DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 10.0.9200.16798
Run by pc2 at 7:57:51 on 2014-03-13
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.420.1029.18.3583.2579 [GMT 1:00]
.
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\taskhost.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Trophy\Services\RVGNetworkConfiguration\RVGNetworkConfiguration.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
StartupFolder: c:\users\pc2\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{312AAFB0-4B6C-427A-AB98-F9550A943838} : DHCPNameServer = 10.0.0.138
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 CORLOG;CORLOG;c:\windows\system32\drivers\corlog.sys [2011-4-29 3104]
R0 CORPCI;CORPCI;c:\windows\system32\drivers\corpci.sys [2011-4-29 10112]
R1 CORSERIAL;CORSERIAL;c:\windows\system32\drivers\corserial.sys [2011-4-29 45880]
R1 mvcntp;mvcntp;c:\windows\system32\drivers\mvcntp.sys [2011-4-29 111872]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-26 176128]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2011-1-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-12-21 41336]
R2 MSSQL$DENTIST32;SQL Server (DENTIST32);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2010-12-10 29293408]
R2 RVGNetworkConfigurationService;RVG Network Configuration Service;c:\program files\common files\trophy\services\rvgnetworkconfiguration\RVGNetworkConfiguration.exe [2010-4-9 40960]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2011-2-8 5120]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-4-10 211984]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-12-9 1077760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ifccsc21;ifccsc21;c:\windows\system32\ifccsc21.exe --> c:\windows\system32\ifccsc21.exe [?]
S3 RVG6Driver;Kodak Trophy RVG Driver;c:\windows\system32\drivers\RVG6USB.sys [2010-12-15 159808]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-9 52224]
S3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-17 1343400]
.
=============== Created Last 30 ================
.
2014-03-13 06:21:02	--------	d-----w-	C:\$RECYCLE.BIN
2014-03-13 06:17:48	--------	d-----w-	c:\users\pc2\appdata\local\temp
2014-03-13 06:14:13	62576	----a-w-	c:\programdata\microsoft\windows defender\definition updates\{9bdd512c-83af-44e9-84a7-46b8c7837c04}\offreg.dll
2014-03-13 06:05:01	98816	----a-w-	c:\windows\sed.exe
2014-03-13 06:05:01	256000	----a-w-	c:\windows\PEV.exe
2014-03-13 06:05:01	208896	----a-w-	c:\windows\MBR.exe
2014-03-13 05:55:43	--------	d-----w-	C:\Veronika.KOS
2014-03-13 05:55:43	--------	d-----w-	c:\users\pc2\appdata\local\GHISLER
2014-03-12 19:24:00	545	----a-w-	c:\windows\UC.PIF
2014-03-12 19:24:00	545	----a-w-	c:\windows\RAR.PIF
2014-03-12 19:24:00	545	----a-w-	c:\windows\LHA.PIF
2014-03-12 19:24:00	545	----a-w-	c:\windows\ARJ.PIF
2014-03-12 19:24:00	--------	d-----w-	c:\users\pc2\appdata\roaming\GHISLER
2014-03-12 19:24:00	--------	d-----w-	C:\totalcmd
2014-03-12 19:19:24	--------	d-----w-	c:\users\pc2\appdata\roaming\TeraCopy
2014-03-12 19:19:20	--------	d-----w-	c:\program files\TeraCopy
2014-03-12 13:39:32	83456	----a-w-	c:\windows\system32\WKLxIpU.exe
2014-03-12 13:22:42	--------	d-----w-	c:\users\pc2\appdata\roaming\Malwarebytes
2014-03-12 13:22:30	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-03-12 13:22:30	--------	d-----w-	c:\programdata\Malwarebytes
2014-03-12 13:22:30	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2014-03-12 13:22:16	--------	d-----w-	c:\users\pc2\appdata\local\Programs
2014-03-07 13:11:37	7947048	----a-w-	c:\programdata\microsoft\windows defender\definition updates\{9bdd512c-83af-44e9-84a7-46b8c7837c04}\mpengine.dll
2014-02-27 13:24:59	--------	d-----w-	c:\windows\Migration
2014-02-14 14:08:04	523776	----a-w-	c:\windows\system32\vbscript.dll
2014-02-14 05:57:28	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-02-14 05:57:28	1237504	----a-w-	c:\windows\system32\msxml3.dll
2014-02-14 05:57:19	3419136	----a-w-	c:\windows\system32\d2d1.dll
2014-02-14 05:57:19	1987584	----a-w-	c:\windows\system32\d3d10warp.dll
2014-02-14 05:57:17	594944	----a-w-	c:\windows\system32\RMActivate_isv.exe
2014-02-14 05:57:17	572416	----a-w-	c:\windows\system32\RMActivate.exe
2014-02-14 05:57:17	508928	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2014-02-14 05:57:16	87040	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2014-02-14 05:57:16	87040	----a-w-	c:\windows\system32\secproc_ssp.dll
2014-02-14 05:57:16	510976	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2014-02-14 05:57:16	428032	----a-w-	c:\windows\system32\secproc.dll
2014-02-14 05:57:16	423936	----a-w-	c:\windows\system32\secproc_isv.dll
2014-02-14 05:57:16	390144	----a-w-	c:\windows\system32\msdrm.dll
.
==================== Find3M  ====================
.
2014-03-12 13:19:07	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 13:19:07	692616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-02-01 07:58:31	1767936	----a-w-	c:\windows\system32\wininet.dll
2014-02-01 07:57:20	2877952	----a-w-	c:\windows\system32\jscript9.dll
2014-02-01 07:57:16	61440	----a-w-	c:\windows\system32\iesetup.dll
2014-02-01 07:57:16	109056	----a-w-	c:\windows\system32\iesysprep.dll
2014-02-01 07:34:53	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2014-02-01 06:38:03	71680	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-12-18 05:13:56	231584	------w-	c:\windows\system32\MpSigStub.exe
.
============= FINISH:  7:58:28,77 ===============
