Logfile of random's system information tool 1.09 (written by random/random)
Run by ROMAN at 2011-07-23 19:11:10
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 22 GB (11%) free of 191 GB
Total RAM: 2046 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:11:16, on 23.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Fox Magic\ScreenVirtuoso Pro 2.00\dxlock.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe
C:\Program Files (x86)\Mozilla Firefox 3\plugin-container.exe
C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
C:\Program Files\trend micro\ROMAN.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14597
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\fgiebar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [iTraffic Monitor] C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe
O4 - HKLM\..\Run: [Standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKCU\..\Run: [PhoneDaemon] C:\Users\ROMAN\Desktop\iPhone PC Suite\PhoneDaemon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AlSrvN] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [dxlock] C:\Program Files (x86)\Fox Magic\ScreenVirtuoso Pro 2.00\dxlock.exe
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Image Retriever.lnk = C:\Program Files (x86)\ScanSoft\PaperPort\xdcla.exe
O8 - Extra context menu item: &Stáhnout všechno FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {0427F569-3D57-4F10-B9FB-8D71A6A7BE24} (FormelEditor Control) - file:///C:/Users/ROMAN/AppData/Local/Temp/KJPL60/frmeditor.ocx
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Cerberus FTP Server - Cerberus, LLC - C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EWA net DB Core - Transaction Software, D 81829 Munich - C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe
O23 - Service: EWA net DB EPC - Transaction Software, D 81829 Munich - C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe
O23 - Service: EWA net DB WIS - Transaction Software, D 81829 Munich - C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe
O23 - Service: EWA net Server - Alexandria Software Consulting - C:\Program Files (x86)\EWA net\server\bin\tomcat.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17601 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x308
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Fox Magic\ScreenVirtuoso Pro 2.00\dxlock.exe"
"C:\Program Files\WinFast\WFDTV\WFWIZ.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe"
"C:\Program Files\WinFast\WFDTV\DTVSchdl.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {974D04A6-4F63-4DBB-B335-C7F516634C72}
"C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe"
"C:\Program Files\ASUS\Six Engine\SixEngine.exe" -b
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe" -Service
"C:\ASUS.SYS\config\DVMExportService.exe"
"C:\Program Files (x86)\EWA net\database\TransBase EWA\tbmux32.exe"
"C:\Program Files (x86)\EWA net\database\TransBase EPC\tbmux32.exe"
"C:\Program Files (x86)\EWA net\database\TransBase WIS\tbmux32.exe"
"C:\Program Files (x86)\EWA net\server\bin\tomcat.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
"C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe"
"C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe" -Embedding
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sFORDECATDB
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe"
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe"
WLIDSvcM.exe 4004
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\EWA net\database\TransBase EWA\tbkern32.exe" -dedi 32677 -inactivity 0
"C:\Program Files (x86)\EWA net\database\TransBase EPC\tbkern32.exe" -dedi 47084 -inactivity 0 -crypt
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox 3\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox 3\plugin-container.exe" --channel=4256.fe75020.104814739 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.6.0 -greomni "C:\Program Files (x86)\Mozilla Firefox 3\omni.jar" 4256 "\\.\pipe\gecko-crash-server-pipe.4256" plugin
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -RESTART
"D:\XXX\5.7.11\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001Core1cc04adfeaaf61.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-876401281-3636213226-3406816674-1001UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "file://///WL-500GPV2/part0/intra/index.html"
prefs.js - "extensions.enabledItems" - "LogMeInClient@logmein.com:1.0.0.608, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2786678&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox 3\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox 3\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
IICAClient.xpt
C:\Program Files (x86)\Mozilla Firefox 3\plugins\
cgpcfg.dll
CgpCore.dll
confmgr.dll
ctxmui.dll
ICAClObj.class
icafile.dll
icalogon.dll
logging.dll
np-mswmp.dll
npdeployJava1.dll
npicaN.dll
nppdf32.dll
npwachk.dll
sslsdk_b.dll
TcpPServ.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox 3\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\extensions\
engine@conduit.com
LogMeInClient@logmein.com
maps@ovi.com
toolbar@ask.com
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
C:\Users\ROMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ls90gvhb.default\searchplugins\
askcom.xml
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin.xml
qipsearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-06-09 45568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\ROMAN\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}]
SnapFlash Class - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll [2002-12-03 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~2\FlashGet\fgiebar.dll [2005-06-07 86016]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2010-01-27 57928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe []
"PhoneDaemon"=C:\Users\ROMAN\Desktop\iPhone PC Suite\PhoneDaemon.exe []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AlSrvN"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe [2010-02-06 53760]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"dxlock"=C:\Program Files (x86)\Fox Magic\ScreenVirtuoso Pro 2.00\dxlock.exe [2005-07-26 90112]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-08-11 2920448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\602PC SUITE PDF Saver]
C:\Program Files (x86)\Common Files\soft602\pdfSaver.exe [2005-08-31 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-12-14 47904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro]
C:\Program Files (x86)\ABBYY FineReader 7.0 Professional Edition\ABBYYNewsReader.exe [2005-01-23 290816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
C:\Program Files (x86)\FlashGet Network\FlashGet universal\flashget.exe /min []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\ROMAN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-25 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-01-25 421160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-02-22 1226024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3]
c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files (x86)\CyberLink\PlayMovie\PMVService.exe [2008-09-24 172032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\ROMAN\AppData\Roaming\QipGuard\QipGuard.exe [2010-06-09 187904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]
C:\Program Files (x86)\CyberLink\TV Enhance\TVEService.exe [2008-10-23 180224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-08-11 2920448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2011-06-08 101888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ROMAN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-24 2245120]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-07-04 3493720]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-03 98304]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"pdfSaver3"= []
"TurboV EVO"=C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [2009-09-10 7322624]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]
"iTraffic Monitor"=C:\Program Files (x86)\iTraffic Monitor\iTrafficMon.exe [2009-04-22 942080]
"TaskTray"= []
"Standby"=c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe [2010-06-26 105632]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2011-06-08 101888]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-02-06 170496]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Image Retriever.lnk - C:\Program Files (x86)\ScanSoft\PaperPort\xdcla.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\FIREFOX STAHOVANI\facebook-pic000934519.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-07-23 19:04:49 ----D---- C:\Program Files\trend micro
2011-07-23 19:04:47 ----D---- C:\rsit
2011-07-21 17:50:05 ----A---- C:\Windows\SYSWOW64\unicows.dll
2011-07-13 10:40:16 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 10:40:15 ----A---- C:\Windows\system32\wow64win.dll
2011-07-13 10:40:15 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 10:40:14 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 10:40:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-07-13 10:40:12 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-07-13 10:40:12 ----A---- C:\Windows\system32\wow64.dll
2011-07-13 10:40:11 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-07-13 10:40:11 ----A---- C:\Windows\system32\ntvdm64.dll
2011-07-13 10:40:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-07-13 10:40:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-07-13 10:40:10 ----A---- C:\Windows\system32\wow64cpu.dll
2011-07-13 10:40:06 ----A---- C:\Windows\SYSWOW64\user.exe
2011-07-13 10:36:04 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 10:35:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-07-13 10:35:51 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 10:35:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 10:35:49 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 10:35:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 10:35:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 10:35:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 10:35:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 10:35:44 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 10:35:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-13 10:35:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 10:35:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 10:35:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 10:35:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 10:35:43 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 10:35:43 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 10:35:43 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 10:35:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 10:35:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 10:35:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-13 10:35:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-13 10:35:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 10:35:42 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 10:35:42 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 10:35:42 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 10:34:34 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-13 10:34:33 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-13 10:34:29 ----A---- C:\Windows\system32\win32k.sys
2011-07-12 10:45:09 ----D---- C:\Program Files (x86)\Ask.com
2011-07-07 10:32:34 ----D---- C:\Program Files (x86)\CamStudio
2011-07-07 10:28:12 ----A---- C:\Windows\SYSWOW64\fmcodec.DLL
2011-07-07 10:28:11 ----D---- C:\Program Files (x86)\Fox Magic
2011-07-06 10:12:42 ----D---- C:\Windows\system32\SPReview
2011-07-06 10:10:00 ----D---- C:\Windows\system32\EventProviders
2011-07-06 10:03:18 ----D---- C:\Windows\pss
2011-07-04 16:15:18 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-07-04 16:15:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-07-04 16:15:18 ----A---- C:\Windows\SYSWOW64\java.exe
2011-07-03 17:02:01 ----A---- C:\Windows\system32\vpc.exe
2011-07-03 17:02:01 ----A---- C:\Windows\system32\netfxperf.dll
2011-07-03 17:02:01 ----A---- C:\Windows\system32\dfshim.dll
2011-07-03 17:01:54 ----A---- C:\Windows\system32\VPCWizard.exe
2011-07-03 17:01:54 ----A---- C:\Windows\system32\VPCSettings.exe
2011-07-03 17:01:54 ----A---- C:\Windows\system32\VMCPropertyHandler.dll
2011-07-03 17:01:53 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-07-03 17:01:52 ----A---- C:\Windows\system32\VMWindow.exe
2011-07-03 17:01:52 ----A---- C:\Windows\system32\vmsal.exe
2011-07-03 17:01:50 ----A---- C:\Windows\system32\drivers\vpcvmm.sys
2011-07-03 17:01:49 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2011-07-03 17:01:48 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-07-03 17:01:48 ----A---- C:\Windows\system32\mstscax.dll
2011-07-03 17:01:47 ----A---- C:\Windows\system32\d3d10warp.dll
2011-07-03 17:01:41 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-07-03 17:01:35 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-07-03 17:01:33 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2011-07-03 17:01:33 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2011-07-03 17:01:33 ----A---- C:\Windows\system32\tssrvlic.dll
2011-07-03 17:01:33 ----A---- C:\Windows\system32\sysmain.dll
2011-07-03 17:01:33 ----A---- C:\Windows\system32\RDVGHelper.exe
2011-07-03 17:01:32 ----A---- C:\Windows\system32\rdpcorets.dll
2011-07-03 17:01:31 ----A---- C:\Windows\system32\shell32.dll
2011-07-03 17:01:30 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2011-07-03 17:01:29 ----A---- C:\Windows\system32\MSVidCtl.dll
2011-07-03 17:01:27 ----A---- C:\Windows\SYSWOW64\vmsal.exe
2011-07-03 17:01:26 ----A---- C:\Windows\system32\wmp.dll
2011-07-03 17:01:23 ----A---- C:\Windows\system32\ntdll.dll
2011-07-03 17:01:23 ----A---- C:\Windows\system32\mscoree.dll
2011-07-03 17:01:22 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-07-03 17:01:19 ----A---- C:\Windows\system32\secproc_isv.dll
2011-07-03 17:01:19 ----A---- C:\Windows\system32\mf.dll
2011-07-03 17:01:17 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2011-07-03 17:01:17 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-07-03 17:01:16 ----A---- C:\Windows\system32\secproc.dll
2011-07-03 17:01:16 ----A---- C:\Windows\system32\RMActivate.exe
2011-07-03 17:01:15 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-07-03 17:01:15 ----A---- C:\Windows\system32\xpsservices.dll
2011-07-03 17:01:13 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2011-07-03 17:01:11 ----A---- C:\Windows\SYSWOW64\secproc.dll
2011-07-03 17:01:11 ----A---- C:\Windows\system32\rpcrt4.dll
2011-07-03 17:01:10 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2011-07-03 17:01:10 ----A---- C:\Windows\SYSWOW64\PushPrinterConnections.exe
2011-07-03 17:01:10 ----A---- C:\Windows\SYSWOW64\ppcsnap.dll
2011-07-03 17:01:09 ----A---- C:\Windows\system32\schedsvc.dll
2011-07-03 17:01:09 ----A---- C:\Windows\system32\ole32.dll
2011-07-03 17:01:08 ----A---- C:\Windows\system32\spwizui.dll
2011-07-03 17:01:07 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-07-03 17:01:06 ----A---- C:\Windows\system32\taskschd.dll
2011-07-03 17:01:06 ----A---- C:\Windows\system32\RacEngn.dll
2011-07-03 17:01:06 ----A---- C:\Windows\system32\diagperf.dll
2011-07-03 17:01:05 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-07-03 17:01:05 ----A---- C:\Windows\system32\wevtsvc.dll
2011-07-03 17:01:05 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-07-03 17:01:04 ----A---- C:\Windows\system32\vssapi.dll
2011-07-03 17:01:03 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2011-07-03 17:01:03 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-07-03 17:01:03 ----A---- C:\Windows\system32\msxml3.dll
2011-07-03 17:01:03 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-07-03 17:01:01 ----A---- C:\Windows\system32\UIRibbon.dll
2011-07-03 17:01:01 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-07-03 17:00:58 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-07-03 17:00:56 ----A---- C:\Windows\system32\WsmSvc.dll
2011-07-03 17:00:55 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-07-03 17:00:55 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-07-03 17:00:55 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-07-03 17:00:55 ----A---- C:\Windows\system32\rdpudd.dll
2011-07-03 17:00:55 ----A---- C:\Windows\system32\rdpdd.dll
2011-07-03 17:00:55 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-07-03 17:00:55 ----A---- C:\Windows\system32\PresentationHost.exe
2011-07-03 17:00:54 ----A---- C:\Windows\system32\spreview.exe
2011-07-03 17:00:54 ----A---- C:\Windows\system32\spinstall.exe
2011-07-03 17:00:54 ----A---- C:\Windows\system32\MPSSVC.dll
2011-07-03 17:00:53 ----A---- C:\Windows\system32\WinSAT.exe
2011-07-03 17:00:53 ----A---- C:\Windows\system32\drivers\vpchbus.sys
2011-07-03 17:00:53 ----A---- C:\Windows\system32\drivers\vpcusb.sys
2011-07-03 17:00:53 ----A---- C:\Windows\system32\CertEnroll.dll
2011-07-03 17:00:52 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-07-03 17:00:51 ----A---- C:\Windows\system32\msxml6.dll
2011-07-03 17:00:51 ----A---- C:\Windows\system32\d3d9.dll
2011-07-03 17:00:50 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2011-07-03 17:00:50 ----A---- C:\Windows\system32\SearchFolder.dll
2011-07-03 17:00:50 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-07-03 17:00:49 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2011-07-03 17:00:49 ----A---- C:\Windows\system32\gpsvc.dll
2011-07-03 17:00:49 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2011-07-03 17:00:48 ----A---- C:\Windows\system32\VSSVC.exe
2011-07-03 17:00:48 ----A---- C:\Windows\system32\dwmcore.dll
2011-07-03 17:00:47 ----A---- C:\Windows\system32\drivers\http.sys
2011-07-03 17:00:47 ----A---- C:\Windows\system32\dbgeng.dll
2011-07-03 17:00:46 ----A---- C:\Windows\SYSWOW64\rdvgumd32.dll
2011-07-03 17:00:46 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-07-03 17:00:45 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-07-03 17:00:45 ----A---- C:\Windows\system32\crypt32.dll
2011-07-03 17:00:44 ----A---- C:\Windows\SYSWOW64\ole32.dll
2011-07-03 17:00:44 ----A---- C:\Windows\system32\actxprxy.dll
2011-07-03 17:00:43 ----A---- C:\Windows\system32\TSWorkspace.dll
2011-07-03 17:00:43 ----A---- C:\Windows\system32\schannel.dll
2011-07-03 17:00:43 ----A---- C:\Windows\system32\qmgr.dll
2011-07-03 17:00:43 ----A---- C:\Windows\system32\lsasrv.dll
2011-07-03 17:00:43 ----A---- C:\Windows\system32\gpprefcl.dll
2011-07-03 17:00:43 ----A---- C:\Windows\system32\audiosrv.dll
2011-07-03 17:00:42 ----A---- C:\Windows\system32\termsrv.dll
2011-07-03 17:00:41 ----A---- C:\Windows\system32\sqmapi.dll
2011-07-03 17:00:41 ----A---- C:\Windows\system32\mstsc.exe
2011-07-03 17:00:40 ----A---- C:\Windows\system32\netlogon.dll
2011-07-03 17:00:40 ----A---- C:\Windows\system32\imapi2fs.dll
2011-07-03 17:00:40 ----A---- C:\Windows\system32\drivers\vpcnfltr.sys
2011-07-03 17:00:39 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2011-07-03 17:00:39 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2011-07-03 17:00:39 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2011-07-03 17:00:39 ----A---- C:\Windows\system32\winhttp.dll
2011-07-03 17:00:39 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-07-03 17:00:39 ----A---- C:\Windows\system32\msv1_0.dll
2011-07-03 17:00:39 ----A---- C:\Windows\system32\d3d11.dll
2011-07-03 17:00:38 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-07-03 17:00:38 ----A---- C:\Windows\system32\setupapi.dll
2011-07-03 17:00:38 ----A---- C:\Windows\system32\rpcss.dll
2011-07-03 17:00:38 ----A---- C:\Windows\system32\propsys.dll
2011-07-03 17:00:37 ----A---- C:\Windows\system32\werconcpl.dll
2011-07-03 17:00:37 ----A---- C:\Windows\system32\wbengine.exe
2011-07-03 17:00:37 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2011-07-03 17:00:37 ----A---- C:\Windows\system32\authui.dll
2011-07-03 17:00:36 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2011-07-03 17:00:36 ----A---- C:\Windows\system32\taskeng.exe
2011-07-03 17:00:36 ----A---- C:\Windows\system32\odbc32.dll
2011-07-03 17:00:35 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-07-03 17:00:35 ----A---- C:\Windows\system32\WSDApi.dll
2011-07-03 17:00:35 ----A---- C:\Windows\system32\user32.dll
2011-07-03 17:00:34 ----A---- C:\Windows\system32\drivers\netio.sys
2011-07-03 17:00:34 ----A---- C:\Windows\system32\dhcpcore.dll
2011-07-03 17:00:34 ----A---- C:\Windows\system32\certmgr.dll
2011-07-03 17:00:33 ----A---- C:\Windows\SYSWOW64\wer.dll
2011-07-03 17:00:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-07-03 17:00:33 ----A---- C:\Windows\system32\webio.dll
2011-07-03 17:00:33 ----A---- C:\Windows\system32\umrdp.dll
2011-07-03 17:00:33 ----A---- C:\Windows\system32\scavengeui.dll
2011-07-03 17:00:33 ----A---- C:\Windows\system32\LSCSHostPolicy.dll
2011-07-03 17:00:33 ----A---- C:\Windows\system32\drivers\tdx.sys
2011-07-03 17:00:33 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-07-03 17:00:32 ----A---- C:\Windows\SYSWOW64\certcli.dll
2011-07-03 17:00:32 ----A---- C:\Windows\system32\tsmf.dll
2011-07-03 17:00:32 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-07-03 17:00:32 ----A---- C:\Windows\system32\localspl.dll
2011-07-03 17:00:31 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-07-03 17:00:31 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2011-07-03 17:00:31 ----A---- C:\Windows\system32\shlwapi.dll
2011-07-03 17:00:31 ----A---- C:\Windows\system32\ncsi.dll
2011-07-03 17:00:31 ----A---- C:\Windows\system32\msdrm.dll
2011-07-03 17:00:30 ----A---- C:\Windows\system32\netshell.dll
2011-07-03 17:00:30 ----A---- C:\Windows\system32\msdtctm.dll
2011-07-03 17:00:30 ----A---- C:\Windows\system32\framedynos.dll
2011-07-03 17:00:29 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2011-07-03 17:00:29 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-07-03 17:00:29 ----A---- C:\Windows\system32\ws2_32.dll
2011-07-03 17:00:29 ----A---- C:\Windows\system32\winlogon.exe
2011-07-03 17:00:29 ----A---- C:\Windows\system32\rdpshell.exe
2011-07-03 17:00:29 ----A---- C:\Windows\system32\netcfgx.dll
2011-07-03 17:00:29 ----A---- C:\Windows\system32\drivers\cng.sys
2011-07-03 17:00:29 ----A---- C:\Windows\system32\appmgr.dll
2011-07-03 17:00:28 ----A---- C:\Windows\system32\usp10.dll
2011-07-03 17:00:28 ----A---- C:\Windows\system32\quartz.dll
2011-07-03 17:00:28 ----A---- C:\Windows\system32\nlasvc.dll
2011-07-03 17:00:28 ----A---- C:\Windows\system32\lsm.exe
2011-07-03 17:00:28 ----A---- C:\Windows\system32\comdlg32.dll
2011-07-03 17:00:27 ----A---- C:\Windows\SYSWOW64\quartz.dll
2011-07-03 17:00:27 ----A---- C:\Windows\system32\wmpps.dll
2011-07-03 17:00:27 ----A---- C:\Windows\system32\dxgi.dll
2011-07-03 17:00:27 ----A---- C:\Windows\system32\drivers\csc.sys
2011-07-03 17:00:27 ----A---- C:\Windows\system32\apphelp.dll
2011-07-03 17:00:26 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2011-07-03 17:00:26 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2011-07-03 17:00:25 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-07-03 17:00:25 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2011-07-03 17:00:25 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2011-07-03 17:00:25 ----A---- C:\Windows\system32\wpdshext.dll
2011-07-03 17:00:25 ----A---- C:\Windows\system32\Query.dll
2011-07-03 17:00:25 ----A---- C:\Windows\system32\mswsock.dll
2011-07-03 17:00:25 ----A---- C:\Windows\system32\azroles.dll
2011-07-03 17:00:24 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2011-07-03 17:00:24 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2011-07-03 17:00:24 ----A---- C:\Windows\system32\Vault.dll
2011-07-03 17:00:24 ----A---- C:\Windows\system32\QAGENT.DLL
2011-07-03 17:00:24 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-07-03 17:00:24 ----A---- C:\Windows\system32\BFE.DLL
2011-07-03 17:00:23 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2011-07-03 17:00:23 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2011-07-03 17:00:23 ----A---- C:\Windows\system32\win32spl.dll
2011-07-03 17:00:23 ----A---- C:\Windows\system32\samsrv.dll
2011-07-03 17:00:23 ----A---- C:\Windows\system32\lpksetup.exe
2011-07-03 17:00:23 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2011-07-03 17:00:23 ----A---- C:\Windows\system32\cmd.exe
2011-07-03 17:00:22 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2011-07-03 17:00:22 ----A---- C:\Windows\system32\cscsvc.dll
2011-07-03 17:00:21 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2011-07-03 17:00:21 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2011-07-03 17:00:21 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2011-07-03 17:00:21 ----A---- C:\Windows\system32\WebClnt.dll
2011-07-03 17:00:21 ----A---- C:\Windows\system32\rdpclip.exe
2011-07-03 17:00:20 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-07-03 17:00:20 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-07-03 17:00:20 ----A---- C:\Windows\SYSWOW64\Query.dll
2011-07-03 17:00:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-07-03 17:00:20 ----A---- C:\Windows\system32\sxs.dll
2011-07-03 17:00:20 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2011-07-03 17:00:19 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2011-07-03 17:00:19 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2011-07-03 17:00:19 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2011-07-03 17:00:19 ----A---- C:\Windows\system32\Wldap32.dll
2011-07-03 17:00:19 ----A---- C:\Windows\system32\taskcomp.dll
2011-07-03 17:00:19 ----A---- C:\Windows\system32\mfds.dll
2011-07-03 17:00:19 ----A---- C:\Windows\system32\mcbuilder.exe
2011-07-03 17:00:19 ----A---- C:\Windows\system32\cscobj.dll
2011-07-03 17:00:17 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-07-03 17:00:17 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-07-03 17:00:17 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2011-07-03 17:00:17 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2011-07-03 17:00:17 ----A---- C:\Windows\system32\wuaueng.dll
2011-07-03 17:00:17 ----A---- C:\Windows\system32\pnidui.dll
2011-07-03 17:00:17 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-07-03 17:00:17 ----A---- C:\Windows\system32\hgprint.dll
2011-07-03 17:00:16 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-07-03 17:00:16 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2011-07-03 17:00:16 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2011-07-03 17:00:16 ----A---- C:\Windows\system32\webservices.dll
2011-07-03 17:00:16 ----A---- C:\Windows\system32\SessEnv.dll
2011-07-03 17:00:16 ----A---- C:\Windows\system32\rdpendp.dll
2011-07-03 17:00:15 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2011-07-03 17:00:15 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2011-07-03 17:00:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2011-07-03 17:00:15 ----A---- C:\Windows\system32\winsta.dll
2011-07-03 17:00:15 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-07-03 17:00:15 ----A---- C:\Windows\system32\spoolsv.exe
2011-07-03 17:00:15 ----A---- C:\Windows\system32\fveapi.dll
2011-07-03 17:00:15 ----A---- C:\Windows\system32\dot3api.dll
2011-07-03 17:00:14 ----A---- C:\Windows\SYSWOW64\usp10.dll
2011-07-03 17:00:14 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2011-07-03 17:00:14 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2011-07-03 17:00:14 ----A---- C:\Windows\system32\gdi32.dll
2011-07-03 17:00:14 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-07-03 17:00:14 ----A---- C:\Windows\system32\drivers\msrpc.sys
2011-07-03 17:00:13 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2011-07-03 17:00:13 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2011-07-03 17:00:13 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-07-03 17:00:13 ----A---- C:\Windows\system32\schtasks.exe
2011-07-03 17:00:13 ----A---- C:\Windows\system32\prncache.dll
2011-07-03 17:00:13 ----A---- C:\Windows\system32\mcmde.dll
2011-07-03 17:00:12 ----A---- C:\Windows\SYSWOW64\userenv.dll
2011-07-03 17:00:12 ----A---- C:\Windows\system32\wuapi.dll
2011-07-03 17:00:12 ----A---- C:\Windows\system32\wlanpref.dll
2011-07-03 17:00:12 ----A---- C:\Windows\system32\vpnike.dll
2011-07-03 17:00:12 ----A---- C:\Windows\system32\userenv.dll
2011-07-03 17:00:11 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2011-07-03 17:00:11 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-07-03 17:00:11 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2011-07-03 17:00:11 ----A---- C:\Windows\system32\wintrust.dll
2011-07-03 17:00:11 ----A---- C:\Windows\system32\tspubwmi.dll
2011-07-03 17:00:11 ----A---- C:\Windows\system32\photowiz.dll
2011-07-03 17:00:11 ----A---- C:\Windows\system32\evr.dll
2011-07-03 17:00:11 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-07-03 17:00:11 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2011-07-03 17:00:10 ----A---- C:\Windows\system32\framedyn.dll
2011-07-03 17:00:09 ----A---- C:\Windows\system32\wmpmde.dll
2011-07-03 17:00:09 ----A---- C:\Windows\system32\sppobjs.dll
2011-07-03 17:00:09 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-07-03 17:00:09 ----A---- C:\Windows\system32\FXSSVC.exe
2011-07-03 17:00:09 ----A---- C:\Windows\system32\AudioSes.dll
2011-07-03 17:00:09 ----A---- C:\Windows\system32\aepdu.dll
2011-07-03 17:00:08 ----A---- C:\Windows\SYSWOW64\cmd.exe
2011-07-03 17:00:08 ----A---- C:\Windows\system32\WMPEncEn.dll
2011-07-03 17:00:08 ----A---- C:\Windows\system32\wmpeffects.dll
Stahněte MBAM z mého podpisu
záložka 
Přispějete na provoz fóra?