Preventivní kontrola logu

[Prochy(cz)]

Dobrý den,
notebook jede vcelku v pohodě, ale stejně pro jistotu tu přikladám log z RSITU, abych se ujistil, že tam nemám žádnou havěť. Při zapínání se mi spouští proces eni.exe a ten nevim k čemu je a blokuje mi port 80, kterej potřebuju kvůli localhostu(apache). A ještě se mi zdá, že mám celkem dost spuštěných procesů(131), tak bych rád věděl, který můžu vypnout. Před tvorbou logu sem pustil CCleaner. Předem děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Prochy at 2011-08-08 16:41:05
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 11 GB (16%) free of 69 GB
Total RAM: 2934 MB (27% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 23968192
\??\C:\Windows\system32\conhost.exe "-1541469745-1685546731-8870318022584002931373773626-251319873248149233-931082438
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\SysWOW64\lkads.exe
C:\Windows\SysWOW64\lktsrv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\National Instruments\MAX\nimxs.exe"
C:\Windows\SysWOW64\nipalsm.exe
C:\Windows\SysWOW64\nipalsm.exe
"C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"
C:\Windows\SysWOW64\nisvcloc.exe -s
"C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe" runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" -D "C:/Program Files (x86)/PostgreSQL/8.4/data"
\??\C:\Windows\system32\conhost.exe "-836491459-2963520323478457471443194151831253687345723649-14562272772014750518
"C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe"
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\nipalsm.exe
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkboot" "868" "-x3"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkboot" "836" "-x4"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkavlauncher" "868"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkcol" "836"
"C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe"
"C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
PokerStars.exe --update
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Bluetooth®: On
WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>1688475884</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\trend micro\Prochy.exe" /silentautolog
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\PSPad editor\PSPad.exe" "C:\Users\Prochy\Contacts\hlavni.php"
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\rsit\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Prochy\AppData\Roaming\Mozilla\Firefox\Profiles\y667c8df.default

prefs.js - "browser.startup.homepage" - "http://qip.ru"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.9]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPLV80Win32.dll
NPLV82Win32.dll
nplv85win32.dll
nplv86win32.dll
nplv90win32.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Prochy\AppData\Roaming\Mozilla\Firefox\Profiles\y667c8df.default\extensions\
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
{6AC85730-7D0F-4de0-B3FA-21142DD85326}

C:\Users\Prochy\AppData\Roaming\Mozilla\Firefox\Profiles\y667c8df.default\searchplugins\
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 2132232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-11 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 1471752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Prochy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-06 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-06 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-06 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-12-17 391144]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 2185032]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-06-24 1744152]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-08-23 1691192]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-07-31 489472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2011-08-08 1242448]
"AdobeBridge"= []
"FileHippo.com"=C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2011-07-18 6812032]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2009-09-02 75576]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2736128]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2011-08-01 3077528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-10-01 256056]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
"SAOB Monitor"=C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2010-11-16 2536752]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-12-17 5566176]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2010-03-31 249856]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"NI Background Service"=C:\Program Files (x86)\National Instruments\Shared\Update Service\BackgroundService.exe [2009-08-25 77824]
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2011-04-08 611712]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2011-06-07 40376]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-09-22 640440]
"Adobe_ID0ENQBO"=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"niDevMon"=C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [2007-07-14 106064]
"RemoteControl11"=C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [2011-04-20 234792]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-12-11 11265536]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-07-31 284696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Scrybe.lnk - C:\Windows\Installer\{5772FC28-D1DD-4D9D-8D7F-97C542162A41}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe

C:\Users\Prochy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Logitech . Registrace produktu.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-06 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-06-17 68376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2011-08-08 16:10:47 ----D---- C:\Program Files\trend micro
2011-08-08 16:10:46 ----D---- C:\rsit
2011-08-07 15:22:52 ----D---- C:\Program Files (x86)\Riot Games
2011-08-07 14:29:45 ----D---- C:\Program Files (x86)\PokerStars.FR
2011-08-07 14:01:04 ----D---- C:\Program Files (x86)\xRay
2011-08-06 15:47:24 ----D---- C:\Users\Prochy\AppData\Roaming\gtk-2.0
2011-08-06 15:36:00 ----D---- C:\Program Files (x86)\GIMP-2.0
2011-08-02 23:15:15 ----A---- C:\Users\Prochy\AppData\Roaming\room_v3.dat
2011-08-02 21:17:46 ----D---- C:\Program Files (x86)\Garena
2011-08-02 17:44:07 ----A---- C:\Windows\War3Unin.pif
2011-08-02 17:44:07 ----A---- C:\Windows\War3Unin.dat
2011-08-02 17:44:06 ----A---- C:\Windows\War3Unin.exe
2011-08-02 17:43:08 ----D---- C:\Program Files (x86)\Warcraft 3
2011-08-02 12:41:38 ----D---- C:\Users\Prochy\AppData\Roaming\LolClient
2011-08-02 00:50:03 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2011-08-02 00:50:03 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2011-08-02 00:50:02 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2011-08-02 00:50:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2011-08-02 00:50:01 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2011-08-01 21:29:19 ----D---- C:\Program Files\Vtipálci - Kancelářská krysa
2011-08-01 20:09:47 ----D---- C:\ProgramData\PMB Files
2011-08-01 20:08:33 ----D---- C:\Program Files (x86)\Pando Networks
2011-08-01 10:33:24 ----SHD---- C:\Config.Msi
2011-08-01 10:32:12 ----D---- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2011-08-01 02:16:56 ----D---- C:\Users\Prochy\AppData\Roaming\Intel Corporation
2011-08-01 02:01:46 ----A---- C:\Windows\system32\drivers\btwrchid.sys
2011-08-01 02:01:46 ----A---- C:\Windows\system32\drivers\btwl2cap.sys
2011-08-01 02:01:46 ----A---- C:\Windows\system32\drivers\btwavdt.sys
2011-08-01 02:01:46 ----A---- C:\Windows\system32\drivers\btwaudio.sys
2011-08-01 02:00:53 ----D---- C:\Program Files\WIDCOMM
2011-08-01 02:00:39 ----D---- C:\Program Files\DIFX
2011-08-01 01:58:34 ----A---- C:\Windows\SYSWOW64\log.txt
2011-08-01 01:57:40 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2011-08-01 01:55:32 ----D---- C:\Program Files (x86)\Realtek
2011-08-01 01:55:32 ----A---- C:\Windows\system32\drivers\rtsuvc.sys
2011-08-01 01:55:32 ----A---- C:\Windows\RtsUvcUninst64.exe
2011-08-01 01:55:28 ----A---- C:\Windows\SYSWOW64\sigfile.exe
2011-07-31 23:37:51 ----A---- C:\Windows\system32\athihvs.dll
2011-07-31 23:36:43 ----D---- C:\Users\Prochy\AppData\Roaming\InstallShield
2011-07-31 23:35:39 ----A---- C:\Windows\system32\drivers\iaStor.sys
2011-07-31 23:34:45 ----N---- C:\Windows\system32\stapi64.dll
2011-07-31 23:34:30 ----A---- C:\Windows\system32\AESTEC64.dll
2011-07-31 23:34:30 ----A---- C:\Windows\system32\AESTAR64.dll
2011-07-31 23:34:30 ----A---- C:\Windows\system32\AESTAC64.dll
2011-07-31 23:34:27 ----A---- C:\Windows\system32\stlang64.dll
2011-07-31 23:34:27 ----A---- C:\Windows\system32\AESTCo64.dll
2011-07-31 23:34:27 ----A---- C:\Windows\sttray64.exe
2011-07-31 23:33:06 ----A---- C:\Windows\system32\staco64.dll
2011-07-31 23:33:05 ----A---- C:\Windows\system32\drivers\stwrt64.sys
2011-07-31 23:33:02 ----A---- C:\Windows\system32\stcplx64.dll
2011-07-31 23:33:01 ----A---- C:\Windows\system32\stapo64.dll
2011-07-31 23:32:41 ----D---- C:\Program Files\IDT
2011-07-31 23:31:29 ----D---- C:\Windows\system32\nn-NO
2011-07-31 23:31:29 ----D---- C:\Windows\Options
2011-07-31 23:31:29 ----A---- C:\Windows\system32\drivers\athrx.sys
2011-07-31 23:31:28 ----A---- C:\Windows\system32\athihvui.dll
2011-07-31 23:31:13 ----D---- C:\Program Files (x86)\Cisco
2011-07-31 23:31:13 ----D---- C:\Program Files (x86)\Atheros
2011-07-31 23:30:33 ----D---- C:\ProgramData\Atheros
2011-07-31 23:28:34 ----A---- C:\Windows\SYSWOW64\HPWA.ini
2011-07-31 23:28:34 ----A---- C:\Windows\system32\HPWA.ini
2011-07-31 23:25:16 ----A---- C:\Windows\SYSWOW64\HPPA.ini
2011-07-31 23:25:16 ----A---- C:\Windows\system32\HPPA.ini
2011-07-31 23:22:57 ----D---- C:\system.sav
2011-07-31 23:22:11 ----D---- C:\Windows\Hewlett-Packard
2011-07-31 23:21:30 ----A---- C:\Windows\SYSWOW64\VBAR332.DLL
2011-07-31 23:21:30 ----A---- C:\Windows\SYSWOW64\MSRD2X35.DLL
2011-07-31 23:21:30 ----A---- C:\Windows\SYSWOW64\MSJTER35.DLL
2011-07-31 23:21:30 ----A---- C:\Windows\SYSWOW64\MSJINT35.DLL
2011-07-31 23:21:30 ----A---- C:\Windows\SYSWOW64\MSJET35.DLL
2011-07-31 21:30:46 ----D---- C:\ProgramData\HPQLOG
2011-07-31 21:29:58 ----D---- C:\Windows\DPDrv
2011-07-31 21:29:44 ----D---- C:\ProgramData\Macrovision
2011-07-31 20:29:36 ----D---- C:\ProgramData\HP
2011-07-31 20:24:19 ----D---- C:\ProgramData\Hewlett-Packard
2011-07-31 20:22:45 ----D---- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
2011-07-31 20:17:50 ----D---- C:\SWSetup
2011-07-31 11:35:50 ----D---- C:\Program Files (x86)\Call of Duty
2011-07-31 01:32:00 ----D---- C:\Program Files (x86)\Counter Dalsi
2011-07-31 01:02:13 ----D---- C:\Program Files (x86)\Warcraft III
2011-07-29 10:03:14 ----D---- C:\Program Files (x86)\JoWooD
2011-07-26 20:47:47 ----D---- C:\Users\Prochy\AppData\Roaming\Bullzip
2011-07-26 20:47:39 ----A---- C:\Windows\SYSWOW64\bzDCT.dll
2011-07-26 20:47:38 ----D---- C:\Program Files (x86)\Bullzip
2011-07-26 13:46:10 ----A---- C:\Windows\system32\drivers\LNonPnP.sys
2011-07-26 13:44:47 ----D---- C:\ProgramData\Logishrd
2011-07-26 13:44:45 ----D---- C:\Program Files\Logitech
2011-07-26 13:44:09 ----D---- C:\Program Files\Common Files\Logishrd
2011-07-26 13:38:53 ----D---- C:\Users\Prochy\AppData\Roaming\Logitech
2011-07-26 13:38:53 ----D---- C:\Users\Prochy\AppData\Roaming\Logishrd
2011-07-26 11:15:34 ----A---- C:\Sessions.txt
2011-07-26 11:12:52 ----D---- C:\Program Files (x86)\DBConvert
2011-07-25 21:30:20 ----D---- C:\Users\Prochy\AppData\Roaming\SQLyog
2011-07-25 20:59:51 ----D---- C:\Program Files (x86)\EMS
2011-07-25 20:54:30 ----D---- C:\Program Files (x86)\SQLyog Community
2011-07-25 19:30:39 ----AH---- C:\Windows\SYSWOW64\mlfcache.dat
2011-07-25 19:30:17 ----D---- C:\Users\Prochy\AppData\Roaming\Apple Computer
2011-07-25 19:30:01 ----D---- C:\ProgramData\Apple Computer
2011-07-25 19:30:01 ----D---- C:\Program Files (x86)\Safari
2011-07-25 19:28:04 ----D---- C:\ProgramData\Apple
2011-07-25 19:28:04 ----D---- C:\Program Files (x86)\Apple Software Update
2011-07-20 22:00:52 ----D---- C:\lm.dat
2011-07-20 18:24:33 ----D---- C:\Program Files (x86)\Core Services
2011-07-20 16:11:01 ----D---- C:\Users\Prochy\AppData\Roaming\HateML
2011-07-20 15:53:56 ----D---- C:\Program Files (x86)\FileHippo.com
2011-07-19 13:04:22 ----D---- C:\Program Files (x86)\Centauri
2011-07-19 12:08:22 ----D---- C:\Users\Prochy\AppData\Roaming\SumatraPDF
2011-07-19 12:01:13 ----D---- C:\Program Files\Miranda
2011-07-19 11:55:20 ----D---- C:\Users\Prochy\AppData\Roaming\XnView
2011-07-19 11:52:01 ----D---- C:\Users\Prochy\AppData\Roaming\HEXelon
2011-07-19 11:50:46 ----D---- C:\Program Files (x86)\TC UP
2011-07-18 17:26:49 ----D---- C:\Program Files (x86)\BIMP 1.45
2011-07-17 22:19:54 ----D---- C:\ProgramData\phpDesigner
2011-07-17 22:14:05 ----D---- C:\Users\Prochy\AppData\Roaming\phpDesigner
2011-07-17 22:13:55 ----D---- C:\Program Files (x86)\phpDesigner 7
2011-07-17 15:28:54 ----D---- C:\Users\Prochy\AppData\Roaming\SUPERAntiSpyware.com
2011-07-17 15:28:54 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-07-17 15:23:27 ----D---- C:\ProgramData\!SASCORE
2011-07-17 15:23:22 ----D---- C:\Program Files\SUPERAntiSpyware
2011-07-16 03:00:34 ----D---- C:\Program Files (x86)\MSXML 4.0
2011-07-13 15:16:16 ----D---- C:\Windows\SYSWOW64\Shared Memory
2011-07-13 08:54:08 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 08:54:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 08:54:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 08:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 08:54:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 08:54:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-13 08:54:04 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 08:54:04 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 08:54:04 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 08:53:59 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-13 08:53:59 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-13 08:53:56 ----A---- C:\Windows\system32\win32k.sys
2011-07-13 08:53:54 ----A---- C:\Windows\system32\wow64win.dll
2011-07-13 08:53:54 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 08:53:54 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 08:53:54 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 08:53:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-07-13 08:53:53 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-07-13 08:53:53 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-07-13 08:53:53 ----A---- C:\Windows\system32\wow64cpu.dll
2011-07-13 08:53:53 ----A---- C:\Windows\system32\wow64.dll
2011-07-13 08:53:53 ----A---- C:\Windows\system32\ntvdm64.dll
2011-07-13 08:53:52 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-07-13 08:53:52 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-07-13 08:53:50 ----A---- C:\Windows\SYSWOW64\user.exe
2011-07-10 13:41:51 ----A---- C:\Windows\SYSWOW64\CmdLineExt.dll

======List of files/folders modified in the last 1 month======

2011-08-08 16:40:49 ----D---- C:\Windows\Temp
2011-08-08 16:40:19 ----SHD---- C:\Windows\Installer
2011-08-08 16:39:44 ----RSD---- C:\Windows\assembly
2011-08-08 16:38:43 ----D---- C:\Windows\Microsoft.NET
2011-08-08 16:35:36 ----RD---- C:\Program Files (x86)
2011-08-08 16:35:36 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-08-08 16:35:22 ----SHD---- C:\System Volume Information
2011-08-08 16:31:30 ----SD---- C:\ProgramData\Microsoft
2011-08-08 16:31:04 ----D---- C:\Windows\SysWOW64
2011-08-08 16:30:41 ----D---- C:\Program Files (x86)\Common Files
2011-08-08 16:30:40 ----D---- C:\Windows\SYSWOW64\1033
2011-08-08 16:26:43 ----D---- C:\Program Files\MSBuild
2011-08-08 16:26:35 ----HD---- C:\ProgramData
2011-08-08 16:25:22 ----D---- C:\Windows\system32\config
2011-08-08 16:25:16 ----D---- C:\Windows\winsxs
2011-08-08 16:19:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-08-08 16:14:45 ----D---- C:\ProgramData\Microsoft Help
2011-08-08 16:13:41 ----RD---- C:\Program Files
2011-08-08 16:12:47 ----RSD---- C:\Windows\Fonts
2011-08-08 16:12:31 ----D---- C:\Windows\ShellNew
2011-08-08 16:12:30 ----D---- C:\Program Files (x86)\MSBuild
2011-08-08 16:12:27 ----D---- C:\Windows\System32
2011-08-08 16:12:27 ----D---- C:\Program Files\Common Files
2011-08-08 16:10:57 ----A---- C:\Windows\win.ini
2011-08-08 16:04:29 ----D---- C:\Program Files (x86)\Steam
2011-08-08 16:03:45 ----D---- C:\Windows\Prefetch
2011-08-08 16:03:21 ----D---- C:\Program Files (x86)\QIP 2010
2011-08-08 16:02:54 ----D---- C:\Windows
2011-08-08 16:02:54 ----A---- C:\Windows\pxisys.ini
2011-08-08 16:02:54 ----A---- C:\Windows\pxiesys.ini
2011-08-08 11:29:24 ----D---- C:\Program Files (x86)\FreeRapid-0.85upd1-build566
2011-08-07 15:23:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-08-07 14:12:31 ----D---- C:\Users\Prochy\AppData\Roaming\vlc
2011-08-03 11:10:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-02 12:27:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-02 12:27:18 ----D---- C:\Windows\inf
2011-08-02 00:49:51 ----D---- C:\Windows\Logs
2011-08-01 10:37:23 ----D---- C:\Windows\Help
2011-08-01 10:33:36 ----D---- C:\Program Files (x86)\Hewlett-Packard
2011-08-01 10:20:17 ----D---- C:\Users\Prochy\AppData\Roaming\Hewlett-Packard
2011-08-01 02:31:03 ----D---- C:\Users\Prochy\AppData\Roaming\hpqLog
2011-08-01 02:15:57 ----D---- C:\Users\Prochy\AppData\Roaming\DigitalPersona
2011-08-01 02:12:41 ----D---- C:\Windows\system32\catroot
2011-08-01 02:03:11 ----D---- C:\Windows\system32\drivers
2011-08-01 02:02:05 ----D---- C:\Windows\system32\DriverStore
2011-08-01 02:01:17 ----SD---- C:\Windows\system32\Microsoft
2011-08-01 01:57:46 ----D---- C:\Program Files (x86)\Intel
2011-08-01 01:56:43 ----D---- C:\Windows\system32\catroot2
2011-08-01 01:56:32 ----D---- C:\Windows\twain_32
2011-08-01 00:38:10 ----D---- C:\Users\Prochy\AppData\Roaming\Adobe
2011-07-31 23:37:51 ----D---- C:\Windows\system32\zh-TW
2011-07-31 23:37:51 ----D---- C:\Windows\system32\zh-CN
2011-07-31 23:37:51 ----D---- C:\Windows\system32\tr-TR
2011-07-31 23:37:51 ----D---- C:\Windows\system32\sv-SE
2011-07-31 23:37:51 ----D---- C:\Windows\system32\ru-RU
2011-07-31 23:37:51 ----D---- C:\Windows\system32\pt-PT
2011-07-31 23:37:51 ----D---- C:\Windows\system32\pl-PL
2011-07-31 23:37:51 ----D---- C:\Windows\system32\nl-NL
2011-07-31 23:37:51 ----D---- C:\Windows\system32\ko-KR
2011-07-31 23:37:51 ----D---- C:\Windows\system32\ja-JP
2011-07-31 23:37:51 ----D---- C:\Windows\system32\it-IT
2011-07-31 23:37:51 ----D---- C:\Windows\system32\hu-HU
2011-07-31 23:37:51 ----D---- C:\Windows\system32\fr-FR
2011-07-31 23:37:51 ----D---- C:\Windows\system32\fi-FI
2011-07-31 23:37:51 ----D---- C:\Windows\system32\es-ES
2011-07-31 23:37:51 ----D---- C:\Windows\system32\en-US
2011-07-31 23:37:51 ----D---- C:\Windows\system32\el-GR
2011-07-31 23:37:51 ----D---- C:\Windows\system32\de-DE
2011-07-31 23:37:51 ----D---- C:\Windows\system32\da-DK
2011-07-31 23:37:51 ----D---- C:\Windows\system32\cs-CZ
2011-07-31 23:28:32 ----D---- C:\Program Files\Hewlett-Packard
2011-07-31 23:23:00 ----D---- C:\Windows\SYSWOW64\drivers
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\zh-Hant
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\zh-Hans
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\pt-BR
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\ko
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\ja
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\it
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\fr
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\es
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\en-US
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\de
2011-07-31 21:30:08 ----D---- C:\Windows\SYSWOW64\cs
2011-07-31 21:30:08 ----D---- C:\Windows\system32\zh-Hant
2011-07-31 21:30:08 ----D---- C:\Windows\system32\zh-Hans
2011-07-31 21:30:08 ----D---- C:\Windows\system32\pt-BR
2011-07-31 21:30:08 ----D---- C:\Windows\system32\ko
2011-07-31 21:30:08 ----D---- C:\Windows\system32\ja
2011-07-31 21:30:08 ----D---- C:\Windows\system32\it
2011-07-31 21:30:08 ----D---- C:\Windows\system32\fr
2011-07-31 21:30:08 ----D---- C:\Windows\system32\es
2011-07-31 21:30:08 ----D---- C:\Windows\system32\de
2011-07-31 21:30:08 ----D---- C:\Windows\system32\cs
2011-07-31 20:25:57 ----D---- C:\Windows\system32\Tasks
2011-07-31 20:17:26 ----D---- C:\Users\Prochy\AppData\Roaming\uTorrent
2011-07-31 13:11:28 ----D---- C:\Program Files\Microsoft Security Client
2011-07-31 03:01:43 ----D---- C:\Program Files (x86)\Microsoft Security Client
2011-07-31 03:01:22 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-07-17 14:09:27 ----D---- C:\Windows\debug
2011-07-14 13:31:29 ----D---- C:\Windows\AppPatch
2011-07-14 09:09:58 ----A---- C:\Windows\system32\MRT.exe
2011-07-13 14:49:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-07-13 14:49:57 ----D---- C:\Windows\system32\wbem
2011-07-13 14:49:57 ----D---- C:\Windows\system32\drivers\etc
2011-07-10 12:56:36 ----D---- C:\Program Files (x86)\Eidos

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-07-31 540696]
R0 NIPALK;NIPALK; C:\Windows\System32\drivers\nipalk.sys [2007-07-18 538712]
R0 nipbcfk;National Instruments Class Upper Filter Driver; C:\Windows\System32\drivers\nipbcfk.sys [2007-07-10 16472]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-02-01 56648]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-02-01 15688]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2011-03-28 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-03-28 513080]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2011-03-28 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2011-03-28 970336]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver; \??\C:\Windows\system32\drivers\VSPE.sys [2011-06-27 40928]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-02-01 58184]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-12 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2011-04-08 86584]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2009-09-21 71040]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2009-08-20 130816]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2009-03-13 318464]
R2 nipxirmk;NI PXI Resource Manager; \??\C:\Windows\system32\drivers\nipxirmkl.sys [2007-02-22 12064]
R2 NiViPxiK;NI-VISA PXI Driver; C:\Windows\System32\drivers\NiViPxiKl.sys [2007-07-19 11872]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-04-20 75248]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2011-03-28 285280]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-08-01 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-08-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-08-01 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-08-01 21160]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-08-01 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-06-02 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-06 12264384]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 66840]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 60184]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-04-30 42776]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 nidimk;nidimk; \??\C:\Windows\system32\drivers\nidimkl.sys [2007-07-12 11872]
R3 nimdbgk;nimdbgk; \??\C:\Windows\system32\drivers\nimdbgkl.sys [2007-07-12 11872]
R3 nimru2k;nimru2k; \??\C:\Windows\system32\drivers\nimru2kl.sys [2007-07-24 11872]
R3 nimstsk;nimstsk; \??\C:\Windows\system32\drivers\nimstskl.sys [2007-07-13 11872]
R3 nimxdfk;nimxdfk; \??\C:\Windows\system32\drivers\nimxdfkl.sys [2007-07-12 11856]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\Windows\system32\DRIVERS\rtsuvc.sys [2011-08-01 96384]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-07-31 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S2 cvintdrv;cvintdrv; C:\Windows\system32\drivers\cvintdrv.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2010-03-08 40760]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 GIVEIO;GIVEIO; \??\C:\Windows\SYSTEM32\DRIVERS\GIVEIO.SYS []
S3 lvalarmk;lvalarmk; \??\C:\Windows\system32\drivers\lvalarmk.sys [2007-01-11 20768]
S3 ni1006k;NI PXI-1006 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1006k.sys [2007-02-22 28448]
S3 ni1045k;NI PXI-1045 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1045kl.sys [2007-02-22 12064]
S3 ni1065k;NI PXI-1065 Chassis Pilot; \??\C:\Windows\system32\drivers\ni1065k.sys [2007-05-25 24920]
S3 ni488lock;NI-488.2 Locking Service; \??\C:\Windows\system32\drivers\ni488lock.sys [2007-02-26 17696]
S3 nicdrk;nicdrk; \??\C:\Windows\system32\drivers\nicdrkl.sys [2007-07-15 11864]
S3 nidmxfk;nidmxfk; \??\C:\Windows\system32\drivers\nidmxfkl.sys [2007-07-13 11848]
S3 nidsark;nidsark; \??\C:\Windows\system32\drivers\nidsarkl.sys [2007-07-19 11856]
S3 niemrk;niemrk; \??\C:\Windows\system32\drivers\niemrkl.sys [2007-07-24 11848]
S3 niesrk;niesrk; \??\C:\Windows\system32\drivers\niesrkl.sys [2007-07-24 11848]
S3 nifslk;nifslk; \??\C:\Windows\system32\drivers\nifslkl.sys [2007-07-15 11864]
S3 nimsdrk;nimsdrk; \??\C:\Windows\system32\drivers\nimsdrkl.sys [2007-07-18 11904]
S3 nimslk;nimslk; \??\C:\Windows\system32\drivers\nimslk.dll []
S3 nimsrlk;nimsrlk; \??\C:\Windows\system32\drivers\nimsrlk.dll []
S3 nimxpk;nimxpk; \??\C:\Windows\system32\drivers\nimxpkl.sys [2007-07-13 11880]
S3 ninshsdk;ninshsdk; \??\C:\Windows\system32\drivers\ninshsdkl.sys [2007-07-19 11872]
S3 niorbk;niorbk; \??\C:\Windows\system32\drivers\niorbkl.sys [2007-07-12 11856]
S3 nipalfwedl;nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [2007-07-18 12928]
S3 nipalusbedl;nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [2007-07-18 12920]
S3 nipxigpk;NI PXI Generic Chassis Pilot; \??\C:\Windows\system32\drivers\nipxigpk.sys [2007-02-22 22304]
S3 niscdk;niscdk; \??\C:\Windows\system32\drivers\niscdkl.sys [2007-07-19 11888]
S3 nisdigk;nisdigk; \??\C:\Windows\system32\drivers\nisdigkl.sys [2007-07-17 11864]
S3 nisftk;nisftk; \??\C:\Windows\system32\drivers\nisftkl.sys [2007-07-16 11856]
S3 nispdk;nispdk; \??\C:\Windows\system32\drivers\nispdkl.sys [2007-07-19 11888]
S3 nissrk;nissrk; \??\C:\Windows\system32\drivers\nissrkl.sys [2007-07-24 11848]
S3 nistc2k;nistc2k; \??\C:\Windows\system32\drivers\nistc2kl.sys [2007-07-15 11824]
S3 nistcrk;nistcrk; \??\C:\Windows\system32\drivers\nistcrkl.sys [2007-07-15 11872]
S3 niswdk;niswdk; \??\C:\Windows\system32\drivers\niswdkl.sys [2007-07-17 11848]
S3 nitiork;nitiork; \??\C:\Windows\system32\drivers\nitiorkl.sys [2007-07-18 11872]
S3 NiViFWK;NI-VISA FireWire Driver; C:\Windows\System32\drivers\NiViFWKl.sys [2007-07-19 11896]
S3 NiViPciK;NI-VISA PCI Driver; C:\Windows\System32\drivers\NiViPciKl.sys [2007-07-19 11872]
S3 niwfrk;niwfrk; \??\C:\Windows\system32\drivers\niwfrkl.sys [2007-07-24 11848]
S3 nixsrk;nixsrk; \??\C:\Windows\system32\drivers\nixsrkl.sys [2007-07-24 11848]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-12-17 1112664]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2011-07-31 89600]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-03-28 3246040]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-04-20 83240]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-03-31 70952]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-03-31 312616]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2010-01-22 462088]
R2 ENI Server;ENI Server; C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [2009-01-20 651264]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2009-12-16 3750400]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-08-23 103992]
R2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-01 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-11 297984]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-07-31 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\SysWOW64\lkads.exe [2009-06-18 42544]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2009-06-18 53296]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-01 268824]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 mxssvr;NI Configuration Manager; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [2007-03-08 12696]
R2 ni488enumsvc;NI-488.2 Enumeration Service; C:\Windows\SysWOW64\nipalsm.exe [2007-02-16 12696]
R2 nidevldu;NI Device Loader; C:\Windows\SysWOW64\nipalsm.exe [2007-02-16 12696]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2009-06-18 356912]
R2 nipxirmu;NI PXI Resource Manager; C:\Windows\SysWOW64\nipalsm.exe [2007-02-16 12696]
R2 niSvcLoc;NI Service Locator; C:\Windows\SysWOW64\nisvcloc.exe [2009-06-04 13896]
R2 NITaggerService;National Instruments Variable Engine; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [2007-07-23 609384]
R2 postgresql-8.4;PostgreSQL Server 8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w []
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2010-12-07 1294848]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2010-11-20 49664]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-07-31 271360]
R3 DEBridge;DEBridge; C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-02-01 704512]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-01-25 791608]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP ProtectTools; C:\Windows\SysWOW64\flcdlock.exe [2010-04-28 362040]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-30 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-03-30 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 359192]
S3 LkCitadelServer;Lookout Citadel Server; C:\Windows\SysWOW64\lkcitdl.exe [2008-10-31 695136]
S3 OpcEnum;OpcEnum; C:\Windows\SysWOW64\OpcEnum.exe [2007-05-09 98304]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NILM License Manager;NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2009-09-18 1007616]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte log z comboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[Prochy(cz)]

ComboFix 11-08-09.02 - Prochy 09.08.2011 23:00:13.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2934.1514 [GMT 2:00]
Spuštěný z: c:\users\Prochy\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Steam\Steam.exe
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-10 do 2011-08-10 )))))))))))))))))))))))))))))))
.
.
2011-08-10 08:15 . 2011-08-10 08:15 -------- d-----w- C:\ENI
2011-08-09 23:05 . 2011-08-09 23:05 -------- d-----w- c:\users\postgres\AppData\Local\temp
2011-08-09 12:48 . 2011-08-09 12:49 -------- d-----w- c:\program files (x86)\Warkeys
2011-08-08 16:11 . 2011-08-08 16:11 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-08-08 16:11 . 2011-08-08 16:11 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-08-08 16:09 . 2011-08-08 16:09 -------- d-----r- C:\MSOCache
2011-08-08 14:58 . 2011-08-08 14:58 -------- d-----w- c:\users\Prochy\AppData\Roaming\OpenOffice.org
2011-08-08 14:56 . 2011-08-08 15:54 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2011-08-08 14:55 . 2011-03-29 09:17 472808 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
2011-08-08 14:48 . 2011-08-08 14:48 -------- d-----w- C:\OpenOffice.org 3.3 (cs) Installation Files
2011-08-08 14:10 . 2011-08-09 19:47 -------- d-----w- c:\program files\trend micro
2011-08-08 14:10 . 2011-08-08 14:37 -------- d-----w- C:\rsit
2011-08-07 13:22 . 2011-08-07 13:23 -------- d-----w- c:\program files (x86)\Riot Games
2011-08-07 12:30 . 2011-08-09 10:55 -------- d-----w- c:\users\Prochy\AppData\Local\PokerStars.FR
2011-08-07 12:29 . 2011-08-07 12:53 -------- d-----w- c:\program files (x86)\PokerStars.FR
2011-08-07 12:01 . 2011-08-07 12:01 -------- d-----w- c:\program files (x86)\xRay
2011-08-06 13:47 . 2011-08-06 13:47 -------- d-----w- c:\users\Prochy\AppData\Roaming\gtk-2.0
2011-08-06 13:47 . 2011-08-07 12:07 -------- d-----w- c:\users\Prochy\.thumbnails
2011-08-06 13:45 . 2011-08-06 13:45 -------- d-----w- c:\program files (x86)\Common Files\GTK
2011-08-06 13:36 . 2011-08-06 17:57 -------- d-----w- c:\users\Prochy\.gimp-2.6
2011-08-06 13:36 . 2011-08-06 13:36 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-08-02 19:17 . 2011-08-09 13:24 -------- d-----w- c:\program files (x86)\Garena
2011-08-02 15:44 . 2011-08-02 15:46 2829 ----a-w- c:\windows\War3Unin.pif
2011-08-02 15:44 . 2011-08-02 15:46 139264 ----a-w- c:\windows\War3Unin.exe
2011-08-02 15:43 . 2011-08-09 20:50 -------- d-----w- c:\program files (x86)\Warcraft 3
2011-08-02 11:18 . 2011-08-08 17:31 -------- d-----w- c:\users\Prochy\riotsGamesLogs
2011-08-02 10:41 . 2011-08-02 10:41 -------- d-----w- c:\users\Prochy\AppData\Roaming\LolClient
2011-08-01 22:50 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2011-08-01 22:50 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2011-08-01 22:50 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2011-08-01 22:50 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2011-08-01 22:50 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-08-01 19:29 . 2011-08-01 19:34 -------- d-----w- c:\program files\Vtipálci - Kancelářská krysa
2011-08-01 18:09 . 2011-08-10 08:17 -------- d-----w- c:\users\Prochy\AppData\Local\PMB Files
2011-08-01 18:09 . 2011-08-08 18:17 -------- d-----w- c:\programdata\PMB Files
2011-08-01 18:08 . 2011-08-01 18:08 -------- d-----w- c:\program files (x86)\Pando Networks
2011-08-01 08:32 . 2011-08-01 08:32 -------- d-----w- c:\programdata\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2011-08-01 00:16 . 2011-08-01 00:16 -------- d-----w- c:\users\Prochy\AppData\Roaming\Intel Corporation
2011-08-01 00:15 . 2011-08-01 00:15 -------- d-----w- c:\users\Prochy\AppData\Local\DigitalPersona
2011-08-01 00:03 . 2011-08-01 00:03 -------- d-----w- c:\users\Prochy\AppData\Local\Broadcom
2011-08-01 00:01 . 2011-07-31 23:58 21160 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2011-08-01 00:01 . 2011-07-31 23:58 98344 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2011-08-01 00:01 . 2011-07-31 23:58 35104 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2011-08-01 00:01 . 2011-07-31 23:58 132648 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2011-08-01 00:00 . 2011-08-01 00:00 -------- d-----w- c:\program files\WIDCOMM
2011-08-01 00:00 . 2011-08-01 00:00 -------- d-----w- c:\program files\DIFX
2011-07-31 23:57 . 2011-07-31 23:57 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2011-07-31 23:57 . 2011-07-31 23:57 56344 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2011-07-31 23:55 . 2011-07-31 23:55 -------- d-----w- c:\program files (x86)\Realtek
2011-07-31 23:55 . 2011-07-31 23:55 96384 ----a-w- c:\windows\system32\drivers\rtsuvc.sys
2011-07-31 23:55 . 2011-07-31 23:55 493056 ----a-w- c:\windows\RtsUvcUninst64.exe
2011-07-31 23:55 . 2011-07-31 23:55 4096 ----a-w- c:\windows\SysWow64\sigfile.exe
2011-07-31 21:37 . 2010-02-02 12:47 439808 ----a-w- c:\windows\system32\athihvs.dll
2011-07-31 21:36 . 2011-07-31 21:36 -------- d-----w- c:\users\Prochy\AppData\Roaming\InstallShield
2011-07-31 21:35 . 2011-07-31 21:35 540696 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-07-31 21:34 . 2011-07-31 21:32 651264 ------w- c:\windows\system32\stapi64.dll
2011-07-31 21:34 . 2011-07-31 21:32 68608 ----a-w- c:\windows\system32\AESTAR64.dll
2011-07-31 21:34 . 2011-07-31 21:32 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2011-07-31 21:34 . 2011-07-31 21:32 162816 ----a-w- c:\windows\system32\AESTAC64.dll
2011-07-31 21:34 . 2011-07-31 21:32 489472 ----a-w- c:\windows\sttray64.exe
2011-07-31 21:34 . 2011-07-31 21:32 1952256 ----a-w- c:\windows\system32\stlang64.dll
2011-07-31 21:34 . 2011-07-31 21:32 12861952 ----a-w- c:\windows\system32\idtcpl64.cpl
2011-07-31 21:34 . 2011-07-31 21:32 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2011-07-31 21:33 . 2011-07-31 21:32 219648 ----a-w- c:\windows\system32\staco64.dll
2011-07-31 21:33 . 2011-07-31 21:32 515584 ----a-w- c:\windows\system32\drivers\stwrt64.sys
2011-07-31 21:33 . 2011-07-31 21:32 431616 ----a-w- c:\windows\system32\stcplx64.dll
2011-07-31 21:33 . 2011-07-31 21:32 1484288 ----a-w- c:\windows\system32\stapo64.dll
2011-07-31 21:32 . 2011-07-31 21:35 -------- d-----w- c:\program files\IDT
2011-07-31 21:31 . 2011-07-31 21:37 -------- d-----w- c:\windows\system32\nn-NO
2011-07-31 21:31 . 2011-07-31 21:31 -------- d-----w- c:\windows\Options
2011-07-31 21:31 . 2010-03-02 14:45 1594368 ----a-w- c:\windows\system32\drivers\athrx.sys
2011-07-31 21:31 . 2010-02-02 12:48 60416 ----a-w- c:\windows\system32\athihvui.dll
2011-07-31 21:31 . 2011-07-31 21:37 -------- d-----w- c:\program files (x86)\Atheros
2011-07-31 21:31 . 2011-07-31 21:31 -------- d-----w- c:\program files (x86)\Cisco
2011-07-31 21:30 . 2011-07-31 21:32 -------- d-----w- c:\programdata\Atheros
2011-07-31 21:22 . 2011-07-31 21:22 -------- d-----w- C:\system.sav
2011-07-31 21:22 . 2011-07-31 21:22 -------- d-----w- c:\program files (x86)\Common Files\LightScribe
2011-07-31 21:22 . 2011-07-31 21:23 -------- d-----w- c:\windows\Hewlett-Packard
2011-07-31 21:21 . 2011-07-31 21:21 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2011-07-31 21:21 . 2011-07-31 21:21 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL
2011-07-31 21:21 . 2011-07-31 21:21 582144 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\DAO350.DLL
2011-07-31 21:21 . 2011-07-31 21:21 368912 ----a-w- c:\windows\SysWow64\VBAR332.DLL
2011-07-31 21:21 . 2011-07-31 21:21 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2011-07-31 21:21 . 2011-07-31 21:21 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2011-07-31 19:30 . 2011-07-31 19:30 -------- d-----w- c:\users\Prochy\AppData\Local\Programs
2011-07-31 19:29 . 2011-07-31 19:29 -------- d-----w- c:\windows\DPDrv
2011-07-31 19:29 . 2011-07-31 19:29 -------- d-----w- c:\programdata\Macrovision
2011-07-31 18:29 . 2011-07-31 18:29 -------- d-----w- c:\programdata\HP
2011-07-31 18:27 . 2011-07-31 18:27 -------- d-----w- c:\users\Prochy\AppData\Local\Hewlett-Packard
2011-07-31 18:24 . 2011-08-01 08:20 -------- d-----w- c:\programdata\Hewlett-Packard
2011-07-31 18:22 . 2011-07-31 18:22 -------- d-----w- c:\programdata\{23D58E70-3B83-4B83-A227-68770F84F5EC}
2011-07-31 18:17 . 2011-08-01 08:30 -------- d-----w- C:\SWSetup
2011-07-31 09:35 . 2011-07-31 23:57 -------- d-----w- c:\program files (x86)\Call of Duty
2011-07-31 01:00 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-07-30 23:32 . 2011-07-30 23:32 -------- d-----w- c:\program files (x86)\Counter Dalsi
2011-07-30 23:02 . 2011-08-02 11:43 -------- d-----w- c:\program files (x86)\Warcraft III
2011-07-29 08:03 . 2011-07-29 08:03 -------- d-----w- c:\program files (x86)\JoWooD
2011-07-26 18:47 . 2011-07-26 18:47 -------- d-----w- c:\users\Prochy\AppData\Roaming\Bullzip
2011-07-26 18:47 . 2008-07-09 21:19 103424 ----a-w- c:\windows\SysWow64\bzDCT.dll
2011-07-26 18:47 . 2011-07-26 18:47 -------- d-----w- c:\program files (x86)\Bullzip
2011-07-26 11:46 . 2011-07-26 11:46 53248 ----a-r- c:\users\Prochy\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-07-26 11:46 . 2011-07-26 11:46 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2011-07-26 11:46 . 2011-07-26 11:46 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-07-26 11:44 . 2011-07-26 11:47 -------- d-----w- c:\programdata\Logishrd
2011-07-26 11:44 . 2011-07-26 11:45 -------- d-----w- c:\program files\Logitech
2011-07-26 11:44 . 2011-07-26 11:46 -------- d-----w- c:\program files\Common Files\Logishrd
2011-07-26 11:38 . 2011-07-26 11:47 -------- d-----w- c:\users\Prochy\AppData\Roaming\Logitech
2011-07-26 11:38 . 2011-07-26 11:39 -------- d-----w- c:\users\Prochy\AppData\Roaming\Logishrd
2011-07-26 09:12 . 2011-07-26 09:12 -------- d-----w- c:\program files (x86)\DBConvert
2011-07-25 19:30 . 2011-07-25 19:33 -------- d-----w- c:\users\Prochy\AppData\Roaming\SQLyog
2011-07-25 18:59 . 2011-07-25 18:59 -------- d-----w- c:\program files (x86)\EMS
2011-07-25 18:54 . 2011-07-25 18:54 -------- d-----w- c:\program files (x86)\SQLyog Community
2011-07-25 17:30 . 2011-07-25 17:30 -------- d-----w- c:\users\Prochy\AppData\Local\Apple Computer
2011-07-25 17:30 . 2011-07-25 17:31 -------- d-----w- c:\users\Prochy\AppData\Roaming\Apple Computer
2011-07-25 17:30 . 2011-07-25 17:30 -------- d-----w- c:\program files (x86)\Safari
2011-07-25 17:30 . 2011-07-25 17:30 -------- d-----w- c:\programdata\Apple Computer
2011-07-25 17:28 . 2011-07-25 17:28 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-07-25 17:28 . 2011-07-25 17:28 -------- d-----w- c:\users\Prochy\AppData\Local\Apple
2011-07-25 17:28 . 2011-07-25 17:28 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-07-25 17:28 . 2011-07-25 17:28 -------- d-----w- c:\programdata\Apple
2011-07-25 17:02 . 2011-07-25 17:02 -------- d-----w- c:\users\Prochy\AppData\Local\Google
2011-07-20 20:00 . 2011-07-24 12:17 -------- d-----w- C:\lm.dat
2011-07-20 16:24 . 2011-07-20 16:24 -------- d-----w- c:\program files (x86)\Core Services
2011-07-20 14:11 . 2011-07-20 14:11 -------- d-----w- c:\users\Prochy\AppData\Roaming\HateML
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-08 16:39 . 2011-03-30 08:01 78848 ----a-w- c:\windows\KMSEmulator.exe
2011-07-13 04:53 . 2011-03-28 15:02 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-10 11:41 . 2011-07-10 11:41 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2011-06-27 18:15 . 2011-06-27 18:15 40928 ----a-w- c:\windows\system32\drivers\VSPE.sys
2011-06-22 07:27 . 2011-05-25 13:57 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-06-18 17:30 . 2011-05-31 07:16 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-12 13:27 . 2011-06-02 21:46 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-06-12 13:27 . 2011-06-02 21:46 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-06-05 11:34 . 2011-06-05 11:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-06-05 11:34 . 2011-06-05 11:34 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-06-03 05:57 . 2011-07-13 06:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-24 11:42 . 2011-06-29 06:26 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-29 06:26 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 06:26 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 06:26 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 06:26 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-05-13 16:58 . 2011-05-13 16:58 17720 ----a-w- c:\windows\system32\HPMDPCoInst12.dll
2011-05-13 16:58 . 2011-05-13 16:58 30008 ----a-w- c:\windows\system32\drivers\hpdskflt.sys
2011-05-13 16:58 . 2011-05-13 16:58 30520 ----a-w- c:\windows\system32\hpservice.exe
2011-05-13 16:58 . 2011-05-13 16:58 20792 ----a-w- c:\windows\system32\accelerometerdll.DLL
2011-05-13 16:57 . 2011-05-13 16:57 43320 ----a-w- c:\windows\system32\drivers\Accelerometer.sys
2011-05-13 09:49 . 2011-05-13 09:49 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-05-13 09:49 . 2011-05-13 09:49 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-05-13 09:49 . 2011-05-13 09:49 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-13 09:49 . 2011-05-13 09:49 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-13 09:49 . 2011-05-13 09:49 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-05-13 09:49 . 2011-05-13 09:49 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-05-13 09:49 . 2011-05-13 09:49 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-05-13 09:49 . 2011-05-13 09:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-05-13 09:49 . 2011-05-13 09:49 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-05-13 09:49 . 2011-05-13 09:49 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-05-13 09:49 . 2011-05-13 09:49 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-05-13 09:49 . 2011-05-13 09:49 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-05-13 09:49 . 2011-05-13 09:49 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-05-13 09:49 . 2011-05-13 09:49 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-05-13 09:49 . 2011-05-13 09:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-05-13 09:49 . 2011-05-13 09:49 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-05-13 09:49 . 2011-05-13 09:49 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-05-13 09:49 . 2011-05-13 09:49 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-05-13 09:49 . 2011-05-13 09:49 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-05-13 09:49 . 2011-05-13 09:49 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-05-13 09:49 . 2011-05-13 09:49 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-05-13 09:49 . 2011-05-13 09:49 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-05-13 09:49 . 2011-05-13 09:49 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-05-13 09:49 . 2011-05-13 09:49 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-05-13 09:49 . 2011-05-13 09:49 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-05-13 09:49 . 2011-05-13 09:49 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-05-13 09:49 . 2011-05-13 09:49 448512 ----a-w- c:\windows\system32\html.iec
2011-05-13 09:49 . 2011-05-13 09:49 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-13 09:49 . 2011-05-13 09:49 222208 ----a-w- c:\windows\system32\msls31.dll
2011-05-13 09:49 . 2011-05-13 09:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-13 09:49 . 2011-05-13 09:49 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-05-13 09:49 . 2011-05-13 09:49 160256 ----a-w- c:\windows\system32\wextract.exe
2011-05-13 09:49 . 2011-05-13 09:49 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-13 09:49 . 2011-05-13 09:49 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-05-13 09:49 . 2011-05-13 09:49 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-05-13 09:49 . 2011-05-13 09:49 12288 ----a-w- c:\windows\system32\mshta.exe
2011-05-13 09:49 . 2011-05-13 09:49 114176 ----a-w- c:\windows\system32\admparse.dll
2011-05-13 09:49 . 2011-05-13 09:49 111616 ----a-w- c:\windows\system32\iesysprep.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"Infium"="c:\program files (x86)\QIP 2010\qip.exe" [2011-07-18 6812032]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AccelerometerSysTrayApplet"="c:\program files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe" [2009-09-02 75576]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2736128]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-08-01 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-10-01 256056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-16 2536752]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-12-17 5566176]
"SafeQ Client"="c:\program files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"NI Background Service"="c:\program files (x86)\National Instruments\Shared\Update Service\BackgroundService.exe" [2009-08-25 77824]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2011-04-08 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-07 40376]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"niDevMon"="c:\program files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe" [2007-07-14 106064]
"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-04-20 234792]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-12-11 11265536]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-07-31 284696]
.
c:\users\Prochy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Registrace produktu.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Scrybe.lnk - c:\windows\Installer\{5772FC28-D1DD-4D9D-8D7F-97C542162A41}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2011-5-25 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2010-04-28 08:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-08-23 103992]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 VICHW11;P&E BDM Cable Driver II;c:\windows\SYSTEM32\DRIVERS\VICHW11.SYS [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP ProtectTools;c:\windows\SysWOW64\flcdlock.exe [2010-04-28 362040]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-30 1038088]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [x]
R3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [x]
R3 ni1065k;NI PXI-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [x]
R3 ni488lock;NI-488.2 Locking Service;c:\windows\system32\drivers\ni488lock.sys [x]
R3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [x]
R3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [x]
R3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [x]
R3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [x]
R3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [x]
R3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [x]
R3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [x]
R3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [x]
R3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [x]
R3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [x]
R3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [x]
R3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [x]
R3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [x]
R3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [x]
R3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [x]
R3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [x]
R3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [x]
R3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [x]
R3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [x]
R3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [x]
R3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [x]
R3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWKl.sys [x]
R3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [x]
R3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [x]
R3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 usb6xxxk;usb6xxxk;c:\windows\system32\drivers\usb6xxxkl.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\System32\drivers\nipbcfk.sys [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x]
S1 EterlogicVirtualSerialDriver;EterlogicVirtualSerialDriver;c:\windows\system32\drivers\VSPE.sys [x]
S1 RsvLock;RsvLock; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-12 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/06/22 09:42];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-04-12 09:16 148976]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-07-31 89600]
S2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-03-28 3246040]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-04-20 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-03-31 70952]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-03-31 312616]
S2 ENI Server;ENI Server;c:\program files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [2009-01-20 651264]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-01 281192]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-11 297984]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-07-31 13336]
S2 ni488enumsvc;NI-488.2 Enumeration Service;c:\windows\SysWOW64\nipalsm.exe [2007-02-16 12696]
S2 nidevldu;NI Device Loader;c:\windows\SysWOW64\nipalsm.exe [2007-02-16 12696]
S2 nipxirmk;NI PXI Resource Manager;c:\windows\system32\drivers\nipxirmkl.sys [x]
S2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-04-20 75248]
S2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]
S2 ScrybeUpdater;Aktualizátor aplikace Scrybe;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2010-12-07 1294848]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-07-31 2320920]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-02-01 704512]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [x]
S3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [x]
S3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [x]
.
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{951e3721-5950-11e0-bed3-806e6f6e6963}]
\shell\AutoRun\command - J:\autoplay.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF24926.cfxxe" [X]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-06 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-06 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-06 418840]
"Služba Acronis Scheduler2"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-17 391144]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-08-23 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-07-31 489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files (x86)\PokerStars.FR\PokerStarsUpdate.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Prochy\AppData\Roaming\Mozilla\Firefox\Profiles\y667c8df.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\Steam.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Steam App 10 - c:\program files (x86)\Steam\steam.exe
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\hasplms.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\lkads.exe
c:\windows\SysWOW64\lktsrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\National Instruments\MAX\nimxs.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\SysWOW64\nisvcloc.exe
c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
c:\program files (x86)\Synaptics\Scrybe\scrybe.exe
.
**************************************************************************
.
Celkový čas: 2011-08-10 10:25:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-10 08:25
.
Před spuštěním: 6 194 737 152
Po spuštění: 2 436 886 528
.
- - End Of File - - 4190E626FE58FC3E1D7563D776842AD8

[Rudy]

Pár věcí CF smazal, zbytek logu vypadá čistý.

[Prochy(cz)]

Děkuji za váš čas a pomoc

[Rudy]

Nemáte zač!