VIRY.CZ

Zdravím,

dnes jsem pomocí MBAM odstranil 2 nalezené objekty, konkrétně: pup.optional.freemium.a. Překontrolovali byste prosím log, abych si byl jistý, že je systém čistý?

Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-12-21 16:34:26
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 399 GB (84%) free of 477 GB
Total RAM: 5999 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:34:28, on 21.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Switcher\Switcher.exe
C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-932695774-3214950849-2861870083-1003\..\Run: [Switcher] "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet (User 'Honza')
O4 - S-1-5-21-932695774-3214950849-2861870083-1003 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (User 'Honza')
O4 - S-1-5-21-932695774-3214950849-2861870083-1003 User Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (User 'Honza')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Origin Games\Dragon Age\\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11080 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 30127328
\??\C:\Windows\system32\conhost.exe "30648423993618670-122749006917672181201338646746-212274003614037842941559341076
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll" /prefetch:1
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
"C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /c /a /s UserSession
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4576.11374200.1277716191 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4576 "\\.\pipe\gecko-crash-server-pipe.4576" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash5848.5F75B990.4855 --host-broker-channel=Flash5848.5F75B990.15765 --host-pid=5848 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=2356.003CF3DC.950353080 --proxy-stub-channel=Flash5848.5F75B990.4855 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Honza\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z71tz2mp.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-09-08 489472]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-09-12 334240]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-16 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll [2013-04-04 1127496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-21 13:11:10 ----D---- C:\rsit
2013-12-21 13:11:10 ----D---- C:\Program Files\trend micro
2013-12-12 17:47:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-11 18:38:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-12-11 15:16:14 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-11 15:16:14 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-11 15:16:14 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-11 15:16:13 ----A---- C:\Windows\system32\wmp.dll
2013-12-11 15:15:11 ----A---- C:\Windows\system32\ieui.dll
2013-12-11 15:15:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 15:15:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-11 15:15:10 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-11 15:15:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\mshtml.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-11 15:15:10 ----A---- C:\Windows\system32\iesetup.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\iernonce.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-11 15:15:10 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-11 15:15:09 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-11 15:15:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-11 15:15:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-11 15:15:09 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-11 15:15:09 ----A---- C:\Windows\system32\iertutil.dll
2013-12-11 15:15:09 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-11 15:15:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-11 15:15:08 ----A---- C:\Windows\system32\wininet.dll
2013-12-11 15:15:08 ----A---- C:\Windows\system32\urlmon.dll
2013-12-11 15:15:08 ----A---- C:\Windows\system32\ieframe.dll
2013-12-11 15:15:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-11 15:15:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-11 15:15:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-11 15:15:06 ----A---- C:\Windows\system32\jscript9.dll
2013-12-11 14:55:59 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-11 14:55:59 ----A---- C:\Windows\system32\msieftp.dll
2013-12-11 14:55:32 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 14:55:04 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-11 14:55:04 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-11 14:54:37 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-11 14:54:37 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-11 14:54:11 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-11 14:54:11 ----A---- C:\Windows\system32\tzres.dll
2013-12-11 14:53:43 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 14:53:43 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-11 14:53:16 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-11 14:53:16 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-11 14:53:16 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-11 14:53:16 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 14:53:16 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 14:53:16 ----A---- C:\Windows\system32\cscript.exe

======List of files/folders modified in the last 1 month======

2013-12-21 15:57:36 ----D---- C:\Windows\Temp
2013-12-21 15:56:56 ----D---- C:\Windows\Prefetch
2013-12-21 15:28:15 ----D---- C:\Program Files (x86)\Switcher
2013-12-21 15:21:14 ----D---- C:\Windows\System32
2013-12-21 15:21:14 ----D---- C:\Windows\inf
2013-12-21 15:21:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-21 13:11:10 ----RD---- C:\Program Files
2013-12-21 12:03:24 ----D---- C:\Windows\system32\config
2013-12-21 11:51:54 ----SHD---- C:\System Volume Information
2013-12-21 11:49:47 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-15 09:38:35 ----D---- C:\Windows\system32\catroot2
2013-12-14 16:55:49 ----D---- C:\Windows\rescache
2013-12-12 21:18:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 17:47:47 ----RD---- C:\Program Files (x86)
2013-12-12 17:06:26 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-11 18:38:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 18:38:17 ----D---- C:\Windows\SysWOW64
2013-12-11 15:28:03 ----D---- C:\Windows\winsxs
2013-12-11 15:26:36 ----D---- C:\Program Files\Windows Media Player
2013-12-11 15:26:36 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-11 15:26:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-11 15:26:35 ----D---- C:\Windows\system32\cs-CZ
2013-12-11 15:26:35 ----D---- C:\Program Files\Internet Explorer
2013-12-11 15:26:34 ----D---- C:\Windows\system32\DriverStore
2013-12-11 15:26:34 ----D---- C:\Windows\system32\drivers
2013-12-11 15:16:21 ----D---- C:\Windows\system32\catroot
2013-12-11 15:16:04 ----SHD---- C:\Windows\Installer
2013-12-11 15:16:03 ----D---- C:\ProgramData\Microsoft Help
2013-12-11 15:14:45 ----D---- C:\Windows\system32\MRT
2013-12-11 15:11:11 ----A---- C:\Windows\system32\MRT.exe
2013-12-01 12:39:39 ----D---- C:\ProgramData\Skype
2013-12-01 12:39:34 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-03-22 678384]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-03-22 28656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS [2013-09-10 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS [2013-09-27 1147480]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [2013-09-26 162392]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131220.001\IDSvia64.sys [2013-12-13 521944]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [2013-09-10 36952]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [2013-09-27 264280]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [2013-09-26 590936]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-16 6862848]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-16 264192]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2011-03-16 125456]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-07-25 3063360]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131220.008\ENG64.SYS [2013-10-31 126040]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131220.008\EX64.SYS [2013-10-31 2099288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\Windows\system32\DRIVERS\rtsuvc.sys [2011-07-05 8204904]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [2013-09-27 858200]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-09-08 515584]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-10-26 177752]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-16 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-09-06 197536]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-09-12 523680]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [2013-10-08 275696]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-09-08 271360]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-09-06 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files (x86)\Origin Games\Dragon Age\\bin_ship\DAUpdaterSvc.Service.exe [2011-02-24 25832]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-12 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-25 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
S4 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-18 2045232]

-----------------EOF-----------------

Zdravim

Byla to kompletni kontrola, nebo jen rychla?

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Děkuji . Popravdě si nejsem jistý, jestli to byla rychlá nebo kompletní kontrola, takže raději napíšu postup. Stáhl jsem si RSIT, spustil, souhlasil s podmínkami a nechal výchozí nastavení (log za 1 měsíc).

Jinak AdwCleaner vygeneroval toto:

# AdwCleaner v3.015 - Report created 22/12/2013 at 10:16:59
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Admin - ADMIN-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Users\Admin\AppData\Local\PackageAware

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\APN PIP
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z71tz2mp.default\prefs.js ]


[ File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\1mn6ttxd.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1227 octets] - [22/12/2013 10:16:59]

########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [1287 octets] ##########

Skydiver píše:Popravdě si nejsem jistý, jestli to byla rychlá nebo kompletní kontrola...

Myslel jsem kontrola MBAM, jestli bezel kompletni test, nebo jen rychly


Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.

Kontrola MBAM byla úplná .

Tady je log:

# AdwCleaner v3.015 - Report created 22/12/2013 at 11:23:57
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Admin - ADMIN-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Users\Admin\AppData\Local\PackageAware

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\APN PIP
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z71tz2mp.default\prefs.js ]


[ File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\1mn6ttxd.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1377 octets] - [22/12/2013 10:16:59]
AdwCleaner[R1].txt - [1437 octets] - [22/12/2013 10:46:57]
AdwCleaner[R2].txt - [1347 octets] - [22/12/2013 11:23:57]

########## EOF - \AdwCleaner\AdwCleaner[R2].txt - [1407 octets] ##########

Tak jestli jeste v pc je, MBAM odinstalujte, at se tam neplete.


To neni spravny log. To je zase jen sken.

Omlouvám se, jsem po noční a popletl jsem to .

# AdwCleaner v3.015 - Report created 22/12/2013 at 11:29:44
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Admin - ADMIN-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Admin\AppData\Local\PackageAware

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z71tz2mp.default\prefs.js ]


[ File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\1mn6ttxd.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1377 octets] - [22/12/2013 10:16:59]
AdwCleaner[R1].txt - [1437 octets] - [22/12/2013 10:46:57]
AdwCleaner[R2].txt - [1497 octets] - [22/12/2013 11:23:57]
AdwCleaner[S0].txt - [1387 octets] - [22/12/2013 11:29:44]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [1447 octets] ##########

Omlouvám se ale musím bohužel znovu odejít, nebude vadit, když sem znovu napíšu až večer?

Skydiver píše:Omlouvám se, jsem po noční a popletl jsem to .

Neni proc se omlouvat, mi se to stava i po volnu

Skydiver píše:Omlouvám se ale musím bohužel znovu odejít, nebude vadit, když sem znovu napíšu až večer?

Samozrejme ze to nevadi, taky nejsem u pc porad. Resim ted spoustu veci, ale budu sem prubezne koukat. Nejdele vsak do 8, pak jdu spat, protoze ve 2 rano vstavam do prace. Takze budem pripadne pokracovat zitra



Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Dobře . Tady je další log:

Jen ještě, Firefox mi teď po každém spuštění ukáže výchozí domovskou stránku mozilly a ptá se, jestli jej nechci nastavit jako výchozí, i když odškrtnu, aby se na to již neptal.

RogueKiller V8.7.13 [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Admin [Práva správce]
Mód : Kontrola -- Datum : 12/22/2013 16:18:55
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [x][7][x]) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Honza][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk : C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BPKT-00PK4T0 +++++
--- User ---
[MBR] 310f47016c6794c228a4eff7c241311d
[BSP] b3318ff64685e17aa9ef09cde7864754 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_12222013_161855.txt >>

Byl jste prihlasen v uctu s administratosrkymi pravy? Zkuste na jeji ikonu kliknout pravym mysidlem a levym na spustit jako spravce, pak by si to mohla zapamatovat.


Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Takže, log po smazání nalezených položek z minulého testu ..

RogueKiller V8.7.13 [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Admin [Práva správce]
Mód : Kontrola -- Datum : 12/22/2013 18:13:01
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BPKT-00PK4T0 +++++
--- User ---
[MBR] 310f47016c6794c228a4eff7c241311d
[BSP] b3318ff64685e17aa9ef09cde7864754 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_12222013_181301.txt >>
RKreport[0]_D_12222013_181135.txt;RKreport[0]_S_12222013_161855.txt;RKreport[0]_S_12222013_181047.txt

RogueKiller V8.7.13 [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Admin [Práva správce]
Mód : Oprava HOSTS -- Datum : 12/22/2013 18:17:43
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_12222013_181743.txt >>
RKreport[0]_D_12222013_181135.txt;RKreport[0]_H_12222013_181403.txt;RKreport[0]_S_12222013_161855.txt
RKreport[0]_S_12222013_181047.txt;RKreport[0]_S_12222013_181301.txt;RKreport[0]_S_12222013_181627.txt

Dejte novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-12-22 18:43:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 399 GB (84%) free of 477 GB
Total RAM: 5999 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:43:16, on 22.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
C:\Program Files (x86)\Switcher\Switcher.exe
C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-932695774-3214950849-2861870083-1003\..\Run: [Switcher] "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet (User 'Honza')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Origin Games\Dragon Age\\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10114 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 24500144
\??\C:\Windows\system32\conhost.exe "1678338290-214737450646907560916541553781482241781955777459-170347500-912733657
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll" /prefetch:1
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
"taskhost.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /c /a /s UserSession
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
"C:\Users\Honza\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-932695774-3214950849-2861870083-10039_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-932695774-3214950849-2861870083-10039 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4920 CREDAT:267521 /prefetch:2
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\Windows\splwow64.exe 8192
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Honza\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-09-08 489472]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-09-12 334240]
""= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-16 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-22 18:36:05 ----D---- C:\Users\Admin\AppData\Roaming\Mozilla
2013-12-22 18:35:24 ----D---- C:\Program Files (x86)\VS Revo Group
2013-12-22 16:18:51 ----A---- C:\Windows\system32\drivers\WUDFRd.sys.bak
2013-12-22 16:18:51 ----A---- C:\Windows\system32\drivers\WUDFPf.sys.bak
2013-12-22 16:18:51 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys.bak
2013-12-22 16:18:50 ----A---- C:\Windows\system32\drivers\wmilib.sys.bak
2013-12-22 16:18:50 ----A---- C:\Windows\system32\drivers\wmiacpi.sys.bak
2013-12-22 16:18:50 ----A---- C:\Windows\system32\drivers\winusb.sys.bak
2013-12-22 16:18:50 ----A---- C:\Windows\system32\drivers\winhv.sys.bak
2013-12-22 16:18:50 ----A---- C:\Windows\system32\drivers\wimmount.sys.bak
2013-12-22 16:18:50 ----A---- C:\Windows\system32\drivers\wfplwf.sys.bak
2013-12-22 16:18:50 ----A---- C:\Windows\system32\drivers\WdfLdr.sys.bak
2013-12-22 16:18:50 ----A---- C:\Windows\system32\drivers\Wdf01000.sys.bak
2013-12-22 16:18:49 ----A---- C:\Windows\system32\drivers\wd.sys.bak
2013-12-22 16:18:49 ----A---- C:\Windows\system32\drivers\watchdog.sys.bak
2013-12-22 16:18:49 ----A---- C:\Windows\system32\drivers\wanarp.sys.bak
2013-12-22 16:18:49 ----A---- C:\Windows\system32\drivers\wacompen.sys.bak
2013-12-22 16:18:49 ----A---- C:\Windows\system32\drivers\vwifimp.sys.bak
2013-12-22 16:18:49 ----A---- C:\Windows\system32\drivers\vwififlt.sys.bak
2013-12-22 16:18:49 ----A---- C:\Windows\system32\drivers\vwifibus.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\vsmraid.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\volsnap.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\volmgrx.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\volmgr.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\vmstorfl.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\vms3cap.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\VMBusHID.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\vmbus.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\videoprt.sys.bak
2013-12-22 16:18:48 ----A---- C:\Windows\system32\drivers\viaide.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\vhdmp.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\vgapnp.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\vga.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\vdrvroot.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\usbvideo.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\usbuhci.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\usbser_lowerfltx64.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\usbser_lowerfltjx64.sys.bak
2013-12-22 16:18:47 ----A---- C:\Windows\system32\drivers\usbser.sys.bak
2013-12-22 16:18:46 ----A---- C:\Windows\system32\drivers\usbrpm.sys.bak
2013-12-22 16:18:46 ----A---- C:\Windows\system32\drivers\usbprint.sys.bak
2013-12-22 16:18:46 ----A---- C:\Windows\system32\drivers\usbport.sys.bak
2013-12-22 16:18:46 ----A---- C:\Windows\system32\drivers\usbohci.sys.bak
2013-12-22 16:18:46 ----A---- C:\Windows\system32\drivers\usbhub.sys.bak
2013-12-22 16:18:46 ----A---- C:\Windows\system32\drivers\usbehci.sys.bak
2013-12-22 16:18:46 ----A---- C:\Windows\system32\drivers\usbd.sys.bak
2013-12-22 16:18:46 ----A---- C:\Windows\system32\drivers\usbcir.sys.bak
2013-12-22 16:18:45 ----A---- C:\Windows\system32\drivers\usbccgp.sys.bak
2013-12-22 16:18:45 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys.bak
2013-12-22 16:18:45 ----A---- C:\Windows\system32\drivers\usb8023.sys.bak
2013-12-22 16:18:45 ----A---- C:\Windows\system32\drivers\umpass.sys.bak
2013-12-22 16:18:45 ----A---- C:\Windows\system32\drivers\umbus.sys.bak
2013-12-22 16:18:45 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS.bak
2013-12-22 16:18:45 ----A---- C:\Windows\system32\drivers\udfs.sys.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\UAGP35.SYS.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\tunnel.sys.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\tssecsrv.sys.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\termdd.sys.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\tdx.sys.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\tdtcp.sys.bak
2013-12-22 16:18:44 ----A---- C:\Windows\system32\drivers\tdpipe.sys.bak
2013-12-22 16:18:43 ----A---- C:\Windows\system32\drivers\tdi.sys.bak
2013-12-22 16:18:43 ----A---- C:\Windows\system32\drivers\tcpipreg.sys.bak
2013-12-22 16:18:43 ----A---- C:\Windows\system32\drivers\tcpip.sys.bak
2013-12-22 16:18:43 ----A---- C:\Windows\system32\drivers\tape.sys.bak
2013-12-22 16:18:43 ----A---- C:\Windows\system32\drivers\SynTP.sys.bak
2013-12-22 16:18:43 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\swenum.sys.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\stwrt64.sys.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\stream.sys.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\storvsc.sys.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\storport.sys.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\stexstor.sys.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\sscdwhnt.sys.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\sscdwh.sys.bak
2013-12-22 16:18:42 ----A---- C:\Windows\system32\drivers\sscdmdm.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\sscdmdfl.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\sscdcmnt.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\sscdcm.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\sscdbus.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\srvnet.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\srv2.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\srv.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\spsys.sys.bak
2013-12-22 16:18:41 ----A---- C:\Windows\system32\drivers\spldr.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\smclib.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\smb.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\sisraid4.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\sisraid2.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\sfloppy.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\sffp_sd.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\sffp_mmc.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\sffdisk.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\sermouse.sys.bak
2013-12-22 16:18:40 ----A---- C:\Windows\system32\drivers\serial.sys.bak
2013-12-22 16:18:39 ----A---- C:\Windows\system32\drivers\serenum.sys.bak
2013-12-22 16:18:39 ----A---- C:\Windows\system32\drivers\secdrv.sys.bak
2013-12-22 16:18:39 ----A---- C:\Windows\system32\drivers\scsiport.sys.bak
2013-12-22 16:18:39 ----A---- C:\Windows\system32\drivers\scfilter.sys.bak
2013-12-22 16:18:38 ----A---- C:\Windows\system32\drivers\sbp2port.sys.bak
2013-12-22 16:18:37 ----A---- C:\Windows\system32\drivers\rtsuvc.sys.bak
2013-12-22 16:18:37 ----A---- C:\Windows\system32\drivers\RtsUStor.sys.bak
2013-12-22 16:18:37 ----A---- C:\Windows\system32\drivers\Rt64win7.sys.bak
2013-12-22 16:18:37 ----A---- C:\Windows\system32\drivers\rspndr.sys.bak
2013-12-22 16:18:37 ----A---- C:\Windows\system32\drivers\rootmdm.sys.bak
2013-12-22 16:18:36 ----A---- C:\Windows\system32\drivers\RNDISMP.sys.bak
2013-12-22 16:18:36 ----A---- C:\Windows\system32\drivers\rmcast.sys.bak
2013-12-22 16:18:36 ----A---- C:\Windows\system32\drivers\rfcomm.sys.bak
2013-12-22 16:18:36 ----A---- C:\Windows\system32\drivers\rdyboost.sys.bak
2013-12-22 16:18:36 ----A---- C:\Windows\system32\drivers\rdpwd.sys.bak
2013-12-22 16:18:36 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys.bak
2013-12-22 16:18:36 ----A---- C:\Windows\system32\drivers\RDPREFMP.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\rdpdr.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\RDPCDD.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\rdpbus.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\rdbss.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\rassstp.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\raspptp.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\raspppoe.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\rasl2tp.sys.bak
2013-12-22 16:18:35 ----A---- C:\Windows\system32\drivers\rasacd.sys.bak
2013-12-22 16:18:34 ----A---- C:\Windows\system32\drivers\qwavedrv.sys.bak
2013-12-22 16:18:34 ----A---- C:\Windows\system32\drivers\ql40xx.sys.bak
2013-12-22 16:18:34 ----A---- C:\Windows\system32\drivers\ql2300.sys.bak
2013-12-22 16:18:34 ----A---- C:\Windows\system32\drivers\processr.sys.bak
2013-12-22 16:18:34 ----A---- C:\Windows\system32\drivers\portcls.sys.bak
2013-12-22 16:18:34 ----A---- C:\Windows\system32\drivers\PEAuth.sys.bak
2013-12-22 16:18:34 ----A---- C:\Windows\system32\drivers\pcw.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\pcmcia.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\pciidex.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\pciide.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\pci.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\partmgr.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\parport.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\pacer.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\ohci1394.sys.bak
2013-12-22 16:18:33 ----A---- C:\Windows\system32\drivers\nwifi.sys.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\nvstor.sys.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\nvraid.sys.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\null.sys.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\ntfs.sys.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\nsiproxy.sys.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\npfs.sys.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\npf.sys.bak
2013-12-22 16:18:32 ----A---- C:\Windows\system32\drivers\nmwcdnsux64.sys.bak
2013-12-22 16:18:31 ----A---- C:\Windows\system32\drivers\nmwcdnsucx64.sys.bak
2013-12-22 16:18:31 ----A---- C:\Windows\system32\drivers\nfrd960.sys.bak
2013-12-22 16:18:31 ----A---- C:\Windows\system32\drivers\netio.sys.bak
2013-12-22 16:18:31 ----A---- C:\Windows\system32\drivers\netbt.sys.bak
2013-12-22 16:18:31 ----A---- C:\Windows\system32\drivers\netbios.sys.bak
2013-12-22 16:18:31 ----A---- C:\Windows\system32\drivers\ndproxy.sys.bak
2013-12-22 16:18:31 ----A---- C:\Windows\system32\drivers\ndiswan.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\ndisuio.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\ndistapi.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\ndiscap.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\ndis.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\mup.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\MTConfig.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\mstee.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\mssmbios.sys.bak
2013-12-22 16:18:30 ----A---- C:\Windows\system32\drivers\msrpc.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\mspqm.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\mspclock.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\mskssrv.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\msiscsi.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\msisadrv.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\mshidkmdf.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\msfs.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\msdsm.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\msahci.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys.bak
2013-12-22 16:18:29 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys.bak
2013-12-22 16:18:28 ----A---- C:\Windows\system32\drivers\mrxsmb.sys.bak
2013-12-22 16:18:28 ----A---- C:\Windows\system32\drivers\mrxdav.sys.bak
2013-12-22 16:18:28 ----A---- C:\Windows\system32\drivers\mpsdrv.sys.bak
2013-12-22 16:18:28 ----A---- C:\Windows\system32\drivers\mpio.sys.bak
2013-12-22 16:18:28 ----A---- C:\Windows\system32\drivers\mountmgr.sys.bak
2013-12-22 16:18:28 ----A---- C:\Windows\system32\drivers\mouhid.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\mouclass.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\monitor.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\modem.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\MegaSR.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\megasas.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\mcd.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\mbam.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\luafv.sys.bak
2013-12-22 16:18:27 ----A---- C:\Windows\system32\drivers\lsi_scsi.sys.bak
2013-12-22 16:18:26 ----A---- C:\Windows\system32\drivers\lsi_sas2.sys.bak
2013-12-22 16:18:26 ----A---- C:\Windows\system32\drivers\lsi_sas.sys.bak
2013-12-22 16:18:26 ----A---- C:\Windows\system32\drivers\lsi_fc.sys.bak
2013-12-22 16:18:26 ----A---- C:\Windows\system32\drivers\lltdio.sys.bak
2013-12-22 16:18:26 ----A---- C:\Windows\system32\drivers\ksthunk.sys.bak
2013-12-22 16:18:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys.bak
2013-12-22 16:18:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys.bak
2013-12-22 16:18:25 ----A---- C:\Windows\system32\drivers\ks.sys.bak
2013-12-22 16:18:25 ----A---- C:\Windows\system32\drivers\kbdhid.sys.bak
2013-12-22 16:18:25 ----A---- C:\Windows\system32\drivers\kbdclass.sys.bak
2013-12-22 16:18:25 ----A---- C:\Windows\system32\drivers\isapnp.sys.bak
2013-12-22 16:18:25 ----A---- C:\Windows\system32\drivers\irenum.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\irda.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\ipnat.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\intelppm.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\intelide.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\iirsp.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\iaStorV.sys.bak
2013-12-22 16:18:24 ----A---- C:\Windows\system32\drivers\iaStorF.sys.bak
2013-12-22 16:18:23 ----A---- C:\Windows\system32\drivers\iaStorA.sys.bak
2013-12-22 16:18:23 ----A---- C:\Windows\system32\drivers\iaStor.sys.bak
2013-12-22 16:18:23 ----A---- C:\Windows\system32\drivers\i8042prt.sys.bak
2013-12-22 16:18:22 ----A---- C:\Windows\system32\drivers\hwpolicy.sys.bak
2013-12-22 16:18:22 ----A---- C:\Windows\system32\drivers\http.sys.bak
2013-12-22 16:18:22 ----A---- C:\Windows\system32\drivers\HpSAMD.sys.bak
2013-12-22 16:18:22 ----A---- C:\Windows\system32\drivers\HpqKbFiltr.sys.bak
2013-12-22 16:18:22 ----A---- C:\Windows\system32\drivers\hpdskflt.sys.bak
2013-12-22 16:18:21 ----A---- C:\Windows\system32\drivers\hidusb.sys.bak
2013-12-22 16:18:21 ----A---- C:\Windows\system32\drivers\hidparse.sys.bak
2013-12-22 16:18:21 ----A---- C:\Windows\system32\drivers\hidir.sys.bak
2013-12-22 16:18:21 ----A---- C:\Windows\system32\drivers\hidclass.sys.bak
2013-12-22 16:18:21 ----A---- C:\Windows\system32\drivers\hidbth.sys.bak
2013-12-22 16:18:21 ----A---- C:\Windows\system32\drivers\hidbatt.sys.bak
2013-12-22 16:18:20 ----A---- C:\Windows\system32\drivers\HECIx64.sys.bak
2013-12-22 16:18:20 ----A---- C:\Windows\system32\drivers\HdAudio.sys.bak
2013-12-22 16:18:20 ----A---- C:\Windows\system32\drivers\hdaudbus.sys.bak
2013-12-22 16:18:20 ----A---- C:\Windows\system32\drivers\hcw85cir.sys.bak
2013-12-22 16:18:20 ----A---- C:\Windows\system32\drivers\GAGP30KX.SYS.bak
2013-12-22 16:18:20 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS.bak
2013-12-22 16:18:20 ----A---- C:\Windows\system32\drivers\fvevol.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\fsdepends.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\fs_rec.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\fltMgr.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\flpydisk.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\filetrace.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\fileinfo.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\fdc.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\fastfat.sys.bak
2013-12-22 16:18:19 ----A---- C:\Windows\system32\drivers\exfat.sys.bak
2013-12-22 16:18:18 ----A---- C:\Windows\system32\drivers\evbda.sys.bak
2013-12-22 16:18:18 ----A---- C:\Windows\system32\drivers\errdev.sys.bak
2013-12-22 16:18:17 ----A---- C:\Windows\system32\drivers\elxstor.sys.bak
2013-12-22 16:18:17 ----A---- C:\Windows\system32\drivers\dxgmms1.sys.bak
2013-12-22 16:18:17 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys.bak
2013-12-22 16:18:17 ----A---- C:\Windows\system32\drivers\dxg.sys.bak
2013-12-22 16:18:17 ----A---- C:\Windows\system32\drivers\dxapi.sys.bak
2013-12-22 16:18:17 ----A---- C:\Windows\system32\drivers\dumpfve.sys.bak
2013-12-22 16:18:17 ----A---- C:\Windows\system32\drivers\Dumpata.sys.bak
2013-12-22 16:18:16 ----A---- C:\Windows\system32\drivers\drmkaud.sys.bak
2013-12-22 16:18:16 ----A---- C:\Windows\system32\drivers\drmk.sys.bak
2013-12-22 16:18:16 ----A---- C:\Windows\system32\drivers\dmvsc.sys.bak
2013-12-22 16:18:16 ----A---- C:\Windows\system32\drivers\Diskdump.sys.bak
2013-12-22 16:18:16 ----A---- C:\Windows\system32\drivers\disk.sys.bak
2013-12-22 16:18:16 ----A---- C:\Windows\system32\drivers\discache.sys.bak
2013-12-22 16:18:16 ----A---- C:\Windows\system32\drivers\dfsc.sys.bak
2013-12-22 16:18:15 ----A---- C:\Windows\system32\drivers\csc.sys.bak
2013-12-22 16:18:15 ----A---- C:\Windows\system32\drivers\crcdisk.sys.bak
2013-12-22 16:18:15 ----A---- C:\Windows\system32\drivers\crashdmp.sys.bak
2013-12-22 16:18:15 ----A---- C:\Windows\system32\drivers\CompositeBus.sys.bak
2013-12-22 16:18:15 ----A---- C:\Windows\system32\drivers\compbatt.sys.bak
2013-12-22 16:18:15 ----A---- C:\Windows\system32\drivers\cng.sys.bak
2013-12-22 16:18:15 ----A---- C:\Windows\system32\drivers\cmdide.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\CmBatt.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\Classpnp.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\circlass.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\cdrom.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\cdfs.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\ccdcmbx64.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\ccdcmbox64.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\bxvbda.sys.bak
2013-12-22 16:18:14 ----A---- C:\Windows\system32\drivers\btwrchid.sys.bak
2013-12-22 16:18:13 ----A---- C:\Windows\system32\drivers\btwl2cap.sys.bak
2013-12-22 16:18:13 ----A---- C:\Windows\system32\drivers\btwavdt.sys.bak
2013-12-22 16:18:13 ----A---- C:\Windows\system32\drivers\btwaudio.sys.bak
2013-12-22 16:18:13 ----A---- C:\Windows\system32\drivers\btwampfl.sys.bak
2013-12-22 16:18:13 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS.bak
2013-12-22 16:18:13 ----A---- C:\Windows\system32\drivers\bthport.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\bthpan.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\bthmodem.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\bthenum.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\BrUsbSer.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\BrUsbMdm.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\BrSerWdm.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\BrSerId.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\bridge.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\BrFiltUp.sys.bak
2013-12-22 16:18:12 ----A---- C:\Windows\system32\drivers\BrFiltLo.sys.bak
2013-12-22 16:18:11 ----A---- C:\Windows\system32\drivers\bowser.sys.bak
2013-12-22 16:18:11 ----A---- C:\Windows\system32\drivers\blbdrive.sys.bak
2013-12-22 16:18:11 ----A---- C:\Windows\system32\drivers\beep.sys.bak
2013-12-22 16:18:11 ----A---- C:\Windows\system32\drivers\BCMWL664.SYS.bak
2013-12-22 16:18:11 ----A---- C:\Windows\system32\drivers\battc.sys.bak
2013-12-22 16:18:11 ----A---- C:\Windows\system32\drivers\b57nd60a.sys.bak
2013-12-22 16:18:10 ----A---- C:\Windows\system32\drivers\atikmpag.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\atikmdag.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\AtihdW76.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\AtiHdmi.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\ataport.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\atapi.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\asyncmac.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\arcsas.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\arc.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\appid.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\amdxata.sys.bak
2013-12-22 16:18:09 ----A---- C:\Windows\system32\drivers\amdsbs.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\amdsata.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\amdppm.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\amdk8.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\amdide.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\aliide.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\agrsm64.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\AGP440.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\agilevpn.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\afd.sys.bak
2013-12-22 16:18:08 ----A---- C:\Windows\system32\drivers\adpu320.sys.bak
2013-12-22 16:18:07 ----A---- C:\Windows\system32\drivers\adpahci.sys.bak
2013-12-22 16:18:07 ----A---- C:\Windows\system32\drivers\adp94xx.sys.bak
2013-12-22 16:18:07 ----A---- C:\Windows\system32\drivers\acpipmi.sys.bak
2013-12-22 16:18:07 ----A---- C:\Windows\system32\drivers\acpi.sys.bak
2013-12-22 16:18:07 ----A---- C:\Windows\system32\drivers\Accelerometer.sys.bak
2013-12-22 16:18:07 ----A---- C:\Windows\system32\drivers\1394ohci.sys.bak
2013-12-22 16:18:07 ----A---- C:\Windows\system32\drivers\1394bus.sys.bak
2013-12-22 10:16:54 ----D---- C:\AdwCleaner
2013-12-21 13:11:10 ----D---- C:\rsit
2013-12-21 13:11:10 ----D---- C:\Program Files\trend micro
2013-12-11 18:38:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-12-11 15:16:14 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-11 15:16:14 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-11 15:16:14 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-11 15:16:13 ----A---- C:\Windows\system32\wmp.dll
2013-12-11 15:15:11 ----A---- C:\Windows\system32\ieui.dll
2013-12-11 15:15:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 15:15:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-11 15:15:10 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-11 15:15:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\mshtml.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-11 15:15:10 ----A---- C:\Windows\system32\iesetup.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\iernonce.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-11 15:15:10 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-11 15:15:10 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-11 15:15:09 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-11 15:15:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-11 15:15:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-11 15:15:09 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-11 15:15:09 ----A---- C:\Windows\system32\iertutil.dll
2013-12-11 15:15:09 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-11 15:15:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-11 15:15:08 ----A---- C:\Windows\system32\wininet.dll
2013-12-11 15:15:08 ----A---- C:\Windows\system32\urlmon.dll
2013-12-11 15:15:08 ----A---- C:\Windows\system32\ieframe.dll
2013-12-11 15:15:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-11 15:15:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-11 15:15:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-11 15:15:06 ----A---- C:\Windows\system32\jscript9.dll
2013-12-11 14:55:59 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-11 14:55:59 ----A---- C:\Windows\system32\msieftp.dll
2013-12-11 14:55:32 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 14:55:04 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-11 14:55:04 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-11 14:54:37 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-11 14:54:37 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-11 14:54:11 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-11 14:54:11 ----A---- C:\Windows\system32\tzres.dll
2013-12-11 14:53:43 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 14:53:43 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-11 14:53:16 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-11 14:53:16 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-11 14:53:16 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-11 14:53:16 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 14:53:16 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 14:53:16 ----A---- C:\Windows\system32\cscript.exe

======List of files/folders modified in the last 1 month======

2013-12-22 18:38:25 ----D---- C:\Windows\system32\config
2013-12-22 18:37:46 ----RD---- C:\Program Files (x86)
2013-12-22 18:35:18 ----D---- C:\Windows\Temp
2013-12-22 18:29:10 ----D---- C:\Windows\System32
2013-12-22 18:29:10 ----D---- C:\Windows\inf
2013-12-22 18:29:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-22 18:26:46 ----SHD---- C:\System Volume Information
2013-12-22 18:24:47 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-22 18:23:55 ----D---- C:\Windows\Prefetch
2013-12-22 18:16:24 ----D---- C:\Windows\system32\drivers
2013-12-22 17:58:48 ----D---- C:\Program Files (x86)\Switcher
2013-12-21 13:11:10 ----RD---- C:\Program Files
2013-12-15 09:38:35 ----D---- C:\Windows\system32\catroot2
2013-12-14 16:55:49 ----D---- C:\Windows\rescache
2013-12-12 17:06:26 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-11 18:38:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 18:38:17 ----D---- C:\Windows\SysWOW64
2013-12-11 15:28:03 ----D---- C:\Windows\winsxs
2013-12-11 15:26:36 ----D---- C:\Program Files\Windows Media Player
2013-12-11 15:26:36 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-11 15:26:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-11 15:26:35 ----D---- C:\Windows\system32\cs-CZ
2013-12-11 15:26:35 ----D---- C:\Program Files\Internet Explorer
2013-12-11 15:26:34 ----D---- C:\Windows\system32\DriverStore
2013-12-11 15:16:21 ----D---- C:\Windows\system32\catroot
2013-12-11 15:16:04 ----SHD---- C:\Windows\Installer
2013-12-11 15:16:03 ----D---- C:\ProgramData\Microsoft Help
2013-12-11 15:14:45 ----D---- C:\Windows\system32\MRT
2013-12-11 15:11:11 ----A---- C:\Windows\system32\MRT.exe
2013-12-01 12:39:39 ----D---- C:\ProgramData\Skype
2013-12-01 12:39:34 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-03-22 678384]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-03-22 28656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS [2013-09-10 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS [2013-09-27 1147480]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-03 1526488]
R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [2013-09-26 162392]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131220.001\IDSvia64.sys [2013-12-13 521944]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [2013-09-10 36952]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [2013-09-27 264280]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [2013-09-26 590936]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-16 6862848]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-16 264192]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2011-03-16 125456]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-07-25 3063360]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131221.006\ENG64.SYS [2013-10-31 126040]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131221.006\EX64.SYS [2013-10-31 2099288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\Windows\system32\DRIVERS\rtsuvc.sys [2011-07-05 8204904]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [2013-09-27 858200]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-09-08 515584]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-10-26 177752]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-16 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-09-06 197536]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-09-12 523680]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [2013-10-08 275696]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-09-08 271360]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-09-06 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files (x86)\Origin Games\Dragon Age\\bin_ship\DAUpdaterSvc.Service.exe [2011-02-24 25832]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-25 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
S4 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-18 2045232]

-----------------EOF-----------------

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).