20 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-27 16:57:20 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 16:57:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 16:57:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-27 16:57:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-27 16:57:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 16:57:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-27 16:57:18 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 16:57:18 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 16:57:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-27 16:57:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-27 16:57:17 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-27 16:57:17 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 16:57:17 ----A---- C:\Windows\system32\d2d1.dll
2013-02-27 16:57:11 ----A---- C:\Windows\system32\ieframe.dll
2013-02-27 16:57:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-27 16:57:08 ----A---- C:\Windows\system32\mshtml.dll
2013-02-27 16:57:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-27 16:57:05 ----A---- C:\Windows\system32\wininet.dll
2013-02-27 16:57:05 ----A---- C:\Windows\system32\iertutil.dll
2013-02-27 16:57:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-27 16:57:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-27 16:57:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-27 16:57:04 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-27 16:57:03 ----A---- C:\Windows\system32\urlmon.dll
2013-02-27 16:57:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-27 16:56:59 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-27 16:56:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-27 16:56:59 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-27 16:56:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-27 16:56:59 ----A---- C:\Windows\system32\url.dll
2013-02-27 16:56:59 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-27 16:56:59 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-27 16:56:59 ----A---- C:\Windows\system32\ieui.dll
2013-02-27 16:56:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-27 16:56:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-27 16:56:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-27 16:56:42 ----A---- C:\Windows\system32\win32k.sys
2013-02-27 16:56:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-27 16:56:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-27 16:56:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-27 16:56:41 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-27 16:56:41 ----A---- C:\Windows\system32\winsrv.dll
2013-02-27 16:56:40 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-27 16:56:39 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-27 16:56:39 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-18 18:30:48 ----RA---- C:\Windows\system32\drivers\SymIMV.sys
2013-02-08 15:32:01 ----A---- C:\Windows\system32\Wdfres.dll
2013-02-08 15:32:01 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-02-08 15:32:01 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-02-07 19:51:25 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-02-07 19:51:25 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-02-07 19:51:25 ----A---- C:\Windows\system32\atmlib.dll
2013-02-07 19:51:25 ----A---- C:\Windows\system32\atmfd.dll
2013-02-07 19:51:06 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-02-07 19:51:06 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-02-07 19:51:06 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-02-07 19:51:06 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-02-07 19:51:05 ----A---- C:\Windows\system32\WUDFx.dll
2013-02-07 19:51:05 ----A---- C:\Windows\system32\WUDFHost.exe
2013-02-07 19:51:05 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-02-07 19:49:13 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-02-07 19:49:13 ----A---- C:\Windows\system32\win32spl.dll
2013-02-07 19:49:06 ----A---- C:\Windows\system32\Wpc.dll
2013-02-07 19:49:05 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-02-07 19:49:05 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-02-07 19:49:05 ----A---- C:\Windows\system32\gameux.dll
2013-02-07 19:48:51 ----A---- C:\Windows\system32\shell32.dll
2013-02-07 19:48:49 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-02-07 19:48:47 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-02-07 19:48:37 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-02-07 19:48:37 ----A---- C:\Windows\system32\tzres.dll
2013-02-07 19:48:15 ----A---- C:\Windows\system32\schannel.dll
2013-02-07 19:48:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-02-07 19:48:15 ----A---- C:\Windows\system32\drivers\cng.sys
2013-02-07 19:48:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-02-07 19:48:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-02-07 19:48:14 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-02-07 19:48:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-02-07 19:48:13 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-02-07 19:48:13 ----A---- C:\Windows\system32\kerberos.dll
2013-02-07 19:48:12 ----A---- C:\Windows\system32\vbscript.dll
2013-02-07 19:48:12 ----A---- C:\Windows\system32\jscript.dll
2013-02-07 19:48:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-07 19:48:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-07 19:48:11 ----A---- C:\Windows\system32\msi.dll
2013-02-07 19:48:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2013-02-07 19:48:10 ----A---- C:\Windows\system32\taskhost.exe
2013-02-07 19:48:09 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-02-07 19:48:09 ----A---- C:\Windows\system32\synceng.dll
2013-02-07 19:48:09 ----A---- C:\Windows\system32\dpnet.dll
2013-02-07 19:48:08 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-02-07 19:47:55 ----A---- C:\Windows\system32\profsvc.dll
2013-02-07 19:47:49 ----A---- C:\Windows\system32\KernelBase.dll
2013-02-07 19:47:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-02-07 19:47:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-02-07 19:47:48 ----A---- C:\Windows\system32\kernel32.dll
2013-02-07 19:47:48 ----A---- C:\Windows\system32\conhost.exe
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-02-07 19:47:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-07 19:47:47 ----A---- C:\Windows\system32\wow64win.dll
2013-02-07 19:47:47 ----A---- C:\Windows\system32\wow64cpu.dll
2013-02-07 19:47:47 ----A---- C:\Windows\system32\wow64.dll
2013-02-07 19:47:47 ----A---- C:\Windows\system32\ntvdm64.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-02-07 19:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-02-07 19:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-02-07 19:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-02-07 19:47:36 ----A---- C:\Windows\system32\msxml6.dll
2013-02-07 19:47:36 ----A---- C:\Windows\system32\msxml3.dll
2013-02-07 19:47:35 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-02-07 19:47:35 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-02-07 19:47:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-02-07 19:47:35 ----A---- C:\Windows\system32\msxml3r.dll
2013-02-07 19:47:34 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-02-07 19:47:34 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-02-07 19:47:34 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-02-07 19:47:34 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\nlasvc.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\nlaapi.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\netevent.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\netcorehc.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\ncsi.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-02-07 19:47:34 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-02-07 19:47:34 ----A---- C:\Windows\system32\drivers\netio.sys
2013-02-07 19:47:27 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-02-07 19:47:27 ----A---- C:\Windows\system32\cdosys.dll
2013-02-07 19:47:21 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-02-07 19:47:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-02-07 19:47:19 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-02-07 19:47:19 ----A---- C:\Windows\system32\srcore.dll
2013-02-07 19:47:19 ----A---- C:\Windows\system32\ncrypt.dll
2013-02-07 19:47:19 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-02-07 19:47:19 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-02-07 19:47:18 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-02-07 19:47:18 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-02-07 19:47:18 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-02-07 19:47:18 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-02-07 19:47:16 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-02-07 19:47:16 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-02-07 19:47:16 ----A---- C:\Windows\system32\netapi32.dll
2013-02-07 19:47:16 ----A---- C:\Windows\system32\localspl.dll
2013-02-07 19:47:16 ----A---- C:\Windows\system32\browser.dll
2013-02-07 19:47:16 ----A---- C:\Windows\system32\browcli.dll
2013-02-07 19:47:15 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-02-07 19:47:15 ----A---- C:\Windows\system32\usp10.dll
2013-02-07 19:47:14 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-02-07 19:47:14 ----A---- C:\Windows\system32\wintrust.dll
2013-02-07 19:47:14 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-02-07 19:47:14 ----A---- C:\Windows\system32\rdpwsx.dll
2013-02-07 19:47:14 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-02-07 19:47:13 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-02-07 19:44:49 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-02-07 19:44:49 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-02-07 19:44:49 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-02-07 19:44:49 ----A---- C:\Windows\system32\cryptsvc.dll
2013-02-07 19:44:49 ----A---- C:\Windows\system32\cryptnet.dll
2013-02-07 19:44:49 ----A---- C:\Windows\system32\crypt32.dll
2013-02-07 19:42:10 ----A---- C:\Windows\system32\spoolsv.exe
2013-02-07 19:42:10 ----A---- C:\Windows\splwow64.exe
2013-02-07 17:48:35 ----D---- C:\Windows\system32\drivers\N360x64
2013-02-07 17:48:19 ----D---- C:\Program Files (x86)\Norton 360
2013-02-07 17:29:14 ----A---- C:\Windows\system32\wups2.dll
2013-02-07 17:29:14 ----A---- C:\Windows\system32\wuauclt.exe
2013-02-07 17:29:13 ----A---- C:\Windows\system32\wucltux.dll
2013-02-07 17:29:13 ----A---- C:\Windows\system32\wuaueng.dll
2013-02-07 17:29:10 ----A---- C:\Windows\system32\wups.dll
2013-02-07 17:29:10 ----A---- C:\Windows\system32\wudriver.dll
2013-02-07 17:29:10 ----A---- C:\Windows\system32\wuapi.dll
2013-02-07 17:29:06 ----A---- C:\Windows\system32\wuwebv.dll
2013-02-07 17:29:06 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2013-03-05 21:17:55 ----D---- C:\Program Files\trend micro
2013-03-05 21:16:44 ----A---- C:\Windows\SYSWOW64\log.txt
2013-03-05 21:15:50 ----SHD---- C:\System Volume Information
2013-03-05 21:15:27 ----D---- C:\Windows\Temp
2013-03-05 21:15:27 ----D---- C:\Windows
2013-03-05 21:15:17 ----RD---- C:\Program Files (x86)\Skype
2013-03-05 19:56:25 ----D---- C:\Windows\system32\config
2013-02-27 17:37:13 ----D---- C:\Windows\winsxs
2013-02-27 17:35:36 ----D---- C:\Windows\SysWOW64
2013-02-27 17:35:36 ----D---- C:\Windows\System32
2013-02-27 17:30:50 ----D---- C:\Windows\Microsoft.NET
2013-02-27 17:30:49 ----RSD---- C:\Windows\assembly
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\migration
2013-02-27 17:06:04 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-27 17:06:04 ----D---- C:\Windows\system32\migration
2013-02-27 17:06:04 ----D---- C:\Windows\system32\drivers
2013-02-27 17:06:04 ----D---- C:\Windows\AppPatch
2013-02-27 17:06:04 ----D---- C:\Program Files\Internet Explorer
2013-02-27 17:06:04 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-27 17:06:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-02-27 17:06:02 ----D---- C:\Windows\SYSWOW64\en-US
2013-02-27 17:06:02 ----D---- C:\Windows\system32\zh-TW
2013-02-27 17:06:02 ----D---- C:\Windows\system32\zh-HK
2013-02-27 17:06:02 ----D---- C:\Windows\system32\zh-CN
2013-02-27 17:06:02 ----D---- C:\Windows\system32\tr-TR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\sv-SE
2013-02-27 17:06:02 ----D---- C:\Windows\system32\ru-RU
2013-02-27 17:06:02 ----D---- C:\Windows\system32\pt-PT
2013-02-27 17:06:02 ----D---- C:\Windows\system32\pt-BR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\pl-PL
2013-02-27 17:06:02 ----D---- C:\Windows\system32\nl-NL
2013-02-27 17:06:02 ----D---- C:\Windows\system32\nb-NO
2013-02-27 17:06:02 ----D---- C:\Windows\system32\ko-KR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\ja-JP
2013-02-27 17:06:02 ----D---- C:\Windows\system32\it-IT
2013-02-27 17:06:02 ----D---- C:\Windows\system32\hu-HU
2013-02-27 17:06:02 ----D---- C:\Windows\system32\fr-FR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\fi-FI
2013-02-27 17:06:02 ----D---- C:\Windows\system32\es-ES
2013-02-27 17:06:02 ----D---- C:\Windows\system32\el-GR
2013-02-27 17:06:02 ----D---- C:\Windows\system32\de-DE
2013-02-27 17:06:02 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 17:06:01 ----D---- C:\Windows\system32\en-US
2013-02-27 17:06:01 ----D---- C:\Windows\system32\da-DK
2013-02-27 17:01:52 ----A---- C:\Windows\system32\MRT.exe
2013-02-27 17:01:47 ----SHD---- C:\Windows\Installer
2013-02-27 17:01:46 ----HD---- C:\Config.Msi
2013-02-27 17:00:20 ----D---- C:\Windows\inf
2013-02-27 17:00:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-27 16:58:02 ----D---- C:\Windows\system32\catroot
2013-02-27 16:58:00 ----D---- C:\Windows\system32\catroot2
2013-02-26 20:08:37 ----D---- C:\ProgramData\Adobe
2013-02-26 19:54:13 ----D---- C:\Windows\system32\NDF
2013-02-18 19:51:58 ----D---- C:\Windows\Prefetch
2013-02-18 18:30:45 ----D---- C:\Windows\system32\DriverStore
2013-02-08 15:46:01 ----D---- C:\Windows\system32\wbem
2013-02-08 15:46:01 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-02-07 21:15:22 ----RSD---- C:\Windows\Fonts
2013-02-07 20:42:47 ----D---- C:\Windows\rescache
2013-02-07 18:23:27 ----D---- C:\Windows\system32\drivers\etc
2013-02-07 18:23:26 ----D---- C:\Windows\system32\drivers\UMDF
2013-02-07 18:23:19 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-07 18:23:18 ----D---- C:\Windows\system32\CodeIntegrity
2013-02-07 18:23:04 ----D---- C:\Windows\AppCompat
2013-02-07 18:23:03 ----D---- C:\Users\Josef\AppData\Roaming\GHISLER
2013-02-07 18:23:00 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-02-07 18:23:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-07 18:22:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-07 18:22:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-07 18:21:29 ----D---- C:\Windows\registration
2013-02-07 18:14:27 ----D---- C:\Windows\system32\Tasks
2013-02-07 18:05:29 ----RD---- C:\Program Files
2013-02-07 18:05:29 ----D---- C:\ProgramData\Malwarebytes
2013-02-07 18:05:24 ----D---- C:\Program Files\Common Files
2013-02-07 18:05:18 ----D---- C:\Program Files (x86)\NortonInstaller
2013-02-07 17:50:32 ----D---- C:\Program Files\Symantec
2013-02-07 17:48:19 ----RD---- C:\Program Files (x86)
2013-02-07 17:48:19 ----D---- C:\ProgramData\Norton
2013-02-07 17:24:47 ----D---- C:\Windows\Tasks
2013-02-07 17:24:47 ----D---- C:\Windows\SYSWOW64\wbem
2013-02-07 17:24:47 ----D---- C:\Windows\system32\wfp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2010-03-22 46192]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0604010.00E\SYMDS64.SYS [2011-08-15 451192]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [2012-05-22 1129120]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [2013-01-16 1388120]
R1 ccSet_N360;Norton 360 Settings Manager; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [2012-06-07 167072]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-02-07 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130301.002\IDSvia64.sys [2013-02-06 513184]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [2012-07-06 37536]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2011-11-23 43640]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [2011-11-16 190072]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [2011-11-16 405624]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-05 7884288]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-05 285696]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-05 2637824]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2011-03-04 20592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-02-07 138912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-07 232992]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-02-07 175736]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2010-04-07 214248]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2010-06-18 18872]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-05-13 59704]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130305.005\ENG64.SYS [2013-02-07 126192]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130305.005\EX64.SYS [2013-02-07 2087664]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver; C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [2012-07-06 737952]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-05 203264]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-27 1811456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [2012-06-16 138272]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 489384]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976]
S2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-19 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------