Dobrý den,
posílám log z RSITu ze staršího PC, prosím o jeho kontrolu. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by udrzba at 2015-07-29 15:32:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (44%) free of 84 GB
Total RAM: 3054 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:32:38 PM, on 7/29/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
C:\Program Files\Java\jre6u26\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
C:\Program Files\Common Files\Siemens\SimNetCom\PNIOMGR.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
C:\Program Files\SIEMENS\SIMATIC.NET\SimNetCom\pniopcac.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\DSClient\dsinfo\DSInfo.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
C:\Program Files\Softing\Profibus Tester\PBTTray.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\udrzba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
F2 - REG:system.ini: UserInit=C:\windows\dsclient\cmi\bin\CMIAgent.exe user
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DSInfoTool] C:\WINDOWS\DSClient\dsinfo\DSInfo.exe C:\WINDOWS\DSClient\dsinfo\ds.bgi /taskbar /accepteula
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinCC flexible Smart Start] "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [mncpewbSrv] C:\WINDOWS\system32\mncpewb.vbe
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\inf\msstp.vbe
O4 - HKLM\..\Run: [mncjbpshlSrv] C:\WINDOWS\system32\mncjbpshl.vbe
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'Default user')
O4 - Startup: PBT3 Tester Scan.lnk = C:\Program Files\Softing\Profibus Tester\PBTTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit poekladae - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &oznaeený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0947301046
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: CMI Service - Unknown owner - C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
O23 - Service: McAfee Host Intrusion Prevention Service (enterceptAgent) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: McAfee HIPSCore Service (hips) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6u26\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OPCEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC S7DOS Help Service (s7oiehsx) - Siemens AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - Siemens AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: U7Service - SIEMENS AG - C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe
--
End of file - 16081 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_191_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Ball Kit.job - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\udrzba\Local Settings\Application Data\Ball Kit\Bin\BallKit.dll",#3
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1376201002.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\User_Feed_Synchronization-{63DAEE05-5E96-4AAC-82BE-24B81EE2E5D2}.job - C:\WINDOWS\system32\msfeedssync.exe sync
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents [2015-06-24 63]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2009-06-10 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-29 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll [2011-09-09 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents [2015-06-24 63]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-29 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DSInfoTool"=C:\WINDOWS\DSClient\dsinfo\DSInfo.exe [2009-11-20 844648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-11-19 176152]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-11-19 145944]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-04-21 737280]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-08-10 98304]
"WinCC flexible Smart Start"=C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [2011-12-14 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-15 2295080]
"S7UB Start"=C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [2010-06-03 102453]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"mncpewbSrv"=C:\WINDOWS\system32\mncpewb.vbe [2014-03-05 7670]
"MSStp"=C:\WINDOWS\inf\msstp.vbe [2014-03-05 1584]
"mncjbpshlSrv"=C:\WINDOWS\system32\mncjbpshl.vbe [2014-03-05 7670]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-06-10 106496]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-02-03 161088]
"McAfee Host Intrusion Prevention Tray"=C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [2010-02-16 979104]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-11-19 142360]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2009-09-05 385024]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-04-18 39408]
"cz.seznam.software.szndesktop"=C:\Documents [2015-06-24 63]
"cz.seznam.software.autoupdate"=C:\Documents [2015-06-24 63]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-06-02 28785792]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
C:\Documents and Settings\udrzba\Start Menu\Programs\Startup
PBT3 Tester Scan.lnk - C:\Program Files\Softing\Profibus Tester\PBTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-08-09 188416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-11-11 267776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2007 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Import/Export Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad"
"C:\WINDOWS\system32\s7epatsx.exe"="C:\WINDOWS\system32\s7epatsx.exe:*:Enabled:Configuration of STEP 7 - Communication"
"C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe"="C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe:*:Enabled:Konfigurationsprogramm für ACCON-NetLink"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe:*:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe:*:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe:LocalSubNet:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:LocalSubNet:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:LocalSubNet:Enabled:WinCC flexible RT Module HmiLoad"
"C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe:LocalSubNet:Enabled:CCAgent"
"C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe"="C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe:LocalSubNet:Enabled:RedundancyControl"
"C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe:LocalSubNet:Enabled:CCEServer"
"C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe"="C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe:*:Enabled:MFC-Anwendung License-Key"
"C:\Program Files\SEW\SEW-Communication-Server\Secos.exe"="C:\Program Files\SEW\SEW-Communication-Server\Secos.exe:*:Enabled:SEW-Communication-Server for Movitools-Motion-Studio"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP License Manager"
"C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\WINDOWS\system32\s7otbxsx.exe"="C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration"
"C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe"="C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox"
"C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe"="C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe"="C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe:LocalSubNet:Enabled:Automation License Manager Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\WINDOWS\system32\cba\pds.exe"="C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service"
"C:\WINDOWS\system32\msgsys.exe"="C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service"
"C:\Program Files\LANDesk\LDClient\issuser.exe"="C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent"
"C:\Program Files\LANDesk\Shared Files\residentagent.exe"="C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent"
"C:\Program Files\LANDesk\LDClient\tmcsvc.exe"="C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.DVSD"=pdvcodec.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======File associations======
.js - edit - C:\WINDOWS\system32\Notepad.exe %1
.js - open - C:\WINDOWS\system32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\system32\Notepad.exe %1
.vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-29 15:32:30 ----D---- C:\rsit
2015-07-29 15:32:30 ----D---- C:\Program Files\trend micro
2015-07-29 13:26:39 ----A---- C:\WINDOWS\system32\api_hook_list.dat
2015-07-29 13:26:29 ----A---- C:\WINDOWS\system32\HIPIS0e011b3.dll
2015-07-29 13:09:20 ----D---- C:\AdwCleaner
2015-07-29 09:03:03 ----D---- C:\Program Files\McAfee Security Scan
2015-07-06 09:59:04 ----A---- C:\ftconfig.ini
======List of files/folders modified in the last 1 month======
2015-07-29 15:32:37 ----D---- C:\WINDOWS\Prefetch
2015-07-29 15:32:30 ----D---- C:\Program Files
2015-07-29 15:28:13 ----D---- C:\WINDOWS\TEMP
2015-07-29 13:34:54 ----D---- C:\Documents and Settings\udrzba\Application Data\Seznam.cz
2015-07-29 13:32:27 ----A---- C:\WINDOWS\ET94.ini
2015-07-29 13:27:14 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-29 13:26:39 ----D---- C:\WINDOWS\system32
2015-07-29 13:25:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-29 13:22:09 ----SD---- C:\WINDOWS\Tasks
2015-07-29 13:22:02 ----D---- C:\Program Files\Common Files
2015-07-29 13:15:34 ----D---- C:\Documents and Settings\udrzba\Application Data\Skype
2015-07-29 13:11:42 ----SHD---- C:\WINDOWS\CSC
2015-07-29 13:06:11 ----D---- C:\WINDOWS\system32\config
2015-07-29 13:02:57 ----D---- C:\Program Files\Opera
2015-07-29 12:44:54 ----D---- C:\WINDOWS
2015-07-29 12:44:50 ----D---- C:\WINDOWS\system
2015-07-29 12:43:36 ----A---- C:\WINDOWS\SIM94.ini
2015-07-29 12:42:05 ----SHD---- C:\WINDOWS\Installer
2015-07-29 12:42:04 ----SHD---- C:\Config.Msi
2015-07-29 12:42:00 ----D---- C:\WINDOWS\WinSxS
2015-07-29 12:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\tmp
2015-07-29 10:35:09 ----HD---- C:\WINDOWS\inf
2015-07-29 09:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2015-07-29 08:59:15 ----D---- C:\WINDOWS\system32\cache
2015-07-12 11:00:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2015-07-10 08:26:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-10 06:03:08 ----D---- C:\Quarantine
2015-07-08 09:51:42 ----A---- C:\WINDOWS\system32\KevlarSigs.dll
2015-07-04 22:24:43 ----A---- C:\WINDOWS\ENG_KS98.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86;ahcix86; C:\WINDOWS\system32\DRIVERS\ahcix86.sys [2009-08-31 184888]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-04-28 140544]
R0 FirePM;McAfee HIP Component FirePM; C:\WINDOWS\system32\Drivers\FirePM.sys [2010-02-16 138528]
R0 hpdskflt;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2011-01-06 25144]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2011-05-20 461592]
R0 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-02-16 343920]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2006-04-24 100736]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2006-04-24 82944]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2015-03-02 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 FireTDI;McAfee HIP Component FireTDI; \??\C:\WINDOWS\system32\Drivers\FireTDI.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\Mfetdik.sys [2010-02-16 64208]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-10-23 114376]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 Dpmtrcdd;Dpmtrcdd; C:\WINDOWS\System32\DRIVERS\dpmtrcdd.sys [2010-01-09 28331]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Peakcan;Peakcan; C:\WINDOWS\System32\Drivers\Peakcan.sys [2006-10-10 175248]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver; C:\WINDOWS\System32\Drivers\S7odpx2x.sys [2014-01-16 77312]
R2 S7oppilx;Siemens PC/PPI Cable; C:\WINDOWS\System32\Drivers\S7oppilx.sys [2014-01-16 131584]
R2 s7osmcax;s7osmcax; C:\WINDOWS\System32\Drivers\s7osmcax.sys [2014-01-16 185856]
R2 s7otranx;s7otranx; C:\WINDOWS\System32\Drivers\s7otranx.sys [2014-01-16 509440]
R2 s7otsadx;s7otsadx; C:\WINDOWS\System32\Drivers\s7otsadx.sys [2014-01-16 183808]
R2 s7ousbu32x;SIMATIC USB Service; C:\WINDOWS\system32\DRIVERS\s7ousbu32x.sys [2014-01-16 124672]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\WINDOWS\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 69848]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\WINDOWS\system32\DRIVERS\sntie.sys [2013-10-28 276192]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2011-01-06 32440]
R3 AESTAud;IDT AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-04-21 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-08-10 6407680]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-11-18 556200]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2010-01-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2010-07-23 932136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-11-18 118440]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-07-23 51752]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c5132.sys [2010-12-21 174248]
R3 FirehkMP;FirehkMP; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
R3 firelm01;firelm01; \??\C:\WINDOWS\system32\drivers\firelm01.sys []
R3 fwkbdrtm;fwkbdrtm; \??\C:\WINDOWS\system32\drivers\fwkbdrtm.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HIPK;McAfee Inc. HIPK; C:\WINDOWS\system32\drivers\HIPK.sys [2010-02-16 107896]
R3 HIPPSK;McAfee Inc. HIPPSK; C:\WINDOWS\system32\drivers\HIPPSK.sys [2010-02-16 38680]
R3 HIPQK;McAfee Inc. HIPQK; C:\WINDOWS\system32\drivers\HIPQK.sys [2010-02-16 35584]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-06-25 41216]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2011-01-31 144472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MEI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-02-16 75704]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-27 73512]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-27 34408]
R3 NETwNx32;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwNx32.sys [2010-12-21 7391104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2011-01-27 1660547]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2011-09-15 295856]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 a320raid;a320raid; C:\WINDOWS\system32\DRIVERS\a320raid.sys [2004-05-08 251194]
S0 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2003-09-04 132608]
S0 SAS5XSYM;SAS5XSYM; C:\WINDOWS\system32\DRIVERS\SAS5XSYM.sys [2005-11-17 92672]
S0 SI3114r;SiI-3114 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\SI3114R.sys [2003-09-22 96906]
S0 SYMMPI;SYMMPI; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2007-02-10 100096]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 ab8fnogs;ab8fnogs; C:\WINDOWS\system32\drivers\ab8fnogs.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dpmcslv;dpmcslv; C:\WINDOWS\system32\drivers\dpmcslv.sys [2005-07-04 68280]
S3 Firehk;McAfee NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys []
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-11-11 2171840]
S3 IntcDAud;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 260864]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mxuwdrv2;MOXA UPort 1110/1130/1150 Windows Driver; C:\WINDOWS\system32\DRIVERS\mxuwdrv2.sys [2013-05-14 59904]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Pcan_usb;PEAK PCAN_USB driver for CAN hardware; C:\WINDOWS\system32\DRIVERS\PCAN_USB.SYS [2012-01-24 470784]
S3 S5AS511;S5AS511; C:\WINDOWS\system32\drivers\S5AS511.sys [2001-11-21 15360]
S3 S5MCD;S5MCD; C:\WINDOWS\system32\drivers\S5MCD.sys [2001-11-21 188416]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\WINDOWS\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 s7oppitx;s7oppitx; C:\WINDOWS\System32\Drivers\S7oppitx.sys [2014-01-16 95232]
S3 S7OUSBM32X;SIMATIC USB Device - USB Driver Service; C:\WINDOWS\system32\DRIVERS\s7ousbm32x.sys [2013-01-07 39936]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SPUVCbv;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;WinUSB Service; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2013-01-08 1183608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-08-09 638976]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2010-07-30 365912]
R2 CMI Service;CMI Service; C:\WINDOWS\DSClient\CMI\Bin\CMI.exe [2011-04-28 58880]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-02-16 1498224]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2010-09-27 4180576]
R2 hips;McAfee HIPSCore Service; C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe [2010-02-16 35696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6u26\bin\jqs.exe [2011-09-09 153376]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-02-03 120128]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2009-01-27 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2009-06-10 49152]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-02-16 70728]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 s7asysvx;S7 Global Services; C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe [2011-10-31 69685]
R2 s7oiehsx;SIMATIC S7DOS Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2014-01-16 425696]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2014-01-16 560864]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-02 163328]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 STacSV;Audio Service; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-27 274514]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-02 363008]
S2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-02 245248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-02 264704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [2015-06-26 235696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OPCEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-02 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-02 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-02 101888]
S3 U7Service;U7Service; C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe [2014-05-05 81344]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2012-09-27 129632]
S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-25 2161976]
S4 UxTuneUp;AVG Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
log z ADWCleaneru
# AdwCleaner v4.208 - Logfile created 29/07/2015 at 19:08:36
# Updated 09/07/2015 by Xplode
# Database : 2015-07-26.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : udrzba - OT801524D
# Running from : D:\Dokumenty\Downloads\adwcleaner_4.208 (1).exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Avg_Update_0814tb
File Deleted : C:\Documents and Settings\elektro\Application Data\Opera Software\Opera Stable\databases\chrome-extension_bbglkiiiofelplniblholffbhhjmdhhi_0
File Deleted : C:\Documents and Settings\elektro\Application Data\Opera Software\Opera Stable\Local Extension Settings\bbglkiiiofelplniblholffbhhjmdhhi
File Deleted : C:\Documents and Settings\udrzba\Application Data\Opera Software\Opera Stable\databases\chrome-extension_bbglkiiiofelplniblholffbhhjmdhhi_0
File Deleted : C:\Documents and Settings\udrzba\Application Data\Opera Software\Opera Stable\Local Extension Settings\bbglkiiiofelplniblholffbhhjmdhhi
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Google Chrome v43.0.2357.132
-\\ Opera v30.0.1835.125
*************************
AdwCleaner[R0].txt - [21485 bytes] - [29/07/2015 13:09:21]
AdwCleaner[R1].txt - [21545 bytes] - [29/07/2015 13:18:05]
AdwCleaner[R2].txt - [1724 bytes] - [29/07/2015 19:03:02]
AdwCleaner[S0].txt - [21472 bytes] - [29/07/2015 13:21:28]
AdwCleaner[S1].txt - [1661 bytes] - [29/07/2015 19:08:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1720 bytes] ##########
# AdwCleaner v4.208 - Logfile created 29/07/2015 at 19:08:36
# Updated 09/07/2015 by Xplode
# Database : 2015-07-26.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : udrzba - OT801524D
# Running from : D:\Dokumenty\Downloads\adwcleaner_4.208 (1).exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Avg_Update_0814tb
File Deleted : C:\Documents and Settings\elektro\Application Data\Opera Software\Opera Stable\databases\chrome-extension_bbglkiiiofelplniblholffbhhjmdhhi_0
File Deleted : C:\Documents and Settings\elektro\Application Data\Opera Software\Opera Stable\Local Extension Settings\bbglkiiiofelplniblholffbhhjmdhhi
File Deleted : C:\Documents and Settings\udrzba\Application Data\Opera Software\Opera Stable\databases\chrome-extension_bbglkiiiofelplniblholffbhhjmdhhi_0
File Deleted : C:\Documents and Settings\udrzba\Application Data\Opera Software\Opera Stable\Local Extension Settings\bbglkiiiofelplniblholffbhhjmdhhi
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Google Chrome v43.0.2357.132
-\\ Opera v30.0.1835.125
*************************
AdwCleaner[R0].txt - [21485 bytes] - [29/07/2015 13:09:21]
AdwCleaner[R1].txt - [21545 bytes] - [29/07/2015 13:18:05]
AdwCleaner[R2].txt - [1724 bytes] - [29/07/2015 19:03:02]
AdwCleaner[S0].txt - [21472 bytes] - [29/07/2015 13:21:28]
AdwCleaner[S1].txt - [1661 bytes] - [29/07/2015 19:08:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1720 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Nový log z RSITu
Logfile of random's system information tool 1.10 (written by random/random)
Run by udrzba at 2015-07-29 21:15:32
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (44%) free of 84 GB
Total RAM: 3054 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:15:37 PM, on 7/29/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
C:\Program Files\Java\jre6u26\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
C:\Program Files\Common Files\Siemens\SimNetCom\PNIOMGR.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\SIEMENS\SIMATIC.NET\SimNetCom\pniopcac.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\DSClient\dsinfo\DSInfo.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
C:\Program Files\Softing\Profibus Tester\PBTTray.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
D:\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\udrzba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
F2 - REG:system.ini: UserInit=C:\windows\dsclient\cmi\bin\CMIAgent.exe user
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DSInfoTool] C:\WINDOWS\DSClient\dsinfo\DSInfo.exe C:\WINDOWS\DSClient\dsinfo\ds.bgi /taskbar /accepteula
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinCC flexible Smart Start] "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [mncpewbSrv] C:\WINDOWS\system32\mncpewb.vbe
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\inf\msstp.vbe
O4 - HKLM\..\Run: [mncjbpshlSrv] C:\WINDOWS\system32\mncjbpshl.vbe
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'Default user')
O4 - Startup: PBT3 Tester Scan.lnk = C:\Program Files\Softing\Profibus Tester\PBTTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit poekladae - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &oznaeený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0947301046
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: CMI Service - Unknown owner - C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
O23 - Service: McAfee Host Intrusion Prevention Service (enterceptAgent) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: McAfee HIPSCore Service (hips) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6u26\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OPCEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC S7DOS Help Service (s7oiehsx) - Siemens AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - Siemens AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: U7Service - SIEMENS AG - C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe
--
End of file - 16081 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_191_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Ball Kit.job - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\udrzba\Local Settings\Application Data\Ball Kit\Bin\BallKit.dll",#3
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1376201002.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\User_Feed_Synchronization-{63DAEE05-5E96-4AAC-82BE-24B81EE2E5D2}.job - C:\WINDOWS\system32\msfeedssync.exe sync
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents [2015-06-24 63]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2009-06-10 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-29 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll [2011-09-09 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents [2015-06-24 63]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-29 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DSInfoTool"=C:\WINDOWS\DSClient\dsinfo\DSInfo.exe [2009-11-20 844648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-11-19 176152]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-11-19 145944]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-04-21 737280]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-08-10 98304]
"WinCC flexible Smart Start"=C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [2011-12-14 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-15 2295080]
"S7UB Start"=C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [2010-06-03 102453]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"mncpewbSrv"=C:\WINDOWS\system32\mncpewb.vbe [2014-03-05 7670]
"MSStp"=C:\WINDOWS\inf\msstp.vbe [2014-03-05 1584]
"mncjbpshlSrv"=C:\WINDOWS\system32\mncjbpshl.vbe [2014-03-05 7670]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-06-10 106496]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-02-03 161088]
"McAfee Host Intrusion Prevention Tray"=C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [2010-02-16 979104]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-11-19 142360]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2009-09-05 385024]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-04-18 39408]
"cz.seznam.software.szndesktop"=C:\Documents [2015-06-24 63]
"cz.seznam.software.autoupdate"=C:\Documents [2015-06-24 63]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-06-02 28785792]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
C:\Documents and Settings\udrzba\Start Menu\Programs\Startup
PBT3 Tester Scan.lnk - C:\Program Files\Softing\Profibus Tester\PBTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-08-09 188416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-11-11 267776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2007 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Import/Export Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad"
"C:\WINDOWS\system32\s7epatsx.exe"="C:\WINDOWS\system32\s7epatsx.exe:*:Enabled:Configuration of STEP 7 - Communication"
"C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe"="C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe:*:Enabled:Konfigurationsprogramm für ACCON-NetLink"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe:*:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe:*:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe:LocalSubNet:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:LocalSubNet:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:LocalSubNet:Enabled:WinCC flexible RT Module HmiLoad"
"C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe:LocalSubNet:Enabled:CCAgent"
"C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe"="C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe:LocalSubNet:Enabled:RedundancyControl"
"C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe:LocalSubNet:Enabled:CCEServer"
"C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe"="C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe:*:Enabled:MFC-Anwendung License-Key"
"C:\Program Files\SEW\SEW-Communication-Server\Secos.exe"="C:\Program Files\SEW\SEW-Communication-Server\Secos.exe:*:Enabled:SEW-Communication-Server for Movitools-Motion-Studio"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP License Manager"
"C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\WINDOWS\system32\s7otbxsx.exe"="C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration"
"C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe"="C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox"
"C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe"="C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe"="C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe:LocalSubNet:Enabled:Automation License Manager Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\WINDOWS\system32\cba\pds.exe"="C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service"
"C:\WINDOWS\system32\msgsys.exe"="C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service"
"C:\Program Files\LANDesk\LDClient\issuser.exe"="C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent"
"C:\Program Files\LANDesk\Shared Files\residentagent.exe"="C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent"
"C:\Program Files\LANDesk\LDClient\tmcsvc.exe"="C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.DVSD"=pdvcodec.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======File associations======
.js - edit - C:\WINDOWS\system32\Notepad.exe %1
.js - open - C:\WINDOWS\system32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\system32\Notepad.exe %1
.vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-29 19:13:05 ----A---- C:\WINDOWS\system32\api_hook_list.dat
2015-07-29 19:12:55 ----A---- C:\WINDOWS\system32\HIPIS0e011b3.dll
2015-07-29 15:32:30 ----D---- C:\rsit
2015-07-29 15:32:30 ----D---- C:\Program Files\trend micro
2015-07-29 13:09:20 ----D---- C:\AdwCleaner
2015-07-29 09:03:03 ----D---- C:\Program Files\McAfee Security Scan
2015-07-06 09:59:04 ----A---- C:\ftconfig.ini
======List of files/folders modified in the last 1 month======
2015-07-29 21:14:49 ----D---- C:\WINDOWS\TEMP
2015-07-29 19:20:41 ----D---- C:\Documents and Settings\udrzba\Application Data\Seznam.cz
2015-07-29 19:16:01 ----D---- C:\WINDOWS\Prefetch
2015-07-29 19:13:40 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-29 19:13:05 ----D---- C:\WINDOWS\system32
2015-07-29 19:12:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-29 15:32:30 ----D---- C:\Program Files
2015-07-29 13:32:27 ----A---- C:\WINDOWS\ET94.ini
2015-07-29 13:22:09 ----SD---- C:\WINDOWS\Tasks
2015-07-29 13:22:02 ----D---- C:\Program Files\Common Files
2015-07-29 13:15:34 ----D---- C:\Documents and Settings\udrzba\Application Data\Skype
2015-07-29 13:11:42 ----SHD---- C:\WINDOWS\CSC
2015-07-29 13:06:11 ----D---- C:\WINDOWS\system32\config
2015-07-29 13:02:57 ----D---- C:\Program Files\Opera
2015-07-29 12:44:54 ----D---- C:\WINDOWS
2015-07-29 12:44:50 ----D---- C:\WINDOWS\system
2015-07-29 12:43:36 ----A---- C:\WINDOWS\SIM94.ini
2015-07-29 12:42:05 ----SHD---- C:\WINDOWS\Installer
2015-07-29 12:42:04 ----SHD---- C:\Config.Msi
2015-07-29 12:42:00 ----D---- C:\WINDOWS\WinSxS
2015-07-29 12:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\tmp
2015-07-29 10:35:09 ----HD---- C:\WINDOWS\inf
2015-07-29 09:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2015-07-29 08:59:15 ----D---- C:\WINDOWS\system32\cache
2015-07-12 11:00:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2015-07-10 08:26:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-10 06:03:08 ----D---- C:\Quarantine
2015-07-08 09:51:42 ----A---- C:\WINDOWS\system32\KevlarSigs.dll
2015-07-04 22:24:43 ----A---- C:\WINDOWS\ENG_KS98.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86;ahcix86; C:\WINDOWS\system32\DRIVERS\ahcix86.sys [2009-08-31 184888]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-04-28 140544]
R0 FirePM;McAfee HIP Component FirePM; C:\WINDOWS\system32\Drivers\FirePM.sys [2010-02-16 138528]
R0 hpdskflt;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2011-01-06 25144]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2011-05-20 461592]
R0 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-02-16 343920]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2006-04-24 100736]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2006-04-24 82944]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2015-03-02 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 FireTDI;McAfee HIP Component FireTDI; \??\C:\WINDOWS\system32\Drivers\FireTDI.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\Mfetdik.sys [2010-02-16 64208]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-10-23 114376]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 Dpmtrcdd;Dpmtrcdd; C:\WINDOWS\System32\DRIVERS\dpmtrcdd.sys [2010-01-09 28331]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Peakcan;Peakcan; C:\WINDOWS\System32\Drivers\Peakcan.sys [2006-10-10 175248]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver; C:\WINDOWS\System32\Drivers\S7odpx2x.sys [2014-01-16 77312]
R2 S7oppilx;Siemens PC/PPI Cable; C:\WINDOWS\System32\Drivers\S7oppilx.sys [2014-01-16 131584]
R2 s7osmcax;s7osmcax; C:\WINDOWS\System32\Drivers\s7osmcax.sys [2014-01-16 185856]
R2 s7otranx;s7otranx; C:\WINDOWS\System32\Drivers\s7otranx.sys [2014-01-16 509440]
R2 s7otsadx;s7otsadx; C:\WINDOWS\System32\Drivers\s7otsadx.sys [2014-01-16 183808]
R2 s7ousbu32x;SIMATIC USB Service; C:\WINDOWS\system32\DRIVERS\s7ousbu32x.sys [2014-01-16 124672]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\WINDOWS\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 69848]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\WINDOWS\system32\DRIVERS\sntie.sys [2013-10-28 276192]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2011-01-06 32440]
R3 AESTAud;IDT AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-04-21 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-08-10 6407680]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-11-18 556200]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2010-01-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2010-07-23 932136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-11-18 118440]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-07-23 51752]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c5132.sys [2010-12-21 174248]
R3 FirehkMP;FirehkMP; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
R3 firelm01;firelm01; \??\C:\WINDOWS\system32\drivers\firelm01.sys []
R3 fwkbdrtm;fwkbdrtm; \??\C:\WINDOWS\system32\drivers\fwkbdrtm.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HIPK;McAfee Inc. HIPK; C:\WINDOWS\system32\drivers\HIPK.sys [2010-02-16 107896]
R3 HIPPSK;McAfee Inc. HIPPSK; C:\WINDOWS\system32\drivers\HIPPSK.sys [2010-02-16 38680]
R3 HIPQK;McAfee Inc. HIPQK; C:\WINDOWS\system32\drivers\HIPQK.sys [2010-02-16 35584]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-06-25 41216]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2011-01-31 144472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MEI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-02-16 75704]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-27 73512]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-27 34408]
R3 NETwNx32;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwNx32.sys [2010-12-21 7391104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2011-01-27 1660547]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2011-09-15 295856]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 a320raid;a320raid; C:\WINDOWS\system32\DRIVERS\a320raid.sys [2004-05-08 251194]
S0 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2003-09-04 132608]
S0 SAS5XSYM;SAS5XSYM; C:\WINDOWS\system32\DRIVERS\SAS5XSYM.sys [2005-11-17 92672]
S0 SI3114r;SiI-3114 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\SI3114R.sys [2003-09-22 96906]
S0 SYMMPI;SYMMPI; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2007-02-10 100096]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 ar1pggfl;ar1pggfl; C:\WINDOWS\system32\drivers\ar1pggfl.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dpmcslv;dpmcslv; C:\WINDOWS\system32\drivers\dpmcslv.sys [2005-07-04 68280]
S3 Firehk;McAfee NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys []
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-11-11 2171840]
S3 IntcDAud;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 260864]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mxuwdrv2;MOXA UPort 1110/1130/1150 Windows Driver; C:\WINDOWS\system32\DRIVERS\mxuwdrv2.sys [2013-05-14 59904]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Pcan_usb;PEAK PCAN_USB driver for CAN hardware; C:\WINDOWS\system32\DRIVERS\PCAN_USB.SYS [2012-01-24 470784]
S3 S5AS511;S5AS511; C:\WINDOWS\system32\drivers\S5AS511.sys [2001-11-21 15360]
S3 S5MCD;S5MCD; C:\WINDOWS\system32\drivers\S5MCD.sys [2001-11-21 188416]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\WINDOWS\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 s7oppitx;s7oppitx; C:\WINDOWS\System32\Drivers\S7oppitx.sys [2014-01-16 95232]
S3 S7OUSBM32X;SIMATIC USB Device - USB Driver Service; C:\WINDOWS\system32\DRIVERS\s7ousbm32x.sys [2013-01-07 39936]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SPUVCbv;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;WinUSB Service; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2013-01-08 1183608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-08-09 638976]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2010-07-30 365912]
R2 CMI Service;CMI Service; C:\WINDOWS\DSClient\CMI\Bin\CMI.exe [2011-04-28 58880]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-02-16 1498224]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2010-09-27 4180576]
R2 hips;McAfee HIPSCore Service; C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe [2010-02-16 35696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6u26\bin\jqs.exe [2011-09-09 153376]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-02-03 120128]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2009-01-27 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2009-06-10 49152]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-02-16 70728]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 s7asysvx;S7 Global Services; C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe [2011-10-31 69685]
R2 s7oiehsx;SIMATIC S7DOS Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2014-01-16 425696]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2014-01-16 560864]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-02 163328]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 STacSV;Audio Service; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-27 274514]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-02 363008]
S2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-02 245248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-02 264704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [2015-06-26 235696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OPCEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-02 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-02 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-02 101888]
S3 U7Service;U7Service; C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe [2014-05-05 81344]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2012-09-27 129632]
S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-25 2161976]
S4 UxTuneUp;AVG Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by udrzba at 2015-07-29 21:15:32
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (44%) free of 84 GB
Total RAM: 3054 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:15:37 PM, on 7/29/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
C:\Program Files\Java\jre6u26\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
C:\Program Files\Common Files\Siemens\SimNetCom\PNIOMGR.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\SIEMENS\SIMATIC.NET\SimNetCom\pniopcac.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\DSClient\dsinfo\DSInfo.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
C:\Program Files\Softing\Profibus Tester\PBTTray.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
D:\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\udrzba.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
F2 - REG:system.ini: UserInit=C:\windows\dsclient\cmi\bin\CMIAgent.exe user
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DSInfoTool] C:\WINDOWS\DSClient\dsinfo\DSInfo.exe C:\WINDOWS\DSClient\dsinfo\ds.bgi /taskbar /accepteula
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinCC flexible Smart Start] "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [mncpewbSrv] C:\WINDOWS\system32\mncpewb.vbe
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\inf\msstp.vbe
O4 - HKLM\..\Run: [mncjbpshlSrv] C:\WINDOWS\system32\mncjbpshl.vbe
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'Default user')
O4 - Startup: PBT3 Tester Scan.lnk = C:\Program Files\Softing\Profibus Tester\PBTTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit poekladae - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &oznaeený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0947301046
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: CMI Service - Unknown owner - C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
O23 - Service: McAfee Host Intrusion Prevention Service (enterceptAgent) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: McAfee HIPSCore Service (hips) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6u26\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OPCEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC S7DOS Help Service (s7oiehsx) - Siemens AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - Siemens AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: U7Service - SIEMENS AG - C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe
--
End of file - 16081 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_191_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Ball Kit.job - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\udrzba\Local Settings\Application Data\Ball Kit\Bin\BallKit.dll",#3
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1376201002.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\User_Feed_Synchronization-{63DAEE05-5E96-4AAC-82BE-24B81EE2E5D2}.job - C:\WINDOWS\system32\msfeedssync.exe sync
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents [2015-06-24 63]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2009-06-10 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-29 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll [2011-09-09 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents [2015-06-24 63]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-29 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DSInfoTool"=C:\WINDOWS\DSClient\dsinfo\DSInfo.exe [2009-11-20 844648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-11-19 176152]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-11-19 145944]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-04-21 737280]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-08-10 98304]
"WinCC flexible Smart Start"=C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [2011-12-14 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-15 2295080]
"S7UB Start"=C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [2010-06-03 102453]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"mncpewbSrv"=C:\WINDOWS\system32\mncpewb.vbe [2014-03-05 7670]
"MSStp"=C:\WINDOWS\inf\msstp.vbe [2014-03-05 1584]
"mncjbpshlSrv"=C:\WINDOWS\system32\mncjbpshl.vbe [2014-03-05 7670]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-06-10 106496]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-02-03 161088]
"McAfee Host Intrusion Prevention Tray"=C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [2010-02-16 979104]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-11-19 142360]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2009-09-05 385024]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-04-18 39408]
"cz.seznam.software.szndesktop"=C:\Documents [2015-06-24 63]
"cz.seznam.software.autoupdate"=C:\Documents [2015-06-24 63]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-06-02 28785792]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
C:\Documents and Settings\udrzba\Start Menu\Programs\Startup
PBT3 Tester Scan.lnk - C:\Program Files\Softing\Profibus Tester\PBTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-08-09 188416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-11-11 267776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2007 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Import/Export Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad"
"C:\WINDOWS\system32\s7epatsx.exe"="C:\WINDOWS\system32\s7epatsx.exe:*:Enabled:Configuration of STEP 7 - Communication"
"C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe"="C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe:*:Enabled:Konfigurationsprogramm für ACCON-NetLink"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe:*:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe:*:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe:LocalSubNet:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:LocalSubNet:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:LocalSubNet:Enabled:WinCC flexible RT Module HmiLoad"
"C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe:LocalSubNet:Enabled:CCAgent"
"C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe"="C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe:LocalSubNet:Enabled:RedundancyControl"
"C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe:LocalSubNet:Enabled:CCEServer"
"C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe"="C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe:*:Enabled:MFC-Anwendung License-Key"
"C:\Program Files\SEW\SEW-Communication-Server\Secos.exe"="C:\Program Files\SEW\SEW-Communication-Server\Secos.exe:*:Enabled:SEW-Communication-Server for Movitools-Motion-Studio"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP License Manager"
"C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\WINDOWS\system32\s7otbxsx.exe"="C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration"
"C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe"="C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox"
"C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe"="C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe"="C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe:LocalSubNet:Enabled:Automation License Manager Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\WINDOWS\system32\cba\pds.exe"="C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service"
"C:\WINDOWS\system32\msgsys.exe"="C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service"
"C:\Program Files\LANDesk\LDClient\issuser.exe"="C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent"
"C:\Program Files\LANDesk\Shared Files\residentagent.exe"="C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent"
"C:\Program Files\LANDesk\LDClient\tmcsvc.exe"="C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.DVSD"=pdvcodec.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======File associations======
.js - edit - C:\WINDOWS\system32\Notepad.exe %1
.js - open - C:\WINDOWS\system32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\system32\Notepad.exe %1
.vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-29 19:13:05 ----A---- C:\WINDOWS\system32\api_hook_list.dat
2015-07-29 19:12:55 ----A---- C:\WINDOWS\system32\HIPIS0e011b3.dll
2015-07-29 15:32:30 ----D---- C:\rsit
2015-07-29 15:32:30 ----D---- C:\Program Files\trend micro
2015-07-29 13:09:20 ----D---- C:\AdwCleaner
2015-07-29 09:03:03 ----D---- C:\Program Files\McAfee Security Scan
2015-07-06 09:59:04 ----A---- C:\ftconfig.ini
======List of files/folders modified in the last 1 month======
2015-07-29 21:14:49 ----D---- C:\WINDOWS\TEMP
2015-07-29 19:20:41 ----D---- C:\Documents and Settings\udrzba\Application Data\Seznam.cz
2015-07-29 19:16:01 ----D---- C:\WINDOWS\Prefetch
2015-07-29 19:13:40 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-29 19:13:05 ----D---- C:\WINDOWS\system32
2015-07-29 19:12:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-29 15:32:30 ----D---- C:\Program Files
2015-07-29 13:32:27 ----A---- C:\WINDOWS\ET94.ini
2015-07-29 13:22:09 ----SD---- C:\WINDOWS\Tasks
2015-07-29 13:22:02 ----D---- C:\Program Files\Common Files
2015-07-29 13:15:34 ----D---- C:\Documents and Settings\udrzba\Application Data\Skype
2015-07-29 13:11:42 ----SHD---- C:\WINDOWS\CSC
2015-07-29 13:06:11 ----D---- C:\WINDOWS\system32\config
2015-07-29 13:02:57 ----D---- C:\Program Files\Opera
2015-07-29 12:44:54 ----D---- C:\WINDOWS
2015-07-29 12:44:50 ----D---- C:\WINDOWS\system
2015-07-29 12:43:36 ----A---- C:\WINDOWS\SIM94.ini
2015-07-29 12:42:05 ----SHD---- C:\WINDOWS\Installer
2015-07-29 12:42:04 ----SHD---- C:\Config.Msi
2015-07-29 12:42:00 ----D---- C:\WINDOWS\WinSxS
2015-07-29 12:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\tmp
2015-07-29 10:35:09 ----HD---- C:\WINDOWS\inf
2015-07-29 09:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2015-07-29 08:59:15 ----D---- C:\WINDOWS\system32\cache
2015-07-12 11:00:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2015-07-10 08:26:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-10 06:03:08 ----D---- C:\Quarantine
2015-07-08 09:51:42 ----A---- C:\WINDOWS\system32\KevlarSigs.dll
2015-07-04 22:24:43 ----A---- C:\WINDOWS\ENG_KS98.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86;ahcix86; C:\WINDOWS\system32\DRIVERS\ahcix86.sys [2009-08-31 184888]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-04-28 140544]
R0 FirePM;McAfee HIP Component FirePM; C:\WINDOWS\system32\Drivers\FirePM.sys [2010-02-16 138528]
R0 hpdskflt;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2011-01-06 25144]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2011-05-20 461592]
R0 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-02-16 343920]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2006-04-24 100736]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2006-04-24 82944]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2015-03-02 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 FireTDI;McAfee HIP Component FireTDI; \??\C:\WINDOWS\system32\Drivers\FireTDI.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\Mfetdik.sys [2010-02-16 64208]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-10-23 114376]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 Dpmtrcdd;Dpmtrcdd; C:\WINDOWS\System32\DRIVERS\dpmtrcdd.sys [2010-01-09 28331]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Peakcan;Peakcan; C:\WINDOWS\System32\Drivers\Peakcan.sys [2006-10-10 175248]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver; C:\WINDOWS\System32\Drivers\S7odpx2x.sys [2014-01-16 77312]
R2 S7oppilx;Siemens PC/PPI Cable; C:\WINDOWS\System32\Drivers\S7oppilx.sys [2014-01-16 131584]
R2 s7osmcax;s7osmcax; C:\WINDOWS\System32\Drivers\s7osmcax.sys [2014-01-16 185856]
R2 s7otranx;s7otranx; C:\WINDOWS\System32\Drivers\s7otranx.sys [2014-01-16 509440]
R2 s7otsadx;s7otsadx; C:\WINDOWS\System32\Drivers\s7otsadx.sys [2014-01-16 183808]
R2 s7ousbu32x;SIMATIC USB Service; C:\WINDOWS\system32\DRIVERS\s7ousbu32x.sys [2014-01-16 124672]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\WINDOWS\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 69848]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\WINDOWS\system32\DRIVERS\sntie.sys [2013-10-28 276192]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2011-01-06 32440]
R3 AESTAud;IDT AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-04-21 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-08-10 6407680]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-11-18 556200]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2010-01-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2010-07-23 932136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-11-18 118440]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-07-23 51752]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c5132.sys [2010-12-21 174248]
R3 FirehkMP;FirehkMP; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
R3 firelm01;firelm01; \??\C:\WINDOWS\system32\drivers\firelm01.sys []
R3 fwkbdrtm;fwkbdrtm; \??\C:\WINDOWS\system32\drivers\fwkbdrtm.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HIPK;McAfee Inc. HIPK; C:\WINDOWS\system32\drivers\HIPK.sys [2010-02-16 107896]
R3 HIPPSK;McAfee Inc. HIPPSK; C:\WINDOWS\system32\drivers\HIPPSK.sys [2010-02-16 38680]
R3 HIPQK;McAfee Inc. HIPQK; C:\WINDOWS\system32\drivers\HIPQK.sys [2010-02-16 35584]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-06-25 41216]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2011-01-31 144472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MEI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-02-16 75704]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-27 73512]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-27 34408]
R3 NETwNx32;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwNx32.sys [2010-12-21 7391104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2011-01-27 1660547]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2011-09-15 295856]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 a320raid;a320raid; C:\WINDOWS\system32\DRIVERS\a320raid.sys [2004-05-08 251194]
S0 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2003-09-04 132608]
S0 SAS5XSYM;SAS5XSYM; C:\WINDOWS\system32\DRIVERS\SAS5XSYM.sys [2005-11-17 92672]
S0 SI3114r;SiI-3114 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\SI3114R.sys [2003-09-22 96906]
S0 SYMMPI;SYMMPI; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2007-02-10 100096]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 ar1pggfl;ar1pggfl; C:\WINDOWS\system32\drivers\ar1pggfl.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dpmcslv;dpmcslv; C:\WINDOWS\system32\drivers\dpmcslv.sys [2005-07-04 68280]
S3 Firehk;McAfee NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys []
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-11-11 2171840]
S3 IntcDAud;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 260864]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mxuwdrv2;MOXA UPort 1110/1130/1150 Windows Driver; C:\WINDOWS\system32\DRIVERS\mxuwdrv2.sys [2013-05-14 59904]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Pcan_usb;PEAK PCAN_USB driver for CAN hardware; C:\WINDOWS\system32\DRIVERS\PCAN_USB.SYS [2012-01-24 470784]
S3 S5AS511;S5AS511; C:\WINDOWS\system32\drivers\S5AS511.sys [2001-11-21 15360]
S3 S5MCD;S5MCD; C:\WINDOWS\system32\drivers\S5MCD.sys [2001-11-21 188416]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\WINDOWS\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 s7oppitx;s7oppitx; C:\WINDOWS\System32\Drivers\S7oppitx.sys [2014-01-16 95232]
S3 S7OUSBM32X;SIMATIC USB Device - USB Driver Service; C:\WINDOWS\system32\DRIVERS\s7ousbm32x.sys [2013-01-07 39936]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SPUVCbv;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;WinUSB Service; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2013-01-08 1183608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-08-09 638976]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2010-07-30 365912]
R2 CMI Service;CMI Service; C:\WINDOWS\DSClient\CMI\Bin\CMI.exe [2011-04-28 58880]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-02-16 1498224]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2010-09-27 4180576]
R2 hips;McAfee HIPSCore Service; C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe [2010-02-16 35696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6u26\bin\jqs.exe [2011-09-09 153376]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-02-03 120128]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2009-01-27 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2009-06-10 49152]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-02-16 70728]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 s7asysvx;S7 Global Services; C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe [2011-10-31 69685]
R2 s7oiehsx;SIMATIC S7DOS Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2014-01-16 425696]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2014-01-16 560864]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-02 163328]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 STacSV;Audio Service; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-27 274514]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-02 363008]
S2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-02 245248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-02 264704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [2015-06-26 235696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OPCEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-02 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-02 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-02 101888]
S3 U7Service;U7Service; C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe [2014-05-05 81344]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2012-09-27 129632]
S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-25 2161976]
S4 UxTuneUp;AVG Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\WINDOWS\system32\mncpewb.vbe
C:\WINDOWS\inf\msstp.vbe
C:\WINDOWS\system32\mncjbpshl.vbe
C:\Program Files\Google\GoogleToolbarNotifier
C:\Program Files\McAfee Security Scan
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\WINDOWS\ET94.ini
C:\WINDOWS\SIM94.ini
C:\WINDOWS\ENG_KS98.ini
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mncpewbSrv"=-
"MSStp"=-
"mncjbpshlSrv"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
:services
ar1pggfl
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by udrzba at 2015-07-30 13:02:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (44%) free of 84 GB
Total RAM: 3054 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:02:52 PM, on 7/30/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
C:\Program Files\Java\jre6u26\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
C:\Program Files\Common Files\Siemens\SimNetCom\PNIOMGR.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\SIEMENS\SIMATIC.NET\SimNetCom\pniopcac.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\DSClient\dsinfo\DSInfo.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Softing\Profibus Tester\PBTTray.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Skype\Updater\Updater.exe
D:\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\udrzba.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
F2 - REG:system.ini: UserInit=C:\windows\dsclient\cmi\bin\CMIAgent.exe user
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DSInfoTool] C:\WINDOWS\DSClient\dsinfo\DSInfo.exe C:\WINDOWS\DSClient\dsinfo\ds.bgi /taskbar /accepteula
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinCC flexible Smart Start] "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'Default user')
O4 - Startup: PBT3 Tester Scan.lnk = C:\Program Files\Softing\Profibus Tester\PBTTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit poekladae - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &oznaeený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0947301046
O17 - HKLM\System\CCS\Services\Tcpip\..\{024F9A4A-8736-45CB-B791-71D6D4314E96}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{024F9A4A-8736-45CB-B791-71D6D4314E96}: NameServer = 8.8.8.8,8.8.4.4
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: CMI Service - Unknown owner - C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
O23 - Service: McAfee Host Intrusion Prevention Service (enterceptAgent) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: McAfee HIPSCore Service (hips) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6u26\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OPCEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC S7DOS Help Service (s7oiehsx) - Siemens AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - Siemens AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: U7Service - SIEMENS AG - C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe
--
End of file - 15731 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_191_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Ball Kit.job - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\udrzba\Local Settings\Application Data\Ball Kit\Bin\BallKit.dll",#3
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1376201002.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\User_Feed_Synchronization-{63DAEE05-5E96-4AAC-82BE-24B81EE2E5D2}.job - C:\WINDOWS\system32\msfeedssync.exe sync
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents [2015-06-24 63]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2009-06-10 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll [2011-09-09 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents [2015-06-24 63]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-29 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DSInfoTool"=C:\WINDOWS\DSClient\dsinfo\DSInfo.exe [2009-11-20 844648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-11-19 176152]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-11-19 145944]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-04-21 737280]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-08-10 98304]
"WinCC flexible Smart Start"=C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [2011-12-14 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-15 2295080]
"S7UB Start"=C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [2010-06-03 102453]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-06-10 106496]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-02-03 161088]
"McAfee Host Intrusion Prevention Tray"=C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [2010-02-16 979104]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-11-19 142360]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2009-09-05 385024]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]
"cz.seznam.software.szndesktop"=C:\Documents [2015-06-24 63]
"cz.seznam.software.autoupdate"=C:\Documents [2015-06-24 63]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-06-02 28785792]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\udrzba\Start Menu\Programs\Startup
PBT3 Tester Scan.lnk - C:\Program Files\Softing\Profibus Tester\PBTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-08-09 188416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-11-11 267776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2007 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Import/Export Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad"
"C:\WINDOWS\system32\s7epatsx.exe"="C:\WINDOWS\system32\s7epatsx.exe:*:Enabled:Configuration of STEP 7 - Communication"
"C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe"="C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe:*:Enabled:Konfigurationsprogramm für ACCON-NetLink"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe:*:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe:*:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe:LocalSubNet:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:LocalSubNet:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:LocalSubNet:Enabled:WinCC flexible RT Module HmiLoad"
"C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe:LocalSubNet:Enabled:CCAgent"
"C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe"="C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe:LocalSubNet:Enabled:RedundancyControl"
"C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe:LocalSubNet:Enabled:CCEServer"
"C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe"="C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe:*:Enabled:MFC-Anwendung License-Key"
"C:\Program Files\SEW\SEW-Communication-Server\Secos.exe"="C:\Program Files\SEW\SEW-Communication-Server\Secos.exe:*:Enabled:SEW-Communication-Server for Movitools-Motion-Studio"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP License Manager"
"C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\WINDOWS\system32\s7otbxsx.exe"="C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration"
"C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe"="C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox"
"C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe"="C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe"="C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe:LocalSubNet:Enabled:Automation License Manager Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\WINDOWS\system32\cba\pds.exe"="C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service"
"C:\WINDOWS\system32\msgsys.exe"="C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service"
"C:\Program Files\LANDesk\LDClient\issuser.exe"="C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent"
"C:\Program Files\LANDesk\Shared Files\residentagent.exe"="C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent"
"C:\Program Files\LANDesk\LDClient\tmcsvc.exe"="C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.DVSD"=pdvcodec.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======File associations======
.js - edit - C:\WINDOWS\system32\Notepad.exe %1
.js - open - C:\WINDOWS\system32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\system32\Notepad.exe %1
.vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-30 12:58:01 ----A---- C:\WINDOWS\system32\api_hook_list.dat
2015-07-30 12:53:33 ----D---- C:\_OTM
2015-07-30 06:56:34 ----A---- C:\WINDOWS\system32\HIPIS0e011b3.dll
2015-07-29 15:32:30 ----D---- C:\rsit
2015-07-29 15:32:30 ----D---- C:\Program Files\trend micro
2015-07-29 13:09:20 ----D---- C:\AdwCleaner
2015-07-06 09:59:04 ----A---- C:\ftconfig.ini
======List of files/folders modified in the last 1 month======
2015-07-30 13:00:55 ----D---- C:\WINDOWS\TEMP
2015-07-30 12:58:11 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-30 12:58:01 ----D---- C:\WINDOWS\system32
2015-07-30 12:56:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-30 12:53:58 ----D---- C:\WINDOWS
2015-07-30 12:53:58 ----D---- C:\Program Files\Google
2015-07-30 12:53:58 ----D---- C:\Program Files
2015-07-30 12:53:55 ----HD---- C:\WINDOWS\inf
2015-07-30 12:37:56 ----D---- C:\Documents and Settings\udrzba\Application Data\Seznam.cz
2015-07-30 07:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-30 06:30:31 ----SHD---- C:\Config.Msi
2015-07-30 06:30:28 ----SHD---- C:\WINDOWS\Installer
2015-07-30 06:30:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-30 06:30:23 ----RSD---- C:\WINDOWS\assembly
2015-07-30 06:30:22 ----D---- C:\WINDOWS\WinSxS
2015-07-30 06:17:47 ----D---- C:\WINDOWS\Prefetch
2015-07-30 06:11:38 ----D---- C:\WINDOWS\Network Diagnostic
2015-07-29 13:22:09 ----SD---- C:\WINDOWS\Tasks
2015-07-29 13:22:02 ----D---- C:\Program Files\Common Files
2015-07-29 13:15:34 ----D---- C:\Documents and Settings\udrzba\Application Data\Skype
2015-07-29 13:11:42 ----SHD---- C:\WINDOWS\CSC
2015-07-29 13:06:11 ----D---- C:\WINDOWS\system32\config
2015-07-29 13:02:57 ----D---- C:\Program Files\Opera
2015-07-29 12:44:50 ----D---- C:\WINDOWS\system
2015-07-29 12:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\tmp
2015-07-29 09:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2015-07-29 08:59:15 ----D---- C:\WINDOWS\system32\cache
2015-07-12 11:00:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2015-07-10 08:26:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-10 06:03:08 ----D---- C:\Quarantine
2015-07-08 09:51:42 ----A---- C:\WINDOWS\system32\KevlarSigs.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86;ahcix86; C:\WINDOWS\system32\DRIVERS\ahcix86.sys [2009-08-31 184888]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-04-28 140544]
R0 FirePM;McAfee HIP Component FirePM; C:\WINDOWS\system32\Drivers\FirePM.sys [2010-02-16 138528]
R0 hpdskflt;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2011-01-06 25144]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2011-05-20 461592]
R0 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-02-16 343920]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2006-04-24 100736]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2006-04-24 82944]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2015-03-02 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 FireTDI;McAfee HIP Component FireTDI; \??\C:\WINDOWS\system32\Drivers\FireTDI.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\Mfetdik.sys [2010-02-16 64208]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-10-23 114376]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 Dpmtrcdd;Dpmtrcdd; C:\WINDOWS\System32\DRIVERS\dpmtrcdd.sys [2010-01-09 28331]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Peakcan;Peakcan; C:\WINDOWS\System32\Drivers\Peakcan.sys [2006-10-10 175248]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver; C:\WINDOWS\System32\Drivers\S7odpx2x.sys [2014-01-16 77312]
R2 S7oppilx;Siemens PC/PPI Cable; C:\WINDOWS\System32\Drivers\S7oppilx.sys [2014-01-16 131584]
R2 s7osmcax;s7osmcax; C:\WINDOWS\System32\Drivers\s7osmcax.sys [2014-01-16 185856]
R2 s7otranx;s7otranx; C:\WINDOWS\System32\Drivers\s7otranx.sys [2014-01-16 509440]
R2 s7otsadx;s7otsadx; C:\WINDOWS\System32\Drivers\s7otsadx.sys [2014-01-16 183808]
R2 s7ousbu32x;SIMATIC USB Service; C:\WINDOWS\system32\DRIVERS\s7ousbu32x.sys [2014-01-16 124672]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\WINDOWS\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 69848]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\WINDOWS\system32\DRIVERS\sntie.sys [2013-10-28 276192]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2011-01-06 32440]
R3 AESTAud;IDT AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-04-21 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-08-10 6407680]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-11-18 556200]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2010-01-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2010-07-23 932136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-11-18 118440]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-07-23 51752]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c5132.sys [2010-12-21 174248]
R3 FirehkMP;FirehkMP; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
R3 firelm01;firelm01; \??\C:\WINDOWS\system32\drivers\firelm01.sys []
R3 fwkbdrtm;fwkbdrtm; \??\C:\WINDOWS\system32\drivers\fwkbdrtm.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HIPK;McAfee Inc. HIPK; C:\WINDOWS\system32\drivers\HIPK.sys [2010-02-16 107896]
R3 HIPPSK;McAfee Inc. HIPPSK; C:\WINDOWS\system32\drivers\HIPPSK.sys [2010-02-16 38680]
R3 HIPQK;McAfee Inc. HIPQK; C:\WINDOWS\system32\drivers\HIPQK.sys [2010-02-16 35584]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-06-25 41216]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2011-01-31 144472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MEI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-02-16 75704]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-27 73512]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-27 34408]
R3 NETwNx32;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwNx32.sys [2010-12-21 7391104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2011-01-27 1660547]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2011-09-15 295856]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 a320raid;a320raid; C:\WINDOWS\system32\DRIVERS\a320raid.sys [2004-05-08 251194]
S0 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2003-09-04 132608]
S0 SAS5XSYM;SAS5XSYM; C:\WINDOWS\system32\DRIVERS\SAS5XSYM.sys [2005-11-17 92672]
S0 SI3114r;SiI-3114 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\SI3114R.sys [2003-09-22 96906]
S0 SYMMPI;SYMMPI; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2007-02-10 100096]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 adfxvqj2;adfxvqj2; C:\WINDOWS\system32\drivers\adfxvqj2.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dpmcslv;dpmcslv; C:\WINDOWS\system32\drivers\dpmcslv.sys [2005-07-04 68280]
S3 Firehk;McAfee NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys []
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-11-11 2171840]
S3 IntcDAud;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 260864]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mxuwdrv2;MOXA UPort 1110/1130/1150 Windows Driver; C:\WINDOWS\system32\DRIVERS\mxuwdrv2.sys [2013-05-14 59904]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Pcan_usb;PEAK PCAN_USB driver for CAN hardware; C:\WINDOWS\system32\DRIVERS\PCAN_USB.SYS [2012-01-24 470784]
S3 S5AS511;S5AS511; C:\WINDOWS\system32\drivers\S5AS511.sys [2001-11-21 15360]
S3 S5MCD;S5MCD; C:\WINDOWS\system32\drivers\S5MCD.sys [2001-11-21 188416]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\WINDOWS\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 s7oppitx;s7oppitx; C:\WINDOWS\System32\Drivers\S7oppitx.sys [2014-01-16 95232]
S3 S7OUSBM32X;SIMATIC USB Device - USB Driver Service; C:\WINDOWS\system32\DRIVERS\s7ousbm32x.sys [2013-01-07 39936]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SPUVCbv;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;WinUSB Service; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2013-01-08 1183608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-08-09 638976]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2010-07-30 365912]
R2 CMI Service;CMI Service; C:\WINDOWS\DSClient\CMI\Bin\CMI.exe [2011-04-28 58880]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-02-16 1498224]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2010-09-27 4180576]
R2 hips;McAfee HIPSCore Service; C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe [2010-02-16 35696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6u26\bin\jqs.exe [2011-09-09 153376]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-02-03 120128]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2009-01-27 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2009-06-10 49152]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-02-16 70728]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 s7asysvx;S7 Global Services; C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe [2011-10-31 69685]
R2 s7oiehsx;SIMATIC S7DOS Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2014-01-16 425696]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2014-01-16 560864]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-02 163328]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 STacSV;Audio Service; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-27 274514]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-02 363008]
S2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-02 245248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-02 264704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OPCEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-02 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-02 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-02 101888]
S3 U7Service;U7Service; C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe [2014-05-05 81344]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2012-09-27 129632]
S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-25 2161976]
S4 UxTuneUp;AVG Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
a jeste log z OTM
All processes killed
========== FILES ==========
C:\WINDOWS\system32\mncpewb.vbe moved successfully.
C:\WINDOWS\inf\msstp.vbe moved successfully.
C:\WINDOWS\system32\mncjbpshl.vbe moved successfully.
C:\Program Files\Google\GoogleToolbarNotifier\5.12.11510.1228 folder moved successfully.
C:\Program Files\Google\GoogleToolbarNotifier folder moved successfully.
C:\Program Files\McAfee Security Scan\3.11.149\sacoredata folder moved successfully.
C:\Program Files\McAfee Security Scan\3.11.149 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
C:\WINDOWS\ET94.ini moved successfully.
C:\WINDOWS\SIM94.ini moved successfully.
C:\WINDOWS\ENG_KS98.ini moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mncpewbSrv deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSStp deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mncjbpshlSrv deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named ar1pggfl was found to stop!
Service\Driver key ar1pggfl not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: elektro
->Temp folder emptied: 17199 bytes
->Temporary Internet Files folder emptied: 70726 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: udrzba
->Temp folder emptied: 2272958 bytes
->Temporary Internet Files folder emptied: 6590966 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 14496632 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 285228718 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 246758873 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 531.00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: elektro
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: udrzba
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 07302015_125333
Files moved on Reboot...
File move failed. C:\WINDOWS\temp\BtwEventTrace_5_6_0_5600.etl scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Run by udrzba at 2015-07-30 13:02:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (44%) free of 84 GB
Total RAM: 3054 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:02:52 PM, on 7/30/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
C:\Program Files\Java\jre6u26\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
C:\Program Files\Common Files\Siemens\SimNetCom\PNIOMGR.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\SIEMENS\SIMATIC.NET\SimNetCom\pniopcac.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\DSClient\dsinfo\DSInfo.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Softing\Profibus Tester\PBTTray.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Skype\Updater\Updater.exe
D:\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\udrzba.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
F2 - REG:system.ini: UserInit=C:\windows\dsclient\cmi\bin\CMIAgent.exe user
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DSInfoTool] C:\WINDOWS\DSClient\dsinfo\DSInfo.exe C:\WINDOWS\DSClient\dsinfo\ds.bgi /taskbar /accepteula
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinCC flexible Smart Start] "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'Default user')
O4 - Startup: PBT3 Tester Scan.lnk = C:\Program Files\Softing\Profibus Tester\PBTTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit poekladae - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &oznaeený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0947301046
O17 - HKLM\System\CCS\Services\Tcpip\..\{024F9A4A-8736-45CB-B791-71D6D4314E96}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{024F9A4A-8736-45CB-B791-71D6D4314E96}: NameServer = 8.8.8.8,8.8.4.4
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: CMI Service - Unknown owner - C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
O23 - Service: McAfee Host Intrusion Prevention Service (enterceptAgent) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: McAfee HIPSCore Service (hips) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6u26\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OPCEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC S7DOS Help Service (s7oiehsx) - Siemens AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - Siemens AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: U7Service - SIEMENS AG - C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe
--
End of file - 15731 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_191_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Ball Kit.job - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\udrzba\Local Settings\Application Data\Ball Kit\Bin\BallKit.dll",#3
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1376201002.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\User_Feed_Synchronization-{63DAEE05-5E96-4AAC-82BE-24B81EE2E5D2}.job - C:\WINDOWS\system32\msfeedssync.exe sync
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents [2015-06-24 63]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2009-06-10 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll [2011-09-09 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents [2015-06-24 63]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-29 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DSInfoTool"=C:\WINDOWS\DSClient\dsinfo\DSInfo.exe [2009-11-20 844648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-11-19 176152]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-11-19 145944]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-04-21 737280]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-08-10 98304]
"WinCC flexible Smart Start"=C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [2011-12-14 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-15 2295080]
"S7UB Start"=C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [2010-06-03 102453]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-06-10 106496]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-02-03 161088]
"McAfee Host Intrusion Prevention Tray"=C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [2010-02-16 979104]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-11-19 142360]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2009-09-05 385024]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]
"cz.seznam.software.szndesktop"=C:\Documents [2015-06-24 63]
"cz.seznam.software.autoupdate"=C:\Documents [2015-06-24 63]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-06-02 28785792]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\udrzba\Start Menu\Programs\Startup
PBT3 Tester Scan.lnk - C:\Program Files\Softing\Profibus Tester\PBTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-08-09 188416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-11-11 267776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2007 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Import/Export Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad"
"C:\WINDOWS\system32\s7epatsx.exe"="C:\WINDOWS\system32\s7epatsx.exe:*:Enabled:Configuration of STEP 7 - Communication"
"C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe"="C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe:*:Enabled:Konfigurationsprogramm für ACCON-NetLink"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe:*:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe:*:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe:LocalSubNet:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:LocalSubNet:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:LocalSubNet:Enabled:WinCC flexible RT Module HmiLoad"
"C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe:LocalSubNet:Enabled:CCAgent"
"C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe"="C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe:LocalSubNet:Enabled:RedundancyControl"
"C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe:LocalSubNet:Enabled:CCEServer"
"C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe"="C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe:*:Enabled:MFC-Anwendung License-Key"
"C:\Program Files\SEW\SEW-Communication-Server\Secos.exe"="C:\Program Files\SEW\SEW-Communication-Server\Secos.exe:*:Enabled:SEW-Communication-Server for Movitools-Motion-Studio"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP License Manager"
"C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\WINDOWS\system32\s7otbxsx.exe"="C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration"
"C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe"="C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox"
"C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe"="C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe"="C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe:LocalSubNet:Enabled:Automation License Manager Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\WINDOWS\system32\cba\pds.exe"="C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service"
"C:\WINDOWS\system32\msgsys.exe"="C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service"
"C:\Program Files\LANDesk\LDClient\issuser.exe"="C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent"
"C:\Program Files\LANDesk\Shared Files\residentagent.exe"="C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent"
"C:\Program Files\LANDesk\LDClient\tmcsvc.exe"="C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.DVSD"=pdvcodec.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======File associations======
.js - edit - C:\WINDOWS\system32\Notepad.exe %1
.js - open - C:\WINDOWS\system32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\system32\Notepad.exe %1
.vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-30 12:58:01 ----A---- C:\WINDOWS\system32\api_hook_list.dat
2015-07-30 12:53:33 ----D---- C:\_OTM
2015-07-30 06:56:34 ----A---- C:\WINDOWS\system32\HIPIS0e011b3.dll
2015-07-29 15:32:30 ----D---- C:\rsit
2015-07-29 15:32:30 ----D---- C:\Program Files\trend micro
2015-07-29 13:09:20 ----D---- C:\AdwCleaner
2015-07-06 09:59:04 ----A---- C:\ftconfig.ini
======List of files/folders modified in the last 1 month======
2015-07-30 13:00:55 ----D---- C:\WINDOWS\TEMP
2015-07-30 12:58:11 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-30 12:58:01 ----D---- C:\WINDOWS\system32
2015-07-30 12:56:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-30 12:53:58 ----D---- C:\WINDOWS
2015-07-30 12:53:58 ----D---- C:\Program Files\Google
2015-07-30 12:53:58 ----D---- C:\Program Files
2015-07-30 12:53:55 ----HD---- C:\WINDOWS\inf
2015-07-30 12:37:56 ----D---- C:\Documents and Settings\udrzba\Application Data\Seznam.cz
2015-07-30 07:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-30 06:30:31 ----SHD---- C:\Config.Msi
2015-07-30 06:30:28 ----SHD---- C:\WINDOWS\Installer
2015-07-30 06:30:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-30 06:30:23 ----RSD---- C:\WINDOWS\assembly
2015-07-30 06:30:22 ----D---- C:\WINDOWS\WinSxS
2015-07-30 06:17:47 ----D---- C:\WINDOWS\Prefetch
2015-07-30 06:11:38 ----D---- C:\WINDOWS\Network Diagnostic
2015-07-29 13:22:09 ----SD---- C:\WINDOWS\Tasks
2015-07-29 13:22:02 ----D---- C:\Program Files\Common Files
2015-07-29 13:15:34 ----D---- C:\Documents and Settings\udrzba\Application Data\Skype
2015-07-29 13:11:42 ----SHD---- C:\WINDOWS\CSC
2015-07-29 13:06:11 ----D---- C:\WINDOWS\system32\config
2015-07-29 13:02:57 ----D---- C:\Program Files\Opera
2015-07-29 12:44:50 ----D---- C:\WINDOWS\system
2015-07-29 12:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\tmp
2015-07-29 09:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2015-07-29 08:59:15 ----D---- C:\WINDOWS\system32\cache
2015-07-12 11:00:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2015-07-10 08:26:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-10 06:03:08 ----D---- C:\Quarantine
2015-07-08 09:51:42 ----A---- C:\WINDOWS\system32\KevlarSigs.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86;ahcix86; C:\WINDOWS\system32\DRIVERS\ahcix86.sys [2009-08-31 184888]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-04-28 140544]
R0 FirePM;McAfee HIP Component FirePM; C:\WINDOWS\system32\Drivers\FirePM.sys [2010-02-16 138528]
R0 hpdskflt;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2011-01-06 25144]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2011-05-20 461592]
R0 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-02-16 343920]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2006-04-24 100736]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2006-04-24 82944]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2015-03-02 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 FireTDI;McAfee HIP Component FireTDI; \??\C:\WINDOWS\system32\Drivers\FireTDI.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\Mfetdik.sys [2010-02-16 64208]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-10-23 114376]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 Dpmtrcdd;Dpmtrcdd; C:\WINDOWS\System32\DRIVERS\dpmtrcdd.sys [2010-01-09 28331]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Peakcan;Peakcan; C:\WINDOWS\System32\Drivers\Peakcan.sys [2006-10-10 175248]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver; C:\WINDOWS\System32\Drivers\S7odpx2x.sys [2014-01-16 77312]
R2 S7oppilx;Siemens PC/PPI Cable; C:\WINDOWS\System32\Drivers\S7oppilx.sys [2014-01-16 131584]
R2 s7osmcax;s7osmcax; C:\WINDOWS\System32\Drivers\s7osmcax.sys [2014-01-16 185856]
R2 s7otranx;s7otranx; C:\WINDOWS\System32\Drivers\s7otranx.sys [2014-01-16 509440]
R2 s7otsadx;s7otsadx; C:\WINDOWS\System32\Drivers\s7otsadx.sys [2014-01-16 183808]
R2 s7ousbu32x;SIMATIC USB Service; C:\WINDOWS\system32\DRIVERS\s7ousbu32x.sys [2014-01-16 124672]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\WINDOWS\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 69848]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\WINDOWS\system32\DRIVERS\sntie.sys [2013-10-28 276192]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2011-01-06 32440]
R3 AESTAud;IDT AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-04-21 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-08-10 6407680]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-11-18 556200]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2010-01-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2010-07-23 932136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-11-18 118440]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-07-23 51752]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c5132.sys [2010-12-21 174248]
R3 FirehkMP;FirehkMP; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
R3 firelm01;firelm01; \??\C:\WINDOWS\system32\drivers\firelm01.sys []
R3 fwkbdrtm;fwkbdrtm; \??\C:\WINDOWS\system32\drivers\fwkbdrtm.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HIPK;McAfee Inc. HIPK; C:\WINDOWS\system32\drivers\HIPK.sys [2010-02-16 107896]
R3 HIPPSK;McAfee Inc. HIPPSK; C:\WINDOWS\system32\drivers\HIPPSK.sys [2010-02-16 38680]
R3 HIPQK;McAfee Inc. HIPQK; C:\WINDOWS\system32\drivers\HIPQK.sys [2010-02-16 35584]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-06-25 41216]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2011-01-31 144472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MEI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-02-16 75704]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-27 73512]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-27 34408]
R3 NETwNx32;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwNx32.sys [2010-12-21 7391104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2011-01-27 1660547]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2011-09-15 295856]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 a320raid;a320raid; C:\WINDOWS\system32\DRIVERS\a320raid.sys [2004-05-08 251194]
S0 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2003-09-04 132608]
S0 SAS5XSYM;SAS5XSYM; C:\WINDOWS\system32\DRIVERS\SAS5XSYM.sys [2005-11-17 92672]
S0 SI3114r;SiI-3114 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\SI3114R.sys [2003-09-22 96906]
S0 SYMMPI;SYMMPI; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2007-02-10 100096]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 adfxvqj2;adfxvqj2; C:\WINDOWS\system32\drivers\adfxvqj2.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dpmcslv;dpmcslv; C:\WINDOWS\system32\drivers\dpmcslv.sys [2005-07-04 68280]
S3 Firehk;McAfee NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys []
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-11-11 2171840]
S3 IntcDAud;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 260864]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mxuwdrv2;MOXA UPort 1110/1130/1150 Windows Driver; C:\WINDOWS\system32\DRIVERS\mxuwdrv2.sys [2013-05-14 59904]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Pcan_usb;PEAK PCAN_USB driver for CAN hardware; C:\WINDOWS\system32\DRIVERS\PCAN_USB.SYS [2012-01-24 470784]
S3 S5AS511;S5AS511; C:\WINDOWS\system32\drivers\S5AS511.sys [2001-11-21 15360]
S3 S5MCD;S5MCD; C:\WINDOWS\system32\drivers\S5MCD.sys [2001-11-21 188416]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\WINDOWS\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 s7oppitx;s7oppitx; C:\WINDOWS\System32\Drivers\S7oppitx.sys [2014-01-16 95232]
S3 S7OUSBM32X;SIMATIC USB Device - USB Driver Service; C:\WINDOWS\system32\DRIVERS\s7ousbm32x.sys [2013-01-07 39936]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SPUVCbv;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;WinUSB Service; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2013-01-08 1183608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-08-09 638976]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2010-07-30 365912]
R2 CMI Service;CMI Service; C:\WINDOWS\DSClient\CMI\Bin\CMI.exe [2011-04-28 58880]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-02-16 1498224]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2010-09-27 4180576]
R2 hips;McAfee HIPSCore Service; C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe [2010-02-16 35696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6u26\bin\jqs.exe [2011-09-09 153376]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-02-03 120128]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2009-01-27 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2009-06-10 49152]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-02-16 70728]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 s7asysvx;S7 Global Services; C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe [2011-10-31 69685]
R2 s7oiehsx;SIMATIC S7DOS Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2014-01-16 425696]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2014-01-16 560864]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-02 163328]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 STacSV;Audio Service; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-27 274514]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-02 363008]
S2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-02 245248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-02 264704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OPCEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-02 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-02 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-02 101888]
S3 U7Service;U7Service; C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe [2014-05-05 81344]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2012-09-27 129632]
S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-25 2161976]
S4 UxTuneUp;AVG Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
a jeste log z OTM
All processes killed
========== FILES ==========
C:\WINDOWS\system32\mncpewb.vbe moved successfully.
C:\WINDOWS\inf\msstp.vbe moved successfully.
C:\WINDOWS\system32\mncjbpshl.vbe moved successfully.
C:\Program Files\Google\GoogleToolbarNotifier\5.12.11510.1228 folder moved successfully.
C:\Program Files\Google\GoogleToolbarNotifier folder moved successfully.
C:\Program Files\McAfee Security Scan\3.11.149\sacoredata folder moved successfully.
C:\Program Files\McAfee Security Scan\3.11.149 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
C:\WINDOWS\ET94.ini moved successfully.
C:\WINDOWS\SIM94.ini moved successfully.
C:\WINDOWS\ENG_KS98.ini moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mncpewbSrv deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSStp deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mncjbpshlSrv deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named ar1pggfl was found to stop!
Service\Driver key ar1pggfl not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: elektro
->Temp folder emptied: 17199 bytes
->Temporary Internet Files folder emptied: 70726 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: udrzba
->Temp folder emptied: 2272958 bytes
->Temporary Internet Files folder emptied: 6590966 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 14496632 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 285228718 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 246758873 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 531.00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: elektro
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: udrzba
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 07302015_125333
Files moved on Reboot...
File move failed. C:\WINDOWS\temp\BtwEventTrace_5_6_0_5600.etl scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Ještě jednou. Do levého okna OTM zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files\Google\Google Toolbar
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-
:commands
[Emptytemp]
[Emptyflash]
[Resethosts]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Nový log z RSITu
Logfile of random's system information tool 1.10 (written by random/random)
Run by udrzba at 2015-07-31 13:09:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (44%) free of 84 GB
Total RAM: 3054 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:09:25 PM, on 7/31/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
C:\Program Files\Java\jre6u26\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
C:\Program Files\Common Files\Siemens\SimNetCom\PNIOMGR.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SIEMENS\SIMATIC.NET\SimNetCom\pniopcac.exe
C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\DSClient\dsinfo\DSInfo.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Softing\Profibus Tester\PBTTray.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Skype\Updater\Updater.exe
D:\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\udrzba.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
F2 - REG:system.ini: UserInit=C:\windows\dsclient\cmi\bin\CMIAgent.exe user
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [DSInfoTool] C:\WINDOWS\DSClient\dsinfo\DSInfo.exe C:\WINDOWS\DSClient\dsinfo\ds.bgi /taskbar /accepteula
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinCC flexible Smart Start] "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'Default user')
O4 - Startup: PBT3 Tester Scan.lnk = C:\Program Files\Softing\Profibus Tester\PBTTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit poekladae - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &oznaeený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0947301046
O17 - HKLM\System\CCS\Services\Tcpip\..\{024F9A4A-8736-45CB-B791-71D6D4314E96}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{024F9A4A-8736-45CB-B791-71D6D4314E96}: NameServer = 8.8.8.8,8.8.4.4
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: CMI Service - Unknown owner - C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
O23 - Service: McAfee Host Intrusion Prevention Service (enterceptAgent) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: McAfee HIPSCore Service (hips) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6u26\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OPCEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC S7DOS Help Service (s7oiehsx) - Siemens AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - Siemens AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: U7Service - SIEMENS AG - C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe
--
End of file - 15332 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_191_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Ball Kit.job - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\udrzba\Local Settings\Application Data\Ball Kit\Bin\BallKit.dll",#3
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1376201002.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\User_Feed_Synchronization-{63DAEE05-5E96-4AAC-82BE-24B81EE2E5D2}.job - C:\WINDOWS\system32\msfeedssync.exe sync
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents [2015-06-24 63]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2009-06-10 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll [2011-09-09 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-09 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DSInfoTool"=C:\WINDOWS\DSClient\dsinfo\DSInfo.exe [2009-11-20 844648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-11-19 176152]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-11-19 145944]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-04-21 737280]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-08-10 98304]
"WinCC flexible Smart Start"=C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [2011-12-14 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-15 2295080]
"S7UB Start"=C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [2010-06-03 102453]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-06-10 106496]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-02-03 161088]
"McAfee Host Intrusion Prevention Tray"=C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [2010-02-16 979104]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-11-19 142360]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2009-09-05 385024]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]
"cz.seznam.software.szndesktop"=C:\Documents [2015-06-24 63]
"cz.seznam.software.autoupdate"=C:\Documents [2015-06-24 63]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-06-02 28785792]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\udrzba\Start Menu\Programs\Startup
PBT3 Tester Scan.lnk - C:\Program Files\Softing\Profibus Tester\PBTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-08-09 188416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-11-11 267776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2007 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Import/Export Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad"
"C:\WINDOWS\system32\s7epatsx.exe"="C:\WINDOWS\system32\s7epatsx.exe:*:Enabled:Configuration of STEP 7 - Communication"
"C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe"="C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe:*:Enabled:Konfigurationsprogramm für ACCON-NetLink"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe:*:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe:*:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe:LocalSubNet:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:LocalSubNet:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:LocalSubNet:Enabled:WinCC flexible RT Module HmiLoad"
"C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe:LocalSubNet:Enabled:CCAgent"
"C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe"="C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe:LocalSubNet:Enabled:RedundancyControl"
"C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe:LocalSubNet:Enabled:CCEServer"
"C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe"="C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe:*:Enabled:MFC-Anwendung License-Key"
"C:\Program Files\SEW\SEW-Communication-Server\Secos.exe"="C:\Program Files\SEW\SEW-Communication-Server\Secos.exe:*:Enabled:SEW-Communication-Server for Movitools-Motion-Studio"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP License Manager"
"C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\WINDOWS\system32\s7otbxsx.exe"="C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration"
"C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe"="C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox"
"C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe"="C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe"="C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe:LocalSubNet:Enabled:Automation License Manager Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\WINDOWS\system32\cba\pds.exe"="C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service"
"C:\WINDOWS\system32\msgsys.exe"="C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service"
"C:\Program Files\LANDesk\LDClient\issuser.exe"="C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent"
"C:\Program Files\LANDesk\Shared Files\residentagent.exe"="C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent"
"C:\Program Files\LANDesk\LDClient\tmcsvc.exe"="C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.DVSD"=pdvcodec.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======File associations======
.js - edit - C:\WINDOWS\system32\Notepad.exe %1
.js - open - C:\WINDOWS\system32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\system32\Notepad.exe %1
.vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-31 13:05:24 ----A---- C:\WINDOWS\system32\api_hook_list.dat
2015-07-31 13:05:14 ----A---- C:\WINDOWS\system32\HIPIS0e011b3.dll
2015-07-30 12:53:33 ----D---- C:\_OTM
2015-07-29 15:32:30 ----D---- C:\rsit
2015-07-29 15:32:30 ----D---- C:\Program Files\trend micro
2015-07-29 13:09:20 ----D---- C:\AdwCleaner
2015-07-06 09:59:04 ----A---- C:\ftconfig.ini
======List of files/folders modified in the last 1 month======
2015-07-31 13:09:19 ----D---- C:\WINDOWS\Prefetch
2015-07-31 13:06:45 ----D---- C:\WINDOWS\TEMP
2015-07-31 13:05:59 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-31 13:05:24 ----D---- C:\WINDOWS\system32
2015-07-30 21:39:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-30 21:35:05 ----D---- C:\WINDOWS\Debug
2015-07-30 19:11:40 ----D---- C:\WINDOWS\system32\drivers\etc
2015-07-30 19:11:39 ----D---- C:\Program Files\Google
2015-07-30 13:07:07 ----D---- C:\Documents and Settings\udrzba\Application Data\Seznam.cz
2015-07-30 12:53:58 ----D---- C:\WINDOWS
2015-07-30 12:53:58 ----D---- C:\Program Files
2015-07-30 12:53:55 ----HD---- C:\WINDOWS\inf
2015-07-30 07:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-30 06:30:31 ----SHD---- C:\Config.Msi
2015-07-30 06:30:28 ----SHD---- C:\WINDOWS\Installer
2015-07-30 06:30:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-30 06:30:23 ----RSD---- C:\WINDOWS\assembly
2015-07-30 06:30:22 ----D---- C:\WINDOWS\WinSxS
2015-07-30 06:11:38 ----D---- C:\WINDOWS\Network Diagnostic
2015-07-29 13:22:09 ----SD---- C:\WINDOWS\Tasks
2015-07-29 13:22:02 ----D---- C:\Program Files\Common Files
2015-07-29 13:15:34 ----D---- C:\Documents and Settings\udrzba\Application Data\Skype
2015-07-29 13:11:42 ----SHD---- C:\WINDOWS\CSC
2015-07-29 13:06:11 ----D---- C:\WINDOWS\system32\config
2015-07-29 13:02:57 ----D---- C:\Program Files\Opera
2015-07-29 12:44:50 ----D---- C:\WINDOWS\system
2015-07-29 12:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\tmp
2015-07-29 09:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2015-07-29 08:59:15 ----D---- C:\WINDOWS\system32\cache
2015-07-12 11:00:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2015-07-10 08:26:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-10 06:03:08 ----D---- C:\Quarantine
2015-07-08 09:51:42 ----A---- C:\WINDOWS\system32\KevlarSigs.dll
2015-07-03 08:49:12 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86;ahcix86; C:\WINDOWS\system32\DRIVERS\ahcix86.sys [2009-08-31 184888]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-04-28 140544]
R0 FirePM;McAfee HIP Component FirePM; C:\WINDOWS\system32\Drivers\FirePM.sys [2010-02-16 138528]
R0 hpdskflt;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2011-01-06 25144]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2011-05-20 461592]
R0 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-02-16 343920]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2006-04-24 100736]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2006-04-24 82944]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2015-03-02 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 FireTDI;McAfee HIP Component FireTDI; \??\C:\WINDOWS\system32\Drivers\FireTDI.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\Mfetdik.sys [2010-02-16 64208]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-10-23 114376]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 Dpmtrcdd;Dpmtrcdd; C:\WINDOWS\System32\DRIVERS\dpmtrcdd.sys [2010-01-09 28331]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Peakcan;Peakcan; C:\WINDOWS\System32\Drivers\Peakcan.sys [2006-10-10 175248]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver; C:\WINDOWS\System32\Drivers\S7odpx2x.sys [2014-01-16 77312]
R2 S7oppilx;Siemens PC/PPI Cable; C:\WINDOWS\System32\Drivers\S7oppilx.sys [2014-01-16 131584]
R2 s7osmcax;s7osmcax; C:\WINDOWS\System32\Drivers\s7osmcax.sys [2014-01-16 185856]
R2 s7otranx;s7otranx; C:\WINDOWS\System32\Drivers\s7otranx.sys [2014-01-16 509440]
R2 s7otsadx;s7otsadx; C:\WINDOWS\System32\Drivers\s7otsadx.sys [2014-01-16 183808]
R2 s7ousbu32x;SIMATIC USB Service; C:\WINDOWS\system32\DRIVERS\s7ousbu32x.sys [2014-01-16 124672]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\WINDOWS\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 69848]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\WINDOWS\system32\DRIVERS\sntie.sys [2013-10-28 276192]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2011-01-06 32440]
R3 AESTAud;IDT AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-04-21 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-08-10 6407680]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-11-18 556200]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2010-01-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2010-07-23 932136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-11-18 118440]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-07-23 51752]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c5132.sys [2010-12-21 174248]
R3 FirehkMP;FirehkMP; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
R3 firelm01;firelm01; \??\C:\WINDOWS\system32\drivers\firelm01.sys []
R3 fwkbdrtm;fwkbdrtm; \??\C:\WINDOWS\system32\drivers\fwkbdrtm.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HIPK;McAfee Inc. HIPK; C:\WINDOWS\system32\drivers\HIPK.sys [2010-02-16 107896]
R3 HIPPSK;McAfee Inc. HIPPSK; C:\WINDOWS\system32\drivers\HIPPSK.sys [2010-02-16 38680]
R3 HIPQK;McAfee Inc. HIPQK; C:\WINDOWS\system32\drivers\HIPQK.sys [2010-02-16 35584]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-06-25 41216]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2011-01-31 144472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MEI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-02-16 75704]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-27 73512]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-27 34408]
R3 NETwNx32;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwNx32.sys [2010-12-21 7391104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2011-01-27 1660547]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2011-09-15 295856]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 a320raid;a320raid; C:\WINDOWS\system32\DRIVERS\a320raid.sys [2004-05-08 251194]
S0 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2003-09-04 132608]
S0 SAS5XSYM;SAS5XSYM; C:\WINDOWS\system32\DRIVERS\SAS5XSYM.sys [2005-11-17 92672]
S0 SI3114r;SiI-3114 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\SI3114R.sys [2003-09-22 96906]
S0 SYMMPI;SYMMPI; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2007-02-10 100096]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 axbcfgrb;axbcfgrb; C:\WINDOWS\system32\drivers\axbcfgrb.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dpmcslv;dpmcslv; C:\WINDOWS\system32\drivers\dpmcslv.sys [2005-07-04 68280]
S3 Firehk;McAfee NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys []
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-11-11 2171840]
S3 IntcDAud;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 260864]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mxuwdrv2;MOXA UPort 1110/1130/1150 Windows Driver; C:\WINDOWS\system32\DRIVERS\mxuwdrv2.sys [2013-05-14 59904]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Pcan_usb;PEAK PCAN_USB driver for CAN hardware; C:\WINDOWS\system32\DRIVERS\PCAN_USB.SYS [2012-01-24 470784]
S3 S5AS511;S5AS511; C:\WINDOWS\system32\drivers\S5AS511.sys [2001-11-21 15360]
S3 S5MCD;S5MCD; C:\WINDOWS\system32\drivers\S5MCD.sys [2001-11-21 188416]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\WINDOWS\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 s7oppitx;s7oppitx; C:\WINDOWS\System32\Drivers\S7oppitx.sys [2014-01-16 95232]
S3 S7OUSBM32X;SIMATIC USB Device - USB Driver Service; C:\WINDOWS\system32\DRIVERS\s7ousbm32x.sys [2013-01-07 39936]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SPUVCbv;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;WinUSB Service; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2013-01-08 1183608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-08-09 638976]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2010-07-30 365912]
R2 CMI Service;CMI Service; C:\WINDOWS\DSClient\CMI\Bin\CMI.exe [2011-04-28 58880]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-02-16 1498224]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2010-09-27 4180576]
R2 hips;McAfee HIPSCore Service; C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe [2010-02-16 35696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6u26\bin\jqs.exe [2011-09-09 153376]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-02-03 120128]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2009-01-27 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2009-06-10 49152]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-02-16 70728]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 s7asysvx;S7 Global Services; C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe [2011-10-31 69685]
R2 s7oiehsx;SIMATIC S7DOS Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2014-01-16 425696]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2014-01-16 560864]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-02 163328]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 STacSV;Audio Service; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-27 274514]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-02 363008]
S2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-02 245248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-02 264704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OPCEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-02 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-02 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-02 101888]
S3 U7Service;U7Service; C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe [2014-05-05 81344]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2012-09-27 129632]
S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-25 2161976]
S4 UxTuneUp;AVG Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by udrzba at 2015-07-31 13:09:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (44%) free of 84 GB
Total RAM: 3054 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:09:25 PM, on 7/31/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
C:\Program Files\Java\jre6u26\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
C:\Program Files\Common Files\Siemens\SimNetCom\PNIOMGR.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SIEMENS\SIMATIC.NET\SimNetCom\pniopcac.exe
C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\DSClient\dsinfo\DSInfo.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe
C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Softing\Profibus Tester\PBTTray.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Skype\Updater\Updater.exe
D:\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\udrzba.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
F2 - REG:system.ini: UserInit=C:\windows\dsclient\cmi\bin\CMIAgent.exe user
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [DSInfoTool] C:\WINDOWS\DSClient\dsinfo\DSInfo.exe C:\WINDOWS\DSClient\dsinfo\ds.bgi /taskbar /accepteula
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinCC flexible Smart Start] "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\elektro\Application Data\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin (User 'Default user')
O4 - Startup: PBT3 Tester Scan.lnk = C:\Program Files\Softing\Profibus Tester\PBTTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit poekladae - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &oznaeený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Poeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0947301046
O17 - HKLM\System\CCS\Services\Tcpip\..\{024F9A4A-8736-45CB-B791-71D6D4314E96}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{024F9A4A-8736-45CB-B791-71D6D4314E96}: NameServer = 8.8.8.8,8.8.4.4
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CCAgent - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe
O23 - Service: CCEClient - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe
O23 - Service: CCEServer - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe
O23 - Service: CMI Service - Unknown owner - C:\WINDOWS\DSClient\CMI\Bin\CMI.exe
O23 - Service: McAfee Host Intrusion Prevention Service (enterceptAgent) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: McAfee HIPSCore Service (hips) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6u26\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OPCEnum.exe
O23 - Service: RedundancyControl - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe
O23 - Service: RedundancyState - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC S7DOS Help Service (s7oiehsx) - Siemens AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - Siemens AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: SCSFsX - SIEMENS AG - C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe
O23 - Service: SCSMonitor - SIEMENS AG - C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: U7Service - SIEMENS AG - C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe
--
End of file - 15332 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_191_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Ball Kit.job - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\udrzba\Local Settings\Application Data\Ball Kit\Bin\BallKit.dll",#3
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1376201002.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\User_Feed_Synchronization-{63DAEE05-5E96-4AAC-82BE-24B81EE2E5D2}.job - C:\WINDOWS\system32\msfeedssync.exe sync
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents [2015-06-24 63]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2009-06-10 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6u26\bin\jp2ssv.dll [2011-09-09 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6u26\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-09 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DSInfoTool"=C:\WINDOWS\DSClient\dsinfo\DSInfo.exe [2009-11-20 844648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-11-19 176152]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-11-19 145944]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-04-21 737280]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-08-10 98304]
"WinCC flexible Smart Start"=C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [2011-12-14 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-15 2295080]
"S7UB Start"=C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [2010-06-03 102453]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-06-10 106496]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-02-03 161088]
"McAfee Host Intrusion Prevention Tray"=C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [2010-02-16 979104]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-11-19 142360]
"FreePDF Assistant"=C:\Program Files\FreePDF_XP\fpassist.exe [2009-09-05 385024]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]
"cz.seznam.software.szndesktop"=C:\Documents [2015-06-24 63]
"cz.seznam.software.autoupdate"=C:\Documents [2015-06-24 63]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-06-02 28785792]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\udrzba\Start Menu\Programs\Startup
PBT3 Tester Scan.lnk - C:\Program Files\Softing\Profibus Tester\PBTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-08-09 188416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-11-11 267776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2007 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007\Extern\ExConServer.exe:*:Enabled:SIMATIC WinCC flexible 2007 Import/Export Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad"
"C:\WINDOWS\system32\s7epatsx.exe"="C:\WINDOWS\system32\s7epatsx.exe:*:Enabled:Configuration of STEP 7 - Communication"
"C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe"="C:\Program Files\Systeme Helmholz\NETLink-S7-NET\NETLinklite_Config.exe:*:Enabled:Konfigurationsprogramm für ACCON-NetLink"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\MiniWeb.exe:*:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2007 Runtime\SmartServer.exe:*:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:LocalSubNet:Enabled:SIMATIC WinCC flexible 2008 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\Miniweb.exe:LocalSubNet:Enabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:LocalSubNet:Enabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:LocalSubNet:Enabled:WinCC flexible RT Module HmiLoad"
"C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCAgent.exe:LocalSubNet:Enabled:CCAgent"
"C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe"="C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe:LocalSubNet:Enabled:RedundancyControl"
"C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe"="C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe:LocalSubNet:Enabled:CCEServer"
"C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe"="C:\Documents and Settings\udrzba\Local Settings\Temp\WZSE0.TMP\UpdatePatcher.exe:*:Enabled:MFC-Anwendung License-Key"
"C:\Program Files\SEW\SEW-Communication-Server\Secos.exe"="C:\Program Files\SEW\SEW-Communication-Server\Secos.exe:*:Enabled:SEW-Communication-Server for Movitools-Motion-Studio"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP License Manager"
"C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\2.0.9\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\WINDOWS\system32\s7otbxsx.exe"="C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration"
"C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe"="C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox"
"C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe"="C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe"="C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvx.exe:LocalSubNet:Enabled:Automation License Manager Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\WINDOWS\system32\cba\pds.exe"="C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service"
"C:\WINDOWS\system32\msgsys.exe"="C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service"
"C:\Program Files\LANDesk\LDClient\issuser.exe"="C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent"
"C:\Program Files\LANDesk\Shared Files\residentagent.exe"="C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent"
"C:\Program Files\LANDesk\LDClient\tmcsvc.exe"="C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.DVSD"=pdvcodec.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======File associations======
.js - edit - C:\WINDOWS\system32\Notepad.exe %1
.js - open - C:\WINDOWS\system32\WScript.exe "%1" %*
.vbs - edit - C:\WINDOWS\system32\Notepad.exe %1
.vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-31 13:05:24 ----A---- C:\WINDOWS\system32\api_hook_list.dat
2015-07-31 13:05:14 ----A---- C:\WINDOWS\system32\HIPIS0e011b3.dll
2015-07-30 12:53:33 ----D---- C:\_OTM
2015-07-29 15:32:30 ----D---- C:\rsit
2015-07-29 15:32:30 ----D---- C:\Program Files\trend micro
2015-07-29 13:09:20 ----D---- C:\AdwCleaner
2015-07-06 09:59:04 ----A---- C:\ftconfig.ini
======List of files/folders modified in the last 1 month======
2015-07-31 13:09:19 ----D---- C:\WINDOWS\Prefetch
2015-07-31 13:06:45 ----D---- C:\WINDOWS\TEMP
2015-07-31 13:05:59 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-31 13:05:24 ----D---- C:\WINDOWS\system32
2015-07-30 21:39:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-30 21:35:05 ----D---- C:\WINDOWS\Debug
2015-07-30 19:11:40 ----D---- C:\WINDOWS\system32\drivers\etc
2015-07-30 19:11:39 ----D---- C:\Program Files\Google
2015-07-30 13:07:07 ----D---- C:\Documents and Settings\udrzba\Application Data\Seznam.cz
2015-07-30 12:53:58 ----D---- C:\WINDOWS
2015-07-30 12:53:58 ----D---- C:\Program Files
2015-07-30 12:53:55 ----HD---- C:\WINDOWS\inf
2015-07-30 07:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-30 06:30:31 ----SHD---- C:\Config.Msi
2015-07-30 06:30:28 ----SHD---- C:\WINDOWS\Installer
2015-07-30 06:30:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-30 06:30:23 ----RSD---- C:\WINDOWS\assembly
2015-07-30 06:30:22 ----D---- C:\WINDOWS\WinSxS
2015-07-30 06:11:38 ----D---- C:\WINDOWS\Network Diagnostic
2015-07-29 13:22:09 ----SD---- C:\WINDOWS\Tasks
2015-07-29 13:22:02 ----D---- C:\Program Files\Common Files
2015-07-29 13:15:34 ----D---- C:\Documents and Settings\udrzba\Application Data\Skype
2015-07-29 13:11:42 ----SHD---- C:\WINDOWS\CSC
2015-07-29 13:06:11 ----D---- C:\WINDOWS\system32\config
2015-07-29 13:02:57 ----D---- C:\Program Files\Opera
2015-07-29 12:44:50 ----D---- C:\WINDOWS\system
2015-07-29 12:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\tmp
2015-07-29 09:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2015-07-29 08:59:15 ----D---- C:\WINDOWS\system32\cache
2015-07-12 11:00:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2015-07-10 08:26:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-10 06:03:08 ----D---- C:\Quarantine
2015-07-08 09:51:42 ----A---- C:\WINDOWS\system32\KevlarSigs.dll
2015-07-03 08:49:12 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix86;ahcix86; C:\WINDOWS\system32\DRIVERS\ahcix86.sys [2009-08-31 184888]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-04-28 140544]
R0 FirePM;McAfee HIP Component FirePM; C:\WINDOWS\system32\Drivers\FirePM.sys [2010-02-16 138528]
R0 hpdskflt;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2011-01-06 25144]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2011-05-20 461592]
R0 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-02-16 343920]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2006-04-24 100736]
R0 nvraid;NVIDIA nForce(tm) RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2006-04-24 82944]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2015-03-02 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 FireTDI;McAfee HIP Component FireTDI; \??\C:\WINDOWS\system32\Drivers\FireTDI.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\Mfetdik.sys [2010-02-16 64208]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-10-23 114376]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 Dpmtrcdd;Dpmtrcdd; C:\WINDOWS\System32\DRIVERS\dpmtrcdd.sys [2010-01-09 28331]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Peakcan;Peakcan; C:\WINDOWS\System32\Drivers\Peakcan.sys [2006-10-10 175248]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver; C:\WINDOWS\System32\Drivers\S7odpx2x.sys [2014-01-16 77312]
R2 S7oppilx;Siemens PC/PPI Cable; C:\WINDOWS\System32\Drivers\S7oppilx.sys [2014-01-16 131584]
R2 s7osmcax;s7osmcax; C:\WINDOWS\System32\Drivers\s7osmcax.sys [2014-01-16 185856]
R2 s7otranx;s7otranx; C:\WINDOWS\System32\Drivers\s7otranx.sys [2014-01-16 509440]
R2 s7otsadx;s7otsadx; C:\WINDOWS\System32\Drivers\s7otsadx.sys [2014-01-16 183808]
R2 s7ousbu32x;SIMATIC USB Service; C:\WINDOWS\system32\DRIVERS\s7ousbu32x.sys [2014-01-16 124672]
R2 s7sn2srtx;PROFINET IO RT-Protocol V2.0; C:\WINDOWS\system32\DRIVERS\s7sn2srtx.sys [2012-05-09 69848]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\WINDOWS\system32\DRIVERS\sntie.sys [2013-10-28 276192]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2011-01-06 32440]
R3 AESTAud;IDT AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-04-21 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-08-10 6407680]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-11-18 556200]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2010-01-14 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2010-07-23 932136]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-11-18 118440]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-07-23 51752]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c5132.sys [2010-12-21 174248]
R3 FirehkMP;FirehkMP; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
R3 firelm01;firelm01; \??\C:\WINDOWS\system32\drivers\firelm01.sys []
R3 fwkbdrtm;fwkbdrtm; \??\C:\WINDOWS\system32\drivers\fwkbdrtm.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HIPK;McAfee Inc. HIPK; C:\WINDOWS\system32\drivers\HIPK.sys [2010-02-16 107896]
R3 HIPPSK;McAfee Inc. HIPPSK; C:\WINDOWS\system32\drivers\HIPPSK.sys [2010-02-16 38680]
R3 HIPQK;McAfee Inc. HIPQK; C:\WINDOWS\system32\drivers\HIPQK.sys [2010-02-16 35584]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-06-25 41216]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2011-01-31 144472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MEI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-02-16 75704]
R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-27 73512]
R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-27 34408]
R3 NETwNx32;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwNx32.sys [2010-12-21 7391104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2011-01-27 1660547]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2011-09-15 295856]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 a320raid;a320raid; C:\WINDOWS\system32\DRIVERS\a320raid.sys [2004-05-08 251194]
S0 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2003-09-04 132608]
S0 SAS5XSYM;SAS5XSYM; C:\WINDOWS\system32\DRIVERS\SAS5XSYM.sys [2005-11-17 92672]
S0 SI3114r;SiI-3114 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\SI3114R.sys [2003-09-22 96906]
S0 SYMMPI;SYMMPI; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2007-02-10 100096]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 axbcfgrb;axbcfgrb; C:\WINDOWS\system32\drivers\axbcfgrb.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dpmcslv;dpmcslv; C:\WINDOWS\system32\drivers\dpmcslv.sys [2005-07-04 68280]
S3 Firehk;McAfee NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\firehk.sys [2008-10-17 44680]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys []
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-11-11 2171840]
S3 IntcDAud;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 260864]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mxuwdrv2;MOXA UPort 1110/1130/1150 Windows Driver; C:\WINDOWS\system32\DRIVERS\mxuwdrv2.sys [2013-05-14 59904]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Pcan_usb;PEAK PCAN_USB driver for CAN hardware; C:\WINDOWS\system32\DRIVERS\PCAN_USB.SYS [2012-01-24 470784]
S3 S5AS511;S5AS511; C:\WINDOWS\system32\drivers\S5AS511.sys [2001-11-21 15360]
S3 S5MCD;S5MCD; C:\WINDOWS\system32\drivers\S5MCD.sys [2001-11-21 188416]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\WINDOWS\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 s7oppitx;s7oppitx; C:\WINDOWS\System32\Drivers\S7oppitx.sys [2014-01-16 95232]
S3 S7OUSBM32X;SIMATIC USB Device - USB Driver Service; C:\WINDOWS\system32\DRIVERS\s7ousbm32x.sys [2013-01-07 39936]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SPUVCbv;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WinUSB;WinUSB Service; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2013-01-08 1183608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-08-09 638976]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2010-07-30 365912]
R2 CMI Service;CMI Service; C:\WINDOWS\DSClient\CMI\Bin\CMI.exe [2011-04-28 58880]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-02-16 1498224]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2010-09-27 4180576]
R2 hips;McAfee HIPSCore Service; C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe [2010-02-16 35696]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6u26\bin\jqs.exe [2011-09-09 153376]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-02-03 120128]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2009-01-27 144704]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2009-06-10 49152]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-02-16 70728]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 s7asysvx;S7 Global Services; C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe [2011-10-31 69685]
R2 s7oiehsx;SIMATIC S7DOS Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2014-01-16 425696]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2014-01-16 560864]
R2 SCSMonitor;SCSMonitor; C:\Program Files\Common Files\Siemens\ace\bin\SCSMX.exe [2011-11-02 163328]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 STacSV;Audio Service; C:\Program Files\IDT\WDM\STacSV.exe [2011-01-27 274514]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CCAgent;CCAgent; C:\Program Files\Common Files\Siemens\ACE\bin\CCAgent.exe [2011-11-02 363008]
S2 CCEServer;CCEServer; C:\Program Files\Common Files\Siemens\ace\bin\CCEServer.exe [2011-11-02 245248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 CCEClient;CCEClient; C:\Program Files\Common Files\Siemens\ace\bin\CCEClient.exe [2011-11-02 264704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-03 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OPCEnum.exe [2009-02-05 139488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RedundancyControl;RedundancyControl; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyControl.exe [2011-11-02 486400]
S3 RedundancyState;RedundancyState; C:\Program Files\Common Files\Siemens\ace\bin\RedundancyState.exe [2011-11-02 198144]
S3 SCSFsX;SCSFsX; C:\Program Files\Common Files\Siemens\ACE\bin\SCSFsX.exe [2011-11-02 101888]
S3 U7Service;U7Service; C:\Program Files\Siemens\Step7\S7bin\u7csvrax.exe [2014-05-05 81344]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2012-09-27 129632]
S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-25 2161976]
S4 UxTuneUp;AVG Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Jojo, nastala změna k lepšímu. PC šlape rychleji. I když jsou to XP a je to spíše firemní NB, tak je to mnohem lepší.
Děkuji
Děkuji
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
S tím sem příště nechoďte. Fórum viry.cz slouží home userům. Firemní PC by měli obstarávat firemní IT pracovníci, kteří jsou za to placeni a mnohdy i nadstandardně. Nemáte zač!...a je to spíše firemní NB...
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Naše oddělení IT bych raději nezmiňoval. Ti neumí ani vyměnit blbej kabel. Neumí ani pracovat se sítí. Proto se raději obrátím sem, a vím, že to bude to nejlepší. Časem, snad se mi to povede, budu pomáhat i já ostatním.
Přispějete na provoz fóra?