VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2014-09-03 16:37:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 95 GB (40%) free of 238 GB
Total RAM: 3996 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:37:06, on 3. 9. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\ntb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 1QSKJAPBAX
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... 1QSKJAPBAX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... 1QSKJAPBAX
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [Wondershare Helper Compact] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13030 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=655f236a-786c-4c57-aa4f-6764b285613e /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\6171cd0d-c2fb-467a-b14c-5d05fd86275f-1c8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe"
"taskhost.exe"
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files (x86)\SupTab\HpUI.exe" -run
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files (x86)\SupTab\Loader64.exe"
"C:\Program Files (x86)\SupTab\Loader32.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-1365635752-8500496451206572354-1368290214-1692921961-1502428424-1582259401-730319019
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
ctfmon.exe
WLIDSvcM.exe 1980
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=92bf7226-23d9-420a-ae05-3a609c607e17 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\d55c686b-d8be-4b1c-97c4-d75eaba26a66-978-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" /AFTERINSTALL
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskmgr.exe /3

"C:\Users\ntb\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\755ddprm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.sk/?gws_rd=cr, ssl&ei=XdkAVOrpKuPe4QT4oIH4DQ"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\755ddprm.default\extensions\
faststartff@gmail.com
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-08-26 515464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-06-14 1563440]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2014-06-14 843568]
"Wondershare Helper Compact"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"Wondershare Helper Compact"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-06-14 310064]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"!AVG Anti-Spyware"=C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-09-03 2680344]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodecPackUpdateChecker.lnk - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
MobileGo Service.lnk - C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-03 16:37:00 ----D---- C:\rsit
2014-09-03 16:37:00 ----D---- C:\Program Files\trend micro
2014-08-29 20:47:16 ----D---- C:\ProgramData\AVG Security Toolbar
2014-08-29 20:47:12 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-08-29 20:47:09 ----D---- C:\ProgramData\AVG Secure Search
2014-08-29 20:47:06 ----D---- C:\ProgramData\AVG Web TuneUp
2014-08-29 20:47:06 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-08-28 23:11:34 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 23:11:34 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 23:11:34 ----A---- C:\Windows\system32\gdi32.dll
2014-08-26 22:16:38 ----D---- C:\Users\ntb\AppData\Roaming\Grisoft
2014-08-26 22:16:09 ----A---- C:\Windows\system32\drivers\AvgAsC64.sys
2014-08-26 22:16:06 ----D---- C:\ProgramData\Grisoft
2014-08-26 22:16:06 ----D---- C:\Program Files (x86)\Grisoft
2014-08-26 21:28:45 ----A---- C:\autoexec.bat
2014-08-26 21:27:14 ----D---- C:\Program Files\Enigma Software Group
2014-08-26 21:23:36 ----D---- C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-26 20:22:33 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2014-08-26 20:08:01 ----D---- C:\Program Files (x86)\Applian Technologies
2014-08-26 20:04:16 ----D---- C:\ProgramData\IePluginServices
2014-08-26 20:04:10 ----D---- C:\ProgramData\WindowsMangerProtect
2014-08-26 20:04:05 ----D---- C:\Program Files (x86)\SupTab
2014-08-26 20:02:36 ----D---- C:\Users\ntb\AppData\Roaming\webssearches
2014-08-25 18:09:28 ----D---- C:\Users\ntb\AppData\Roaming\Oracle
2014-08-25 18:05:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\java.exe
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wups2.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wucltux.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wups.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wudriver.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wuapi.dll
2014-08-22 19:24:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-22 19:24:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-22 19:24:02 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-22 19:24:02 ----A---- C:\Windows\system32\wuapp.exe
2014-08-14 11:59:18 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 11:59:18 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 11:59:18 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 11:59:18 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 11:59:16 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 11:59:16 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 11:27:57 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 11:27:57 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-14 07:49:14 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 07:49:14 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 07:48:59 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 07:48:59 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 07:48:59 ----A---- C:\Windows\system32\msi.dll
2014-08-14 07:48:59 ----A---- C:\Windows\system32\authui.dll
2014-08-14 07:48:58 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 07:48:58 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 07:48:58 ----A---- C:\Windows\system32\consent.exe
2014-08-14 07:48:52 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 07:48:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 07:48:48 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 07:48:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 07:48:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 07:48:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 07:48:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 07:48:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 07:48:34 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 07:48:34 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 07:48:33 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 07:48:33 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 07:48:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 07:48:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 07:48:32 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 07:48:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 07:48:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 07:48:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 07:48:29 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 07:48:28 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 07:48:28 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 07:48:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 07:48:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 07:48:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 07:48:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 07:48:24 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 07:48:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 07:48:22 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 07:48:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 07:48:21 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 07:47:01 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 07:47:01 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 07:47:00 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 07:46:59 ----A---- C:\Windows\system32\aeinv.dll
2014-08-06 10:50:04 ----A---- C:\Windows\system32\drivers\avgmfx64.sys
2014-08-04 18:20:45 ----D---- C:\Users\ntb\AppData\Roaming\Windows Live Writer
2014-08-04 18:14:10 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2014-08-04 18:13:53 ----RD---- C:\Program Files (x86)\Skype
2014-08-04 18:13:23 ----D---- C:\ProgramData\Skype
2014-08-04 17:35:26 ----D---- C:\Windows\sk
2014-08-04 17:34:09 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-04 17:32:55 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2014-08-04 17:32:51 ----D---- C:\Program Files\Windows Live
2014-08-04 17:32:39 ----D---- C:\Windows\PCHEALTH
2014-08-04 17:32:24 ----D---- C:\Program Files (x86)\Windows Live
2014-08-04 09:30:20 ----D---- C:\Users\ntb\AppData\Roaming\AVG2014
2014-08-04 09:28:15 ----HD---- C:\$AVG
2014-08-04 09:28:13 ----D---- C:\ProgramData\AVG2014
2014-08-04 09:27:41 ----D---- C:\Program Files (x86)\AVG

======List of files/folders modified in the last 1 month======

2014-09-03 16:37:00 ----RD---- C:\Program Files
2014-09-03 16:35:16 ----D---- C:\Windows\Temp
2014-09-03 16:31:50 ----D---- C:\ProgramData\MFAData
2014-09-03 16:31:19 ----D---- C:\Windows\system32\Tasks
2014-09-03 16:31:19 ----D---- C:\Program Files (x86)\Opera
2014-09-03 16:24:39 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-03 07:39:28 ----D---- C:\Windows\system32\config
2014-09-03 07:08:09 ----D---- C:\Windows\Prefetch
2014-09-02 21:33:29 ----SHD---- C:\Windows\Installer
2014-09-02 21:33:22 ----SHD---- C:\System Volume Information
2014-09-02 21:31:41 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-09-02 21:31:41 ----D---- C:\Windows
2014-09-02 20:56:14 ----D---- C:\Windows\system32\drivers
2014-09-01 11:35:55 ----D---- C:\Windows\System32
2014-09-01 11:35:55 ----D---- C:\Windows\inf
2014-09-01 11:35:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-29 20:48:14 ----HD---- C:\ProgramData
2014-08-29 20:48:09 ----D---- C:\Windows\Tasks
2014-08-29 20:47:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-08-29 20:47:08 ----D---- C:\Program Files (x86)\Common Files
2014-08-29 20:47:06 ----RD---- C:\Program Files (x86)
2014-08-29 20:34:34 ----D---- C:\Windows\winsxs
2014-08-29 20:33:29 ----D---- C:\Windows\SysWOW64
2014-08-28 23:10:02 ----D---- C:\Windows\system32\catroot
2014-08-25 18:09:05 ----D---- C:\ProgramData\Oracle
2014-08-25 18:05:01 ----D---- C:\Program Files (x86)\Java
2014-08-25 18:00:28 ----D---- C:\Windows\system32\catroot2
2014-08-25 17:59:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-23 19:12:48 ----D---- C:\Windows\rescache
2014-08-23 11:31:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-23 11:31:50 ----D---- C:\Windows\system32\sk-SK
2014-08-15 21:41:31 ----D---- C:\Windows\Microsoft.NET
2014-08-15 21:40:47 ----RSD---- C:\Windows\assembly
2014-08-14 16:42:16 ----D---- C:\Windows\ehome
2014-08-14 16:42:15 ----RSD---- C:\Windows\Fonts
2014-08-14 16:41:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-14 16:41:45 ----D---- C:\Program Files\Internet Explorer
2014-08-14 16:41:43 ----D---- C:\Windows\system32\en-US
2014-08-14 16:41:43 ----D---- C:\Windows\PolicyDefinitions
2014-08-14 16:41:41 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 12:06:08 ----D---- C:\Windows\system32\MRT
2014-08-14 12:04:45 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 11:27:21 ----SD---- C:\Windows\system32\CompatTel
2014-08-12 18:30:52 ----D---- C:\Windows\system32\DriverStore
2014-08-07 19:19:54 ----D---- C:\Windows\Downloaded Program Files
2014-08-04 17:35:44 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2014-08-04 17:33:05 ----SD---- C:\ProgramData\Microsoft
2014-08-04 17:32:55 ----DC---- C:\Windows\system32\DRVSTORE
2014-08-04 17:32:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-08-04 17:30:15 ----D---- C:\Windows\Logs
2014-08-04 07:54:32 ----D---- C:\Program Files\Microsoft Silverlight
2014-08-04 07:54:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys [2007-05-30 12024]
R1 AvgAsC64;AVG Anti-Spyware Clean Driver; C:\Windows\System32\DRIVERS\AvgAsC64.sys [2007-05-30 14072]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2014-01-31 86896]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2010-12-21 127488]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2010-12-21 18944]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2010-12-21 161280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-08-25 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-08-26 715656]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-08-29 1843736]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-08-26 528896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10 262320]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Rudy píše:Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v3.309 - Report created 03/09/2014 at 20:10:37
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ntb - NTB-PC
# Running from : C:\Users\ntb\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginServices
Service Deleted : WindowsMangerProtect

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\ntb\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\ntb\AppData\Roaming\webssearches
Folder Deleted : C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\755ddprm.default\Extensions\faststartff@gmail.com
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\ntb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\ntb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\ntb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Bitberry Software
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\Tencent
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v31.0 (x86 sk)

[ File : C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\755ddprm.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://istart.webssearches.com/newtab/?type=nt&ts=1409076146&from=adks&uid=HitachiXHTS545025B9A300_090920PB4201QSKJAPBAX");
Line Deleted : user_pref("browser.search.defaultenginename", "webssearches");
Line Deleted : user_pref("browser.search.selectedEngine", "webssearches");

*************************

AdwCleaner[R0].txt - [10446 octets] - [03/09/2014 20:01:17]
AdwCleaner[S0].txt - [8323 octets] - [03/09/2014 20:10:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8383 octets] ##########

Dejte nový log RSIT.

Rudy píše:Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2014-09-03 20:51:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 95 GB (40%) free of 238 GB
Total RAM: 3996 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:49, on 3. 9. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\ntb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [Wondershare Helper Compact] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11742 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=bdfe765d-1f7f-4024-a60d-127eac6ee348 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\9e1dc108-7d6f-4264-af88-2278f7d7d318-1cc-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
WLIDSvcM.exe 2652
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=ddc42334-3bf4-4922-b36a-d156fa4a292c /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\aeb68161-54c2-4623-b879-6b253134a806-e74-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --ran-launcher /crash-reporter-parent-id=4612
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=gpu-process --channel="4612.0.243266164\646653490" --crash-reporter-pid=5748 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x9591 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.1000 --crash-reporter-pid=5748 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --extension-process --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=5748 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="4612.2.1724146736\2143258550" /prefetch:673131151
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --extension-process --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=5748 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="4612.3.1138554418\686330802" /prefetch:673131151
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --extension-process --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=5748 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="4612.4.404065672\832124898" /prefetch:673131151
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=5748 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="4612.6.165678999\1326015664" /prefetch:673131151
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=renderer --disable-direct-npapi-requests --lang=sk --disable-client-side-phishing-detection --renderer-print-preview --with-feature:enhanced-autofill --crash-reporter-pid=5748 --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="4612.12.708915447\827587543" /prefetch:673131151
"C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --disable-direct-npapi-requests --lang=sk --channel="4612.13.1739440130\554237597" --crash-reporter-pid=5748 /prefetch:-390060480

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://forum.viry.cz/viewtopic.php?f=13 ... &e=1343840"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\ntb\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\755ddprm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.sk/?gws_rd=cr, ssl&ei=XdkAVOrpKuPe4QT4oIH4DQ"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\755ddprm.default\extensions\
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-06-14 1563440]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2014-06-14 843568]
"Wondershare Helper Compact"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"Wondershare Helper Compact"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-06-14 310064]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodecPackUpdateChecker.lnk - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
MobileGo Service.lnk - C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-03 20:01:10 ----D---- C:\AdwCleaner
2014-09-03 16:37:00 ----D---- C:\rsit
2014-09-03 16:37:00 ----D---- C:\Program Files\trend micro
2014-08-29 20:47:12 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-08-29 20:47:06 ----D---- C:\ProgramData\AVG Web TuneUp
2014-08-29 20:47:06 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-08-28 23:11:34 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 23:11:34 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 23:11:34 ----A---- C:\Windows\system32\gdi32.dll
2014-08-26 22:16:06 ----D---- C:\ProgramData\Grisoft
2014-08-26 21:28:45 ----A---- C:\autoexec.bat
2014-08-26 21:27:14 ----D---- C:\Program Files\Enigma Software Group
2014-08-26 21:23:36 ----D---- C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-26 20:22:33 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2014-08-26 20:08:01 ----D---- C:\Program Files (x86)\Applian Technologies
2014-08-25 18:09:28 ----D---- C:\Users\ntb\AppData\Roaming\Oracle
2014-08-25 18:05:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\java.exe
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wups2.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wucltux.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wups.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wudriver.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wuapi.dll
2014-08-22 19:24:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-22 19:24:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-22 19:24:02 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-22 19:24:02 ----A---- C:\Windows\system32\wuapp.exe
2014-08-14 11:59:18 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 11:59:18 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 11:59:18 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 11:59:18 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 11:59:16 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 11:59:16 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 11:27:57 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 11:27:57 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-14 07:49:14 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 07:49:14 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 07:48:59 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 07:48:59 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 07:48:59 ----A---- C:\Windows\system32\msi.dll
2014-08-14 07:48:59 ----A---- C:\Windows\system32\authui.dll
2014-08-14 07:48:58 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 07:48:58 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 07:48:58 ----A---- C:\Windows\system32\consent.exe
2014-08-14 07:48:52 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 07:48:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 07:48:48 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 07:48:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 07:48:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 07:48:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 07:48:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 07:48:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 07:48:34 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 07:48:34 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 07:48:33 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 07:48:33 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 07:48:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 07:48:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 07:48:32 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 07:48:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 07:48:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 07:48:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 07:48:29 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 07:48:28 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 07:48:28 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 07:48:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 07:48:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 07:48:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 07:48:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 07:48:24 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 07:48:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 07:48:22 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 07:48:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 07:48:21 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 07:47:01 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 07:47:01 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 07:47:00 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 07:46:59 ----A---- C:\Windows\system32\aeinv.dll
2014-08-06 10:50:04 ----A---- C:\Windows\system32\drivers\avgmfx64.sys
2014-08-04 18:20:45 ----D---- C:\Users\ntb\AppData\Roaming\Windows Live Writer
2014-08-04 18:14:10 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2014-08-04 18:13:53 ----RD---- C:\Program Files (x86)\Skype
2014-08-04 18:13:23 ----D---- C:\ProgramData\Skype
2014-08-04 17:35:26 ----D---- C:\Windows\sk
2014-08-04 17:34:09 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-04 17:32:55 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2014-08-04 17:32:51 ----D---- C:\Program Files\Windows Live
2014-08-04 17:32:39 ----D---- C:\Windows\PCHEALTH
2014-08-04 17:32:24 ----D---- C:\Program Files (x86)\Windows Live
2014-08-04 09:30:20 ----D---- C:\Users\ntb\AppData\Roaming\AVG2014
2014-08-04 09:28:15 ----HD---- C:\$AVG
2014-08-04 09:28:13 ----D---- C:\ProgramData\AVG2014
2014-08-04 09:27:41 ----D---- C:\Program Files (x86)\AVG

======List of files/folders modified in the last 1 month======

2014-09-03 20:42:49 ----D---- C:\Windows\Temp
2014-09-03 20:37:08 ----D---- C:\Windows\system32\drivers
2014-09-03 20:36:54 ----RD---- C:\Program Files (x86)
2014-09-03 20:26:06 ----D---- C:\Windows\system32\config
2014-09-03 20:12:38 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-03 20:10:41 ----D---- C:\Program Files (x86)\Common Files
2014-09-03 20:10:39 ----HD---- C:\ProgramData
2014-09-03 18:56:20 ----D---- C:\ProgramData\MFAData
2014-09-03 18:41:23 ----D---- C:\Windows\System32
2014-09-03 18:41:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-03 18:41:22 ----D---- C:\Windows\inf
2014-09-03 16:37:00 ----RD---- C:\Program Files
2014-09-03 16:31:19 ----D---- C:\Windows\system32\Tasks
2014-09-03 16:31:19 ----D---- C:\Program Files (x86)\Opera
2014-09-03 07:08:09 ----D---- C:\Windows\Prefetch
2014-09-02 21:33:29 ----SHD---- C:\Windows\Installer
2014-09-02 21:33:22 ----SHD---- C:\System Volume Information
2014-09-02 21:31:41 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-09-02 21:31:41 ----D---- C:\Windows
2014-08-29 20:48:09 ----D---- C:\Windows\Tasks
2014-08-29 20:47:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-08-29 20:34:34 ----D---- C:\Windows\winsxs
2014-08-29 20:33:29 ----D---- C:\Windows\SysWOW64
2014-08-28 23:10:02 ----D---- C:\Windows\system32\catroot
2014-08-25 18:09:05 ----D---- C:\ProgramData\Oracle
2014-08-25 18:05:01 ----D---- C:\Program Files (x86)\Java
2014-08-25 18:00:28 ----D---- C:\Windows\system32\catroot2
2014-08-25 17:59:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-23 19:12:48 ----D---- C:\Windows\rescache
2014-08-23 11:31:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-23 11:31:50 ----D---- C:\Windows\system32\sk-SK
2014-08-15 21:41:31 ----D---- C:\Windows\Microsoft.NET
2014-08-15 21:40:47 ----RSD---- C:\Windows\assembly
2014-08-14 16:42:16 ----D---- C:\Windows\ehome
2014-08-14 16:42:15 ----RSD---- C:\Windows\Fonts
2014-08-14 16:41:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-14 16:41:45 ----D---- C:\Program Files\Internet Explorer
2014-08-14 16:41:43 ----D---- C:\Windows\system32\en-US
2014-08-14 16:41:43 ----D---- C:\Windows\PolicyDefinitions
2014-08-14 16:41:41 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 12:06:08 ----D---- C:\Windows\system32\MRT
2014-08-14 12:04:45 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 11:27:21 ----SD---- C:\Windows\system32\CompatTel
2014-08-12 18:30:52 ----D---- C:\Windows\system32\DriverStore
2014-08-07 19:19:54 ----D---- C:\Windows\Downloaded Program Files
2014-08-04 17:35:44 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2014-08-04 17:33:05 ----SD---- C:\ProgramData\Microsoft
2014-08-04 17:32:55 ----DC---- C:\Windows\system32\DRVSTORE
2014-08-04 17:32:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-08-04 17:30:15 ----D---- C:\Windows\Logs
2014-08-04 07:54:32 ----D---- C:\Program Files\Microsoft Silverlight
2014-08-04 07:54:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
R4 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard64.sys []
R4 AvgAsC64;AVG Anti-Spyware Clean Driver; C:\Windows\System32\DRIVERS\AvgAsC64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2014-01-31 86896]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2010-12-21 127488]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2010-12-21 18944]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2010-12-21 161280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-08-25 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10 262320]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Rudy píše:Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2014-09-03 21:50:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 95 GB (40%) free of 238 GB
Total RAM: 3996 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:21, on 3. 9. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\trend micro\ntb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [Wondershare Helper Compact] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11122 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
WLIDSvcM.exe 2888
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\SysWOW64\C2MP\UpdateChecker.exe"
"C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\ntb\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\755ddprm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.sk/?gws_rd=cr, ssl&ei=XdkAVOrpKuPe4QT4oIH4DQ"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\755ddprm.default\extensions\
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-06-14 1563440]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2014-06-14 843568]
"Wondershare Helper Compact"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"Wondershare Helper Compact"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-06-14 310064]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-08-25 5188112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodecPackUpdateChecker.lnk - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
MobileGo Service.lnk - C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-03 21:43:42 ----D---- C:\_OTM
2014-09-03 20:01:10 ----D---- C:\AdwCleaner
2014-09-03 16:37:00 ----D---- C:\rsit
2014-09-03 16:37:00 ----D---- C:\Program Files\trend micro
2014-08-29 20:47:12 ----A---- C:\Windows\system32\drivers\avgtpx64.sys
2014-08-29 20:47:06 ----D---- C:\ProgramData\AVG Web TuneUp
2014-08-29 20:47:06 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2014-08-28 23:11:34 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 23:11:34 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 23:11:34 ----A---- C:\Windows\system32\gdi32.dll
2014-08-26 22:16:06 ----D---- C:\ProgramData\Grisoft
2014-08-26 21:28:45 ----A---- C:\autoexec.bat
2014-08-26 21:27:14 ----D---- C:\Program Files\Enigma Software Group
2014-08-26 20:22:33 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2014-08-26 20:08:01 ----D---- C:\Program Files (x86)\Applian Technologies
2014-08-25 18:09:28 ----D---- C:\Users\ntb\AppData\Roaming\Oracle
2014-08-25 18:05:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-08-25 18:05:02 ----A---- C:\Windows\SYSWOW64\java.exe
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wups2.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wucltux.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-22 19:24:35 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-22 19:24:16 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wups.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wudriver.dll
2014-08-22 19:24:16 ----A---- C:\Windows\system32\wuapi.dll
2014-08-22 19:24:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-22 19:24:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-22 19:24:02 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-22 19:24:02 ----A---- C:\Windows\system32\wuapp.exe
2014-08-14 11:59:18 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 11:59:18 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 11:59:18 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 11:59:18 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 11:59:16 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 11:59:16 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 11:27:57 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 11:27:57 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 07:49:22 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-14 07:49:14 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 07:49:14 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 07:48:59 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 07:48:59 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 07:48:59 ----A---- C:\Windows\system32\msi.dll
2014-08-14 07:48:59 ----A---- C:\Windows\system32\authui.dll
2014-08-14 07:48:58 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 07:48:58 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 07:48:58 ----A---- C:\Windows\system32\consent.exe
2014-08-14 07:48:52 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 07:48:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 07:48:48 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 07:48:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 07:48:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 07:48:37 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 07:48:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 07:48:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 07:48:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 07:48:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 07:48:35 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 07:48:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 07:48:34 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 07:48:34 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 07:48:33 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 07:48:33 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 07:48:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 07:48:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 07:48:32 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 07:48:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 07:48:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 07:48:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 07:48:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 07:48:29 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 07:48:28 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 07:48:28 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 07:48:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 07:48:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 07:48:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 07:48:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 07:48:24 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 07:48:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 07:48:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 07:48:22 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 07:48:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 07:48:21 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 07:47:01 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 07:47:01 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 07:47:00 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 07:46:59 ----A---- C:\Windows\system32\aeinv.dll
2014-08-06 10:50:04 ----A---- C:\Windows\system32\drivers\avgmfx64.sys
2014-08-04 18:20:45 ----D---- C:\Users\ntb\AppData\Roaming\Windows Live Writer
2014-08-04 18:14:10 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2014-08-04 18:13:53 ----RD---- C:\Program Files (x86)\Skype
2014-08-04 18:13:23 ----D---- C:\ProgramData\Skype
2014-08-04 17:35:26 ----D---- C:\Windows\sk
2014-08-04 17:34:09 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-04 17:32:55 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2014-08-04 17:32:51 ----D---- C:\Program Files\Windows Live
2014-08-04 17:32:39 ----D---- C:\Windows\PCHEALTH
2014-08-04 17:32:24 ----D---- C:\Program Files (x86)\Windows Live
2014-08-04 09:30:20 ----D---- C:\Users\ntb\AppData\Roaming\AVG2014
2014-08-04 09:28:15 ----HD---- C:\$AVG
2014-08-04 09:28:13 ----D---- C:\ProgramData\AVG2014
2014-08-04 09:27:41 ----D---- C:\Program Files (x86)\AVG

======List of files/folders modified in the last 1 month======

2014-09-03 21:50:07 ----D---- C:\Windows\system32\config
2014-09-03 21:49:18 ----D---- C:\Windows\Temp
2014-09-03 21:46:34 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-03 21:43:42 ----HD---- C:\ProgramData
2014-09-03 21:43:42 ----D---- C:\Windows
2014-09-03 20:52:25 ----D---- C:\ProgramData\MFAData
2014-09-03 20:37:08 ----D---- C:\Windows\system32\drivers
2014-09-03 20:36:54 ----RD---- C:\Program Files (x86)
2014-09-03 20:10:41 ----D---- C:\Program Files (x86)\Common Files
2014-09-03 18:41:23 ----D---- C:\Windows\System32
2014-09-03 18:41:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-03 18:41:22 ----D---- C:\Windows\inf
2014-09-03 16:37:00 ----RD---- C:\Program Files
2014-09-03 16:31:19 ----D---- C:\Windows\system32\Tasks
2014-09-03 16:31:19 ----D---- C:\Program Files (x86)\Opera
2014-09-03 07:08:09 ----D---- C:\Windows\Prefetch
2014-09-02 21:33:29 ----SHD---- C:\Windows\Installer
2014-09-02 21:33:22 ----SHD---- C:\System Volume Information
2014-08-29 20:48:09 ----D---- C:\Windows\Tasks
2014-08-29 20:47:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-08-29 20:34:34 ----D---- C:\Windows\winsxs
2014-08-29 20:33:29 ----D---- C:\Windows\SysWOW64
2014-08-28 23:10:02 ----D---- C:\Windows\system32\catroot
2014-08-25 18:09:05 ----D---- C:\ProgramData\Oracle
2014-08-25 18:05:01 ----D---- C:\Program Files (x86)\Java
2014-08-25 18:00:28 ----D---- C:\Windows\system32\catroot2
2014-08-25 17:59:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-23 19:12:48 ----D---- C:\Windows\rescache
2014-08-23 11:31:51 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-23 11:31:50 ----D---- C:\Windows\system32\sk-SK
2014-08-15 21:41:31 ----D---- C:\Windows\Microsoft.NET
2014-08-15 21:40:47 ----RSD---- C:\Windows\assembly
2014-08-14 16:42:16 ----D---- C:\Windows\ehome
2014-08-14 16:42:15 ----RSD---- C:\Windows\Fonts
2014-08-14 16:41:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-14 16:41:45 ----D---- C:\Program Files\Internet Explorer
2014-08-14 16:41:43 ----D---- C:\Windows\system32\en-US
2014-08-14 16:41:43 ----D---- C:\Windows\PolicyDefinitions
2014-08-14 16:41:41 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 12:06:08 ----D---- C:\Windows\system32\MRT
2014-08-14 12:04:45 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 11:27:21 ----SD---- C:\Windows\system32\CompatTel
2014-08-12 18:30:52 ----D---- C:\Windows\system32\DriverStore
2014-08-07 19:19:54 ----D---- C:\Windows\Downloaded Program Files
2014-08-04 17:35:44 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2014-08-04 17:33:05 ----SD---- C:\ProgramData\Microsoft
2014-08-04 17:32:55 ----DC---- C:\Windows\system32\DRVSTORE
2014-08-04 17:32:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-08-04 17:30:15 ----D---- C:\Windows\Logs
2014-08-04 07:54:32 ----D---- C:\Program Files\Microsoft Silverlight
2014-08-04 07:54:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2014-01-31 86896]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2010-12-21 127488]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2010-12-21 18944]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2010-12-21 161280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-08-25 1417160]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384]
S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10 262320]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-23 119408]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

Rudy píše:Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

Reakcie sú podstatne lepšie, websearcher zmizol. Takže veľmi pekne vám ďakujem za rýchlu pomoc. Akú komplexnú ochranu pred háveďou odporúčate? Bezplatnú, ale aj platenú.
Ďakujem, Peter

Bezpečnostní balíky (tj. vše v jednom) jsou vždy placené. Doporučil bych buď Norton Internet Securiuty, nebo Kaspersky Internet Security. Z těch fre pak Aviru, nebo Avast jako AV a Zone Alarm jako FW. Nemáte zač!