VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

asr.dat

https://forum.viry.cz:443/viewtopic.php?t=137277

Stránka 1 z 1

asr.dat

Napsal: 05 dub 2014 20:06
od Nallim
Zdravím, proskenoval jsem si PC pomoci Malwarebytes Anti-Malware a objevil tento vir?

Cesta: C:\Users\Public\ASR.dat

Když ho smažu, tak se do pár minut objeví znovu.

Přikládám log z FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Nallim (administrator) on NALLIM-TP on 05-04-2014 19:43:25
Running from C:\Users\Nallim\Desktop
Windows 8.1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SAsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
(Validity Sensors, Inc.) C:\WINDOWS\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(KARPOLAN) C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe
(Dropbox, Inc.) C:\Users\Nallim\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Nallim\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Nallim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Nallim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Nallim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Nallim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Nallim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(QIP) C:\#Nallim\Programy\QIP 2012\qip.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
() C:\Users\Nallim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Nallim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\beta\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\beta\plugin-container.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(forum.viry.cz) C:\Users\Nallim\Downloads\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtsCM] - C:\WINDOWS\RTSCM64.EXE [140872 2013-03-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1064224 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-09-11] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [601080 2013-09-19] (Lenovo Corporation)
HKLM\...\Run: [PasswordManager] - C:\Program Files\Lenovo\Password Manager\password_manager.exe [1574760 2013-10-17] (Lenovo Group Limited)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7830328 2013-05-21] (Motorola Solutions, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [384344 2013-11-29] (Lenovo.)
HKLM\...\Run: [LenovoNal] - C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe [19960 2013-10-18] (Lenovo)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2986224 2013-07-09] (Synaptics Incorporated)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [909016 2013-10-21] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [LenovoOptMouseUpdate] - C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWMTRV] - rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Bonus.SSR.FR11] - C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-13] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AirPort Base Station Agent] - C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [KeyboardLeds.exe] - C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-07-10] (KARPOLAN)
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [TouchFreeze] - C:\Program Files (x86)\TouchFreeze\TouchFreeze.exe [45056 2005-04-29] ()
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [Spotify Web Helper] - C:\Users\Nallim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-13] (Spotify Ltd)
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [ShowBatteryBar] - C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2013-04-11] ()
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [BlueSoleil 8.0.35] - C:\Users\Nallim\AppData\Local\Temp\.exe <===== ATTENTION
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [Zoner Photo Studio Service 16] - C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2014-03-31] ()
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-03-31] (ZONER software)
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\MountPoints2: {db9e7e23-7f51-11e3-be85-0c8bfd585907} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\MountPoints2: {ffdedcc8-835d-11e3-be93-28d2442eca5b} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2322367244-264633817-2867371408-1004\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\Jaksta\AC\x64\jaudcap.dll => C:\WINDOWS\Jaksta\AC\x64\jaudcap.dll [311584 2013-08-21] (Jaksta Technologies Pty Ltd)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\Jaksta\AC\x86\jaudcap.dll => C:\WINDOWS\Jaksta\AC\x86\jaudcap.dll [264480 2013-08-21] (Jaksta Technologies Pty Ltd)
Startup: C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nallim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar164.lnk
ShortcutTarget: Sidebar164.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{56D33A2D-3C94-4A6D-B6C4-B649AF6A5FFA}: [NameServer]10.0.4.90,10.0.4.94

FireFox:
========
FF ProfilePath: C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default
FF user.js: detected! => C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Pocket - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\isreaditlater@ideashower.com [2013-11-24]
FF Extension: Forecastfox - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-03-25]
FF Extension: Live HTTP Headers - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2014-03-03]
FF Extension: MEGA - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\firefox@mega.co.nz.xpi [2014-03-18]
FF Extension: Last tab close button - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\last-tab-close-button@victor.sacharin.xpi [2013-11-24]
FF Extension: Text Link - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2013-11-24]
FF Extension: Speed Dial - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-11-24]
FF Extension: ReloadEvery - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-11-24]
FF Extension: BBCodeXtra - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{af79f858-4b25-4ca4-822b-b5db1be628fc}.xpi [2013-11-24]
FF Extension: FXChrome - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi [2013-11-24]
FF Extension: Adblock Plus - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-24]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-03-18]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2013-11-28]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\beta\firefox.exe

Chrome:
=======
CHR HomePage: about:blank
CHR DefaultSearchKeyword: google
CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-28]
CHR Extension: (Disk Google) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-28]
CHR Extension: (YouTube) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-28]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2013-11-28]
CHR Extension: (AdBlock) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-12]
CHR Extension: (Norton Identity Protection) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-03-18]
CHR Extension: (Hangouts) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-12]
CHR Extension: (Peněženka Google) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-28]
CHR Extension: (Gmail) - C:\Users\Nallim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-28]
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-18]

==================== Services (Whitelisted) =================

S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573432 2013-09-19] (Lenovo Corporation)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-01-20] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-08-20] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2045432 2013-09-09] (Lenovo Group Limited)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [694776 2013-09-19] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21496 2013-10-18] (Lenovo)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [469496 2013-09-11] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [465912 2013-06-21] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376 2014-03-12] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-04-30] (Nitro PDF Software)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-01-28] (Locktime Software)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo Group Limited)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [22872 2013-10-28] (Validity Sensors, Inc.)
R2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [40848 2013-10-28] (Validity Sensors, Inc.)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S2 jhi_service; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [X]
S2 Util SecretSauce; "C:\Program Files (x86)\SecretSauce\bin\utilSecretSauce.exe" [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 appliand; C:\Windows\system32\DRIVERS\appliand.sys [30304 2013-02-06] (Applian Technologies Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-08-01] (Motorola Solutions, Inc.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-29] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-18] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [113096 2013-08-20] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140404.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-20] (Microsoft Corporation)
S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140404.008\ENG64.SYS [126040 2014-03-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140404.008\EX64.SYS [2099288 2014-03-29] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2014-01-09] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [105392 2014-01-28] (Locktime Software)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [418008 2013-06-24] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-03-21] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-20] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-07-09] (Synaptics Incorporated)
R0 SMR410; C:\Windows\System32\drivers\SMR410.SYS [96856 2014-04-05] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1502000.026\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-08] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-08] (Acronis International GmbH)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-05 19:43 - 2014-04-05 19:43 - 00036356 _____ () C:\Users\Nallim\Desktop\FRST.txt
2014-04-05 19:42 - 2014-04-05 19:43 - 00000000 ____D () C:\FRST
2014-04-05 19:41 - 2014-04-05 19:41 - 00112640 _____ (forum.viry.cz) C:\Users\Nallim\Downloads\FRSTLauncher.exe
2014-04-05 19:40 - 2014-04-05 19:40 - 02157056 _____ (Farbar) C:\Users\Nallim\Desktop\FRST64.exe
2014-04-05 19:12 - 2014-04-05 19:19 - 00607728 _____ () C:\Users\Public\ASR.dat
2014-04-05 19:02 - 2014-04-05 19:02 - 00096856 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR410.SYS
2014-04-05 19:02 - 2014-04-05 19:02 - 00000020 _____ () C:\WINDOWS\system32\Drivers\SMR410.dat
2014-04-03 23:44 - 2014-04-05 18:52 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-03 23:44 - 2014-04-05 18:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-03 23:44 - 2014-04-03 23:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-03 23:44 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 23:44 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 23:44 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-03 23:43 - 2014-04-03 23:43 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Nallim\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-03 22:45 - 2014-04-03 22:45 - 00003130 _____ () C:\WINDOWS\System32\Tasks\{BF9DF23C-DDC9-444A-9449-61C0DF39F1C1}
2014-04-03 21:09 - 2014-04-03 23:26 - 00067632 _____ (Symantec Corporation) C:\WINDOWS\system32\msln.exe
2014-04-02 07:45 - 2014-04-02 09:31 - 00000000 ____D () C:\Users\Nallim\Documents\Moje přijaté soubory
2014-04-02 07:45 - 2014-04-02 07:45 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-04-02 07:44 - 2014-04-02 07:45 - 00000300 _____ () C:\WINDOWS\setupact.log
2014-04-02 07:44 - 2014-04-02 07:44 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-04-01 22:31 - 2014-04-01 22:31 - 00002643 _____ () C:\Users\Nallim\Documents\pureftpd.pdb
2014-04-01 18:10 - 2014-04-01 18:12 - 00000000 ____D () C:\Users\Nallim\Desktop\ISOSY
2014-04-01 10:03 - 2014-04-04 15:08 - 00005204 _____ () C:\WINDOWS\PFRO.log
2014-03-31 16:05 - 2014-03-31 16:52 - 00000000 ____D () C:\Apache24
2014-03-29 21:50 - 2014-03-29 21:50 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-03-28 22:52 - 2014-03-29 20:20 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\dvdcss
2014-03-27 23:54 - 2014-03-27 23:54 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\eCyber
2014-03-27 23:53 - 2014-03-29 20:24 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-03-27 23:53 - 2014-03-29 20:20 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\iSafe
2014-03-27 23:53 - 2014-03-27 23:53 - 00000000 ____D () C:\WINDOWS\system32\log
2014-03-27 23:49 - 2014-03-29 21:19 - 00000476 _____ () C:\Users\Nallim\Desktop\eset.txt
2014-03-27 20:20 - 2014-04-03 12:05 - 00000000 ____D () C:\Users\Nallim\.VirtualBox
2014-03-27 19:43 - 2014-03-27 19:43 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-27 17:45 - 2014-03-27 17:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-27 12:03 - 2014-03-27 12:15 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Sparx Systems
2014-03-27 12:02 - 2014-03-27 12:02 - 00000000 ____D () C:\Program Files (x86)\Sparx Systems
2014-03-25 18:42 - 2014-03-25 18:42 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-03-25 17:39 - 2014-03-29 17:07 - 00098663 _____ () C:\Users\Nallim\Documents\Dotazník (Vyhodnocení).xlsx
2014-03-25 12:12 - 2014-03-29 16:22 - 00001660 _____ () C:\Users\Nallim\Desktop\dotaznik.txt
2014-03-25 10:40 - 2014-03-29 21:59 - 00001292 _____ () C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-23 22:09 - 2014-03-23 22:09 - 00001262 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-22 21:25 - 2014-04-05 19:02 - 00000000 ____D () C:\Users\Nallim\AppData\Local\NPE
2014-03-19 11:11 - 2013-02-06 08:25 - 00030304 _____ (Applian Technologies Inc.) C:\WINDOWS\system32\Drivers\appliand.sys
2014-03-19 11:03 - 2014-03-19 11:03 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-03-19 10:16 - 2014-03-19 11:14 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Jaksta_Technologies_Pty_L
2014-03-19 10:16 - 2014-03-19 10:16 - 00000000 ____D () C:\Users\Nallim\Documents\Applian
2014-03-19 10:15 - 2014-03-19 10:15 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Applian
2014-03-19 10:14 - 2014-04-03 23:24 - 00658612 _____ () C:\Users\Nallim\AppData\Roaming\oct
2014-03-19 10:14 - 2014-03-19 10:14 - 00000000 ____D () C:\WINDOWS\Jaksta
2014-03-18 22:53 - 2014-04-04 13:19 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Skype
2014-03-18 22:53 - 2014-03-18 22:53 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Skype
2014-03-18 18:49 - 2014-03-29 21:50 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-03-18 18:49 - 2014-03-18 18:49 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-03-18 18:49 - 2014-03-18 18:49 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-03-18 18:49 - 2014-03-18 18:49 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-18 18:48 - 2014-03-29 21:50 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-03-18 18:48 - 2014-03-18 18:48 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-03-18 15:32 - 2014-03-25 12:22 - 00010866 _____ () C:\Users\Nallim\Documents\ClashOfClans.xlsx
2014-03-18 10:50 - 2014-03-18 10:54 - 00000000 ____D () C:\Users\Test\AppData\Roaming\Skype
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ____D () C:\Users\Test\AppData\Local\Skype
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 10:49 - 2014-03-18 10:49 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Test\Downloads\SkypeSetup.exe
2014-03-18 10:48 - 2014-03-18 10:48 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2322367244-264633817-2867371408-1008
2014-03-18 10:46 - 2014-03-18 10:47 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9CFC68C-465A-4ECC-B414-EC18BFD4F944}
2014-03-18 10:31 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-18 10:31 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-18 10:31 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-18 10:31 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-18 10:31 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-18 10:31 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-18 10:31 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-18 10:31 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-18 10:31 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-18 10:31 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-18 10:31 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-18 10:31 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-18 10:31 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-18 10:31 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-18 10:31 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-18 10:31 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-18 10:31 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-18 10:31 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-18 10:31 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-18 10:31 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-18 10:31 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-18 10:31 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-18 10:31 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-18 10:31 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-18 10:31 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-18 10:31 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 10:31 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-18 10:31 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-18 10:31 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-18 10:31 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-18 10:31 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 10:31 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-18 10:31 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-18 10:31 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-18 10:31 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-18 10:31 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-18 10:31 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-17 18:16 - 2014-04-05 19:07 - 00004980 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for NALLIM-TP-Nallim Nallim-TP
2014-03-17 18:00 - 2014-03-17 18:00 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-17 18:00 - 2014-03-17 18:00 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-17 18:00 - 2014-03-17 18:00 - 00000000 ____D () C:\Program Files (x86)\AirPort
2014-03-17 17:55 - 2012-11-27 13:08 - 00073064 _____ (Apple Inc.) C:\WINDOWS\system32\dnssd.dll
2014-03-17 14:24 - 2014-03-17 14:24 - 00000000 ____D () C:\ProgramData\NuGet
2014-03-17 14:24 - 2014-03-17 14:24 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-03-15 11:59 - 2014-03-15 11:59 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\LSC
2014-03-15 11:58 - 2014-03-15 11:58 - 00002007 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-15 11:56 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 11:56 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 11:56 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-13 22:31 - 2014-03-13 22:31 - 00000000 ____D () C:\Program Files\Common Files\Lenovo
2014-03-13 22:27 - 2014-03-13 22:27 - 00002132 _____ () C:\Users\Public\Desktop\Lenovo Fingerprint Manager.lnk
2014-03-13 20:52 - 2014-03-13 20:52 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-13 19:31 - 2014-03-13 20:39 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\avidemux
2014-03-13 12:19 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-13 12:19 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-13 11:07 - 2014-03-13 11:07 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-03-13 09:43 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-13 09:43 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-13 09:43 - 2014-01-31 18:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-13 09:43 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-13 09:43 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-13 09:43 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-13 09:43 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-13 09:43 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-13 09:43 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-13 09:43 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-13 09:43 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-13 09:43 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-13 09:43 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-13 09:43 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-13 09:43 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-13 09:43 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-13 09:43 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-13 09:43 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-13 09:43 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-13 09:43 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-13 09:43 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-13 09:43 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-13 09:43 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-13 09:43 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-13 09:43 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-13 09:43 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-13 09:43 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-13 09:43 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-13 09:43 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-13 09:43 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-13 09:43 - 2014-01-27 13:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-13 09:43 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-13 09:43 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-13 09:43 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-13 09:43 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-13 09:43 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-13 09:43 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-13 09:42 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-13 09:42 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-13 09:42 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-13 09:42 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-13 09:42 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-13 09:42 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-13 09:42 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-13 09:42 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-13 09:42 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-13 09:42 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-13 09:42 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-13 09:42 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-13 09:42 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-13 09:42 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-13 09:42 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-13 09:42 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-13 09:42 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-13 09:42 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-13 09:42 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-13 09:42 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-13 09:42 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-10 17:26 - 2014-03-19 17:23 - 00000000 ____D () C:\httpd
2014-03-09 22:24 - 2014-03-09 22:24 - 00000000 ___SD () C:\Users\Nallim\Documents\Zdroje dat
2014-03-09 19:24 - 2014-03-09 19:24 - 00788272 _____ () C:\WINDOWS\Minidump\030914-45406-01.dmp

==================== One Month Modified Files and Folders =======

2014-04-05 19:43 - 2014-04-05 19:43 - 00036356 _____ () C:\Users\Nallim\Desktop\FRST.txt
2014-04-05 19:43 - 2014-04-05 19:42 - 00000000 ____D () C:\FRST
2014-04-05 19:41 - 2014-04-05 19:41 - 00112640 _____ (forum.viry.cz) C:\Users\Nallim\Downloads\FRSTLauncher.exe
2014-04-05 19:41 - 2014-02-06 11:59 - 00536576 ___SH () C:\Users\Nallim\Downloads\Thumbs.db
2014-04-05 19:40 - 2014-04-05 19:40 - 02157056 _____ (Farbar) C:\Users\Nallim\Desktop\FRST64.exe
2014-04-05 19:37 - 2014-01-28 21:32 - 01420179 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-05 19:33 - 2013-11-24 17:29 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Dropbox
2014-04-05 19:19 - 2014-04-05 19:12 - 00607728 _____ () C:\Users\Public\ASR.dat
2014-04-05 19:07 - 2014-03-17 18:16 - 00004980 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for NALLIM-TP-Nallim Nallim-TP
2014-04-05 19:06 - 2013-12-18 21:40 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Spotify
2014-04-05 19:02 - 2014-04-05 19:02 - 00096856 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR410.SYS
2014-04-05 19:02 - 2014-04-05 19:02 - 00000020 _____ () C:\WINDOWS\system32\Drivers\SMR410.dat
2014-04-05 19:02 - 2014-03-22 21:25 - 00000000 ____D () C:\Users\Nallim\AppData\Local\NPE
2014-04-05 19:00 - 2013-11-24 17:09 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-05 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-05 18:53 - 2013-11-24 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-05 18:52 - 2014-04-03 23:44 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 18:52 - 2013-11-24 22:29 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-05 18:23 - 2013-11-24 17:23 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2322367244-264633817-2867371408-1001
2014-04-05 18:21 - 2013-12-18 21:50 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Spotify
2014-04-05 18:20 - 2013-11-24 17:32 - 00000000 ___RD () C:\Users\Nallim\Documents\Dropbox
2014-04-05 18:18 - 2013-11-24 22:29 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-05 18:17 - 2014-04-03 23:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-05 18:15 - 2014-01-20 23:50 - 00000000 __RDO () C:\Users\Nallim\SkyDrive
2014-04-05 18:14 - 2013-11-24 22:54 - 00000000 ___RD () C:\Users\Nallim\Documents\Disk Google
2014-04-05 18:13 - 2013-11-24 16:37 - 00000000 ___RD () C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-04 16:03 - 2013-12-01 11:02 - 06124346 _____ () C:\Users\Public\CAFADEBUG.log
2014-04-04 15:32 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-04-04 15:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-04 15:13 - 2013-11-24 21:35 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Nitro PDF
2014-04-04 15:09 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-04 15:08 - 2014-04-01 10:03 - 00005204 _____ () C:\WINDOWS\PFRO.log
2014-04-04 15:07 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-04 13:19 - 2014-03-18 22:53 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Skype
2014-04-04 13:11 - 2013-12-01 15:27 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-04-04 12:57 - 2013-11-14 14:40 - 01935052 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-04 12:57 - 2013-11-14 14:24 - 00802206 _____ () C:\WINDOWS\system32\perfh005.dat
2014-04-04 12:57 - 2013-11-14 14:24 - 00183700 _____ () C:\WINDOWS\system32\perfc005.dat
2014-04-04 12:54 - 2013-11-24 22:34 - 00000000 ____D () C:\Users\Nallim\AppData\Local\JDownloader v2.0
2014-04-04 07:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Globalization
2014-04-04 07:09 - 2014-01-23 13:36 - 00000000 ____D () C:\Users\Nallim\AppData\Local\genienext
2014-04-03 23:44 - 2014-04-03 23:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-03 23:29 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-03 23:26 - 2014-04-03 21:09 - 00067632 _____ (Symantec Corporation) C:\WINDOWS\system32\msln.exe
2014-04-03 23:24 - 2014-03-19 10:14 - 00658612 _____ () C:\Users\Nallim\AppData\Roaming\oct
2014-04-03 22:53 - 2014-04-03 22:53 - 00000000 ____D () C:\Users\Nallim\Downloads\26000e-knih
2014-04-03 22:45 - 2014-04-03 22:45 - 00003130 _____ () C:\WINDOWS\System32\Tasks\{BF9DF23C-DDC9-444A-9449-61C0DF39F1C1}
2014-04-03 16:33 - 2013-11-24 17:36 - 00000000 ____D () C:\#Nallim
2014-04-03 12:08 - 2014-02-03 13:07 - 00000000 ____D () C:\ProgramData\VMware
2014-04-03 12:05 - 2014-03-27 20:20 - 00000000 ____D () C:\Users\Nallim\.VirtualBox
2014-04-03 12:05 - 2014-02-03 13:33 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\VMware
2014-04-03 12:03 - 2014-02-03 13:33 - 00000000 ____D () C:\Users\Nallim\AppData\Local\VMware
2014-04-03 11:52 - 2014-01-12 22:18 - 00000600 _____ () C:\Users\Nallim\AppData\Local\PUTTY.RND
2014-04-03 09:51 - 2014-04-03 23:44 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-03 23:44 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-03 23:44 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-03 09:20 - 2013-11-24 15:26 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Packages
2014-04-02 12:05 - 2014-01-12 23:17 - 00000600 _____ () C:\Users\Nallim\AppData\Roaming\winscp.rnd
2014-04-02 09:31 - 2014-04-02 07:45 - 00000000 ____D () C:\Users\Nallim\Documents\Moje přijaté soubory
2014-04-02 07:45 - 2014-04-02 07:45 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-04-02 07:45 - 2014-04-02 07:44 - 00000300 _____ () C:\WINDOWS\setupact.log
2014-04-02 07:44 - 2014-04-02 07:44 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-04-01 22:31 - 2014-04-01 22:31 - 00002643 _____ () C:\Users\Nallim\Documents\pureftpd.pdb
2014-04-01 18:12 - 2014-04-01 18:10 - 00000000 ____D () C:\Users\Nallim\Desktop\ISOSY
2014-04-01 10:03 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-31 22:13 - 2014-02-03 13:30 - 00000000 ____D () C:\Users\Nallim\VirtualBox VMs
2014-03-31 16:52 - 2014-03-31 16:05 - 00000000 ____D () C:\Apache24
2014-03-31 16:14 - 2013-11-24 17:58 - 00000000 ____D () C:\Users\Nallim\Documents\Visual Studio 2013
2014-03-31 11:46 - 2013-11-24 22:29 - 00003944 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-31 11:46 - 2013-11-24 22:29 - 00003708 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 20:29 - 2013-11-24 22:26 - 00000000 ____D () C:\Users\Nallim\Documents\NetBeansProjects
2014-03-29 21:59 - 2014-03-25 10:40 - 00001292 _____ () C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-29 21:50 - 2014-03-29 21:50 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-03-29 21:50 - 2014-03-18 18:49 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-03-29 21:50 - 2014-03-18 18:48 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-03-29 21:19 - 2014-03-27 23:49 - 00000476 _____ () C:\Users\Nallim\Desktop\eset.txt
2014-03-29 20:25 - 2014-01-20 23:05 - 00000000 ____D () C:\Users\Nallim
2014-03-29 20:24 - 2014-03-27 23:53 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-03-29 20:22 - 2014-03-18 10:42 - 00000000 ____D () C:\Users\Test
2014-03-29 20:22 - 2014-02-05 19:33 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-29 20:22 - 2013-11-24 17:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-29 20:21 - 2013-11-24 22:34 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Mobogenie
2014-03-29 20:21 - 2013-11-24 21:35 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-29 20:21 - 2013-11-24 18:16 - 00000000 ____D () C:\ProgramData\Norton
2014-03-29 20:21 - 2013-11-24 16:40 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\GHISLER
2014-03-29 20:20 - 2014-03-28 22:52 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\dvdcss
2014-03-29 20:20 - 2014-03-27 23:53 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\iSafe
2014-03-29 20:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\registration
2014-03-29 17:07 - 2014-03-25 17:39 - 00098663 _____ () C:\Users\Nallim\Documents\Dotazník (Vyhodnocení).xlsx
2014-03-29 16:22 - 2014-03-25 12:12 - 00001660 _____ () C:\Users\Nallim\Desktop\dotaznik.txt
2014-03-27 23:54 - 2014-03-27 23:54 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\eCyber
2014-03-27 23:53 - 2014-03-27 23:53 - 00000000 ____D () C:\WINDOWS\system32\log
2014-03-27 19:43 - 2014-03-27 19:43 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-27 17:45 - 2014-03-27 17:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-27 12:15 - 2014-03-27 12:03 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Sparx Systems
2014-03-27 12:02 - 2014-03-27 12:02 - 00000000 ____D () C:\Program Files (x86)\Sparx Systems
2014-03-27 10:38 - 2014-03-27 10:38 - 00008105 _____ () C:\Users\Nallim\Documents\ja.csv
2014-03-27 10:32 - 2014-03-27 10:32 - 00008105 _____ () C:\Users\Nallim\Documents\ja5.csv
2014-03-26 22:48 - 2014-01-20 19:28 - 799515960 _____ () C:\WINDOWS\MEMORY.DMP
2014-03-26 17:08 - 2013-11-24 22:01 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\BatteryBar
2014-03-26 10:43 - 2014-01-09 13:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-03-25 21:23 - 2014-03-25 21:23 - 00000203 _____ () C:\Users\Nallim\Desktop\idats.txt
2014-03-25 20:36 - 2013-11-24 21:11 - 00000000 ____D () C:\Users\Nallim\AppData\Local\CrashDumps
2014-03-25 18:45 - 2014-01-20 23:05 - 00001908 _____ () C:\WINDOWS\diagwrn.xml
2014-03-25 18:45 - 2014-01-20 23:05 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2014-03-25 18:42 - 2014-03-25 18:42 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-03-25 12:22 - 2014-03-18 15:32 - 00010866 _____ () C:\Users\Nallim\Documents\ClashOfClans.xlsx
2014-03-23 22:09 - 2014-03-23 22:09 - 00001262 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-23 22:08 - 2013-11-24 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-23 14:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-21 16:35 - 2013-11-24 16:37 - 00000000 ___RD () C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-21 15:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-19 17:23 - 2014-03-10 17:26 - 00000000 ____D () C:\httpd
2014-03-19 11:14 - 2014-03-19 10:16 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Jaksta_Technologies_Pty_L
2014-03-19 11:03 - 2014-03-19 11:03 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-03-19 10:16 - 2014-03-19 10:16 - 00000000 ____D () C:\Users\Nallim\Documents\Applian
2014-03-19 10:15 - 2014-03-19 10:15 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Applian
2014-03-19 10:14 - 2014-03-19 10:14 - 00000000 ____D () C:\WINDOWS\Jaksta
2014-03-19 09:26 - 2014-01-26 18:25 - 00000000 ____D () C:\Users\Nallim\Desktop\C
2014-03-18 22:53 - 2014-03-18 22:53 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Skype
2014-03-18 18:49 - 2014-03-18 18:49 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-03-18 18:49 - 2014-03-18 18:49 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-03-18 18:49 - 2014-03-18 18:49 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-18 18:48 - 2014-03-18 18:48 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-03-18 11:27 - 2013-11-24 19:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 11:21 - 2013-11-24 19:30 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-18 11:18 - 2013-11-24 18:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-18 10:54 - 2014-03-18 10:50 - 00000000 ____D () C:\Users\Test\AppData\Roaming\Skype
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ____D () C:\Users\Test\AppData\Local\Skype
2014-03-18 10:50 - 2014-03-18 10:50 - 00000000 ____D () C:\ProgramData\Skype
2014-03-18 10:49 - 2014-03-18 10:49 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Test\Downloads\SkypeSetup.exe
2014-03-17 18:00 - 2014-03-17 18:00 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-17 18:00 - 2014-03-17 18:00 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-17 18:00 - 2014-03-17 18:00 - 00000000 ____D () C:\Program Files (x86)\AirPort
2014-03-17 17:18 - 2013-11-24 17:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-03-17 17:18 - 2013-11-24 16:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-17 14:24 - 2014-03-17 14:24 - 00000000 ____D () C:\ProgramData\NuGet
2014-03-17 14:24 - 2014-03-17 14:24 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-03-17 14:23 - 2013-11-24 17:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-03-17 14:10 - 2014-01-20 22:51 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-15 18:00 - 2013-11-24 21:40 - 00000000 ____D () C:\Users\Nallim\AppData\Local\Lenovo
2014-03-15 11:59 - 2014-03-15 11:59 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\LSC
2014-03-15 11:59 - 2014-01-14 20:30 - 00000000 ____D () C:\Users\Nallim\AppData\Local\LSC
2014-03-15 11:58 - 2014-03-15 11:58 - 00002007 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-15 11:58 - 2013-11-24 17:01 - 00000000 ____D () C:\Program Files\Lenovo
2014-03-15 11:58 - 2013-11-24 17:00 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-15 11:56 - 2013-11-24 21:43 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT
2014-03-15 11:55 - 2013-11-24 21:35 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-13 22:31 - 2014-03-13 22:31 - 00000000 ____D () C:\Program Files\Common Files\Lenovo
2014-03-13 22:27 - 2014-03-13 22:27 - 00002132 _____ () C:\Users\Public\Desktop\Lenovo Fingerprint Manager.lnk
2014-03-13 21:39 - 2013-11-24 20:44 - 00000000 ____D () C:\ProgramData\Autodesk
2014-03-13 21:31 - 2013-08-22 16:44 - 05030224 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-13 20:52 - 2014-03-13 20:52 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-13 20:52 - 2013-11-24 17:18 - 00000000 ____D () C:\Users\Nallim\.nbi
2014-03-13 20:47 - 2013-11-24 20:52 - 00000000 ____D () C:\Program Files\Autodesk
2014-03-13 20:47 - 2013-11-24 20:44 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\Autodesk
2014-03-13 20:43 - 2014-02-20 23:54 - 00000000 ____D () C:\Users\Nallim\Documents\My Digital Editions
2014-03-13 20:43 - 2013-11-24 16:49 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-13 20:39 - 2014-03-13 19:31 - 00000000 ____D () C:\Users\Nallim\AppData\Roaming\avidemux
2014-03-13 19:07 - 2013-12-12 17:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 19:07 - 2013-12-12 17:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 18:56 - 2014-03-18 10:42 - 00000000 ___RD () C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 18:56 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 18:56 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 18:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 18:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-13 11:07 - 2014-03-13 11:07 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-03-11 20:00 - 2013-11-24 17:09 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-09 22:24 - 2014-03-09 22:24 - 00000000 ___SD () C:\Users\Nallim\Documents\Zdroje dat
2014-03-09 19:24 - 2014-03-09 19:24 - 00788272 _____ () C:\WINDOWS\Minidump\030914-45406-01.dmp

Files to move or delete:
====================
C:\Users\Public\ASR.dat


Some content of TEMP:
====================
C:\Users\Nallim\AppData\Local\Temp\AcDeltree.exe
C:\Users\Nallim\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Nallim\AppData\Local\Temp\KMP_3.8.0.119.exe
C:\Users\Nallim\AppData\Local\Temp\pyl2595.tmp.exe
C:\Users\Nallim\AppData\Local\Temp\pylFD18.tmp.exe
C:\Users\Nallim\AppData\Local\Temp\Shockwave_Installer_FF.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-13 09:43] - [2014-01-31 18:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Nallim\Desktop" je 7 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\cvtres.exe"="C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\cvtres.exe:*:Enabled:Windows Messanger"
"C:\\Users\\Nallim\\AppData\\Roaming\\2oct.exe"="C:\\Users\\Nallim\\AppData\\Roaming\\2oct.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: asr.dat

Napsal: 05 dub 2014 20:12
od Rudy
Zdravím!
Poprosím o log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Re: asr.dat

Napsal: 05 dub 2014 20:16
od Nallim
Bohužel nelze spustit pod Windows 8.1. Ať už bez kompatibilitního módu či s ním.

"ComboFix is not meant to run in 'Compatibility Mode'. The program shall now exit.

Re: asr.dat

Napsal: 05 dub 2014 21:09
od Rudy
OK. Půjdeme na to jinak.

Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Users\Public\ASR.dat
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Run: [BlueSoleil 8.0.35] - C:\Users\Nallim\AppData\Local\Temp\.exe <===== ATTENTION
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\MountPoints2: {db9e7e23-7f51-11e3-be85-0c8bfd585907} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-2322367244-264633817-2867371408-1001\...\MountPoints2: {ffdedcc8-835d-11e3-be93-28d2442eca5b} - "E:\WD SmartWare.exe" autoplay=true
FF ProfilePath: C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default
FF Extension: BBCodeXtra - C:\Users\Nallim\AppData\Roaming\Mozilla\Firefox\Profiles\1eaw5vly.default\Extensions\{af79f858-4b25-4ca4-822b-b5db1be628fc}.xpi [2013-11-24]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\SA.DAT
C:\Users\Nallim\AppData\Local\Temp
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: asr.dat

Napsal: 05 dub 2014 22:07
od Nallim
Díky.

Má to mnoho znaků, tak jsem to dal sem:
http://pastebin.com/acNRhy97
http://pastebin.com/k870BsFG

Re: asr.dat

Napsal: 06 dub 2014 10:14
od Rudy
Smazáno. pro jistotu ještě proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: asr.dat

Napsal: 06 dub 2014 12:02
od Nallim
Ano už to nic nenašlo.

Děkuji mnohokrát :)

Re: asr.dat

Napsal: 06 dub 2014 12:05
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz