Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2012-03-07 20:10:33
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 2 GB (5%) free of 50 GB
Total RAM: 8191 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:48, on 7.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Jirka\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VolPanel] "d:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] d:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C79A55E7-1FA5-4FD5-9E1C-FAFEFC95DBFA}: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - D:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14505 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e4
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Windows\System32\rundll32.exe" sbavmon.dll,SBAVMonitor
"D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Users\Jirka\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Users\Jirka\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe" -s
"C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe"
\??\C:\Windows\system32\conhost.exe "1467892741-1767100566-1484388029-86043577-6039659231646329609893248622090248977
"D:\ASUS.SYS\config\DVMExportService.exe"
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
WLIDSvcM.exe 2440
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"D:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun
KHALMNPR.EXE /API
"C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\WinMsgBalloonServer.exe"
\\.\pipe\raidxpertPipe1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --enable-print-preview --channel=4288.04F50700.553345609 /prefetch:3
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --enable-print-preview --channel=4288.04F508C0.971084991 /prefetch:3
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --enable-print-preview --channel=4288.04F50A80.382339088 /prefetch:3
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --enable-print-preview --channel=4288.04F50C40.1476959432 /prefetch:3
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=4288.05C381C0.755437405 /prefetch:3
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=4288.05C38700.1973632500 /prefetch:3
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll" --lang=cs --channel=4288.07401E10.803004424 /prefetch:4
C:\Windows\system32\rundll32.exe "C:\Users\Jirka\AppData\Local\Google\Chrome\APPLIC~1\17.0.963.66\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Jirka\AppData\Local\Google\Chrome\Application\17.0.963.66\gcswf32.dll" --lang=cs --channel=4288.073F9BE0.1057715154 --flash-broker=716 /prefetch:4
"C:\Users\Jirka\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderFromOmniboxHeuristic/ExactFullAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=4288.06061A80.1889054186 /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
taskhost.exe $(Arg0)
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-371625170-755913128-1498929702-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-371625170-755913128-1498929702-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/ig"
prefs.js - "extensions.enabledItems" - "{097d3191-e6fa-4728-9826-b533d755359d}:0.7.13, {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.10, firegestures@xuldev.org:1.6.5, {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.4, LogMeInClient@logmein.com:1.0.0.608, personas@christopher.beard:1.6.2, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.1, {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1, DTToolbar@toolbarnet.com:1.1.8.0191, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =302398&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13]
"Description"=15.0.1.13
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default\extensions\
DTToolbar@toolbarnet.com
LogMeInClient@logmein.com
personas@christopher.beard
{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default\searchplugins\
daemon-search.xml
qipsearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-29 425680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-05 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-05 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1744152]
"Creative SB Monitoring Utility"=RunDll32 sbavmon.dll,SBAVMonitor []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe [2012-03-06 741240]
"Google Update"=C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-05 136176]
"SpybotSD TeaTimer"=d:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-15 17146504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMDownloading your update...1285781003180]
c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe c:\programdata\corel\downloads\540215253_610005\1285781003180\dim_params.xml -Launch=3 -uibase=c:\users\jirka\appdata\roaming\corel\messages\540215253_610005\en\messagecache1\workflow []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\QIP Infium JadrisPack\infium.exe /autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2008-08-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-15 17146504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2010-09-14 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-29 296056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
C:\PROGRA~2\MAGICT~1\GAMMAT~1.EXE [2007-01-15 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe [2009-12-03 5724472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Game Alarm.lnk]
C:\Games\Game Alarm\gamealarm.exe [2010-12-20 19631104]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-29 296056]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-12-05 343168]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"VolPanel"=d:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [2010-02-18 241789]
"Module Loader"=C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [2007-07-23 57344]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 2252800]
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 68376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2012-03-07 20:10:34 ----D---- C:\Program Files\trend micro
2012-03-07 20:10:33 ----D---- C:\rsit
2012-03-06 20:48:10 ----A---- C:\Windows\sbwin.ini
2012-03-06 20:16:29 ----D---- C:\ProgramData\Creative
2012-03-06 20:13:12 ----HD---- C:\Program Files (x86)\Creative Installation Information
2012-03-06 20:12:42 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\system32\CmdRtr64.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\system32\APOMgr64.DLL
2012-03-06 20:12:19 ----A---- C:\Windows\system32\kschimp.ini
2012-03-06 20:12:11 ----A---- C:\Windows\SYSWOW64\KSVSPI32.dll
2012-03-06 20:12:11 ----A---- C:\Windows\SYSWOW64\KSAPO32.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\SBAVMon.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSWrap64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSVSPI64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSppld64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSPPCn64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KsDvInst.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSDGFX64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSAPO64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\JDetect.exe
2012-03-06 20:12:11 ----A---- C:\Windows\KSAIM64.exe
2012-03-06 20:12:11 ----A---- C:\ProgramData\cfSB1095.ini
2012-03-06 20:11:50 ----RA---- C:\Windows\SYSWOW64\tmpC601.tmp
2012-03-06 20:11:46 ----N---- C:\Windows\SYSWOW64\Sens_oal.dll
2012-03-06 20:11:46 ----N---- C:\Windows\system32\Sens_oal.dll
2012-03-06 20:11:39 ----D---- C:\Users\Jirka\AppData\Roaming\Creative
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\CTOPT399.dll
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\CTChkAud.dll
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\AddCat.exe
2012-03-06 20:11:32 ----N---- C:\Windows\system32\CTOPT399.dll
2012-03-06 20:11:32 ----N---- C:\Windows\system32\CTChkAud.dll
2012-03-06 20:11:32 ----N---- C:\Windows\system32\AddCat.exe
2012-03-06 20:11:27 ----N---- C:\Windows\Ctregrun.exe
2012-03-06 20:09:57 ----D---- C:\Program Files\Creative
2012-03-06 20:09:52 ----D---- C:\Program Files (x86)\Creative
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\java.exe
2012-03-01 17:18:37 ----D---- C:\Windows\system32\Macromed
2012-02-16 23:29:02 ----SHD---- C:\Windows\SYSWOW64\%APPDATA%
2012-02-16 17:51:58 ----A---- C:\Windows\system32\shell32.dll
2012-02-16 17:51:56 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-02-16 17:51:55 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-02-16 17:51:55 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-16 17:51:52 ----A---- C:\Windows\system32\win32k.sys
2012-02-16 17:51:40 ----A---- C:\Windows\system32\drivers\afd.sys
2012-02-16 17:51:38 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-02-16 17:51:38 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-16 17:51:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-02-16 17:51:33 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 17:51:31 ----A---- C:\Windows\system32\ieframe.dll
2012-02-16 17:51:30 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 17:51:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-02-16 17:51:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-02-16 17:51:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-02-16 17:51:27 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\msfeeds.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\url.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\url.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-02 19:17:53 ----D---- C:\ProgramData\ATI
2012-02-02 19:17:50 ----D---- C:\Program Files (x86)\AMD APP
2012-02-02 19:14:32 ----D---- C:\AMD
2012-01-31 18:46:28 ----A---- C:\Windows\system32\schannel.dll
2012-01-31 18:46:27 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-01-31 18:46:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-01-31 18:46:27 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-01-31 18:46:27 ----A---- C:\Windows\system32\webio.dll
2012-01-31 18:46:27 ----A---- C:\Windows\system32\sspicli.dll
2012-01-31 18:46:27 ----A---- C:\Windows\system32\secur32.dll
2012-01-31 18:46:27 ----A---- C:\Windows\system32\lsass.exe
2012-01-31 18:46:27 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-31 18:46:27 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-31 18:46:27 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-31 18:46:27 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-31 18:46:26 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-01-31 18:46:26 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-18 21:10:28 ----D---- C:\Users\Jirka\AppData\Roaming\wargaming.net
2012-01-18 20:41:46 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-01-18 20:41:46 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-01-18 20:41:46 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-01-18 20:41:45 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-01-18 20:41:45 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-01-18 20:41:45 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-01-18 20:41:44 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-01-18 20:41:44 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-01-12 17:44:44 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-12 17:44:44 ----A---- C:\Windows\system32\quartz.dll
2012-01-12 17:44:43 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-12 17:44:43 ----A---- C:\Windows\system32\qdvd.dll
2012-01-12 17:44:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-01-12 17:44:42 ----A---- C:\Windows\system32\jscript.dll
2012-01-12 17:44:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-12 17:44:41 ----A---- C:\Windows\system32\ntdll.dll
2012-01-12 17:44:40 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-12 17:44:40 ----A---- C:\Windows\system32\packager.dll
2012-01-09 19:14:50 ----D---- C:\Users\Jirka\AppData\Roaming\FastStone
2012-01-07 11:49:27 ----D---- C:\ProgramData\PMB Files
2012-01-07 11:49:08 ----D---- C:\Program Files (x86)\Pando Networks
2012-01-05 22:51:10 ----D---- C:\Program Files (x86)\Apple Software Update
2012-01-05 20:19:37 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2012-01-05 20:19:36 ----A---- C:\Windows\SYSWOW64\ativvsvl.dat
2012-01-05 20:19:36 ----A---- C:\Windows\SYSWOW64\ativvsva.dat
2012-01-05 20:19:36 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2012-01-05 20:19:36 ----A---- C:\Windows\system32\ativvsvl.dat
2012-01-05 20:19:36 ----A---- C:\Windows\system32\ativvsva.dat
2012-01-05 20:19:36 ----A---- C:\Windows\system32\atiumd6a.dll
2012-01-05 20:19:36 ----A---- C:\Windows\system32\atiumd64.dll
2012-01-05 20:19:36 ----A---- C:\Windows\system32\atiu9p64.dll
2012-01-05 20:19:36 ----A---- C:\Windows\system32\atipblag.dat
2012-01-02 20:05:54 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-12-29 13:02:02 ----RA---- C:\Windows\SYSWOW64\tmp3968.tmp
2011-12-29 13:02:02 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-12-29 13:02:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-12-29 13:02:01 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-12-29 13:02:01 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-12-29 13:02:01 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-12-29 13:02:01 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-12-29 13:02:01 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-12-29 13:02:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-12-29 12:59:28 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2011-12-29 12:59:16 ----A---- C:\Windows\SYSWOW64\pndx5032.dll
2011-12-29 12:59:16 ----A---- C:\Windows\SYSWOW64\pndx5016.dll
2011-12-29 12:59:15 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2011-12-29 12:10:01 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-29 12:10:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-12-29 12:04:50 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-12-29 12:04:50 ----A---- C:\Windows\system32\EncDec.dll
2011-12-29 12:04:45 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-12-29 12:04:45 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 3 months======
2012-03-07 20:10:34 ----RD---- C:\Program Files
2012-03-07 20:10:21 ----D---- C:\Windows\Temp
2012-03-07 20:03:21 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2012-03-07 19:56:43 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2012-03-07 18:57:16 ----D---- C:\Windows\system32\catroot2
2012-03-07 18:55:57 ----D---- C:\Program Files (x86)\SpeedFan
2012-03-07 18:54:52 ----D---- C:\Windows\system32\config
2012-03-06 20:53:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-06 20:48:10 ----D---- C:\Windows
2012-03-06 20:45:48 ----D---- C:\Windows\SysWOW64
2012-03-06 20:45:48 ----D---- C:\Windows\System32
2012-03-06 20:43:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-03-06 20:39:19 ----D---- C:\Windows\system32\drivers
2012-03-06 20:39:19 ----D---- C:\Windows\system32\catroot
2012-03-06 20:39:19 ----D---- C:\Windows\inf
2012-03-06 20:39:18 ----D---- C:\Windows\system32\DriverStore
2012-03-06 20:37:43 ----D---- C:\Windows\Prefetch
2012-03-06 20:19:44 ----D---- C:\Windows\Downloaded Program Files
2012-03-06 20:16:29 ----HD---- C:\ProgramData
2012-03-06 20:13:13 ----D---- C:\Program Files (x86)\Common Files
2012-03-06 20:13:12 ----RD---- C:\Program Files (x86)
2012-03-06 20:11:50 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-03-06 20:11:50 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-03-06 20:11:50 ----A---- C:\Windows\system32\wrap_oal.dll
2012-03-06 20:11:50 ----A---- C:\Windows\system32\OpenAL32.dll
2012-03-06 17:35:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-06 17:33:37 ----D---- C:\Users\Jirka\AppData\Roaming\Media Player Classic
2012-03-05 20:47:04 ----D---- C:\Users\Jirka\AppData\Roaming\Winamp
2012-03-05 20:07:51 ----SHD---- C:\Windows\Installer
2012-03-05 20:07:24 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-03-05 19:14:57 ----RSD---- C:\Windows\assembly
2012-03-05 18:54:27 ----D---- C:\Windows\debug
2012-03-05 18:41:22 ----D---- C:\Windows\system32\Tasks
2012-03-02 19:20:02 ----RD---- C:\Program Files (x86)\Skype
2012-03-02 19:19:57 ----D---- C:\ProgramData\Skype
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe
2012-02-21 17:22:56 ----D---- C:\Windows\Microsoft.NET
2012-02-20 17:21:11 ----D---- C:\Windows\winsxs
2012-02-20 17:18:53 ----D---- C:\Windows\SYSWOW64\migration
2012-02-20 17:18:53 ----D---- C:\Windows\system32\migration
2012-02-20 17:18:53 ----D---- C:\Program Files\Internet Explorer
2012-02-20 17:18:53 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-20 17:18:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-16 23:29:09 ----D---- C:\ProgramData\Microsoft Help
2012-02-16 23:27:39 ----A---- C:\Windows\system32\MRT.exe
2012-02-15 22:54:02 ----D---- C:\Windows\system32\NDF
2012-02-12 20:17:59 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2012-02-02 19:17:30 ----D---- C:\Program Files\ATI Technologies
2012-02-02 19:17:01 ----D---- C:\ProgramData\AMD
2012-01-24 18:15:25 ----D---- C:\Users\Jirka\AppData\Roaming\Mozilla
2012-01-12 20:16:33 ----D---- C:\Windows\ehome
2012-01-02 20:26:35 ----D---- C:\Windows\system32\drivers\etc
2011-12-29 17:21:02 ----D---- C:\Windows\rescache
2011-12-29 14:24:41 ----D---- C:\Program Files\Common Files\System
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\sl-SI
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\ro-RO
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\pt-BR
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\pl-PL
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\nb-NO
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\fr-FR
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\fi-FI
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\en-US
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\el-GR
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-12-29 14:15:09 ----D---- C:\Windows\SYSWOW64\ar-SA
2011-12-29 14:15:08 ----D---- C:\Windows\SYSWOW64\th-TH
2011-12-29 14:15:08 ----D---- C:\Windows\SYSWOW64\hu-HU
2011-12-29 14:15:08 ----D---- C:\Windows\system32\th-TH
2011-12-29 14:15:08 ----D---- C:\Windows\system32\sr-Latn-CS
2011-12-29 14:15:08 ----D---- C:\Windows\system32\sl-SI
2011-12-29 14:15:08 ----D---- C:\Windows\system32\sk-SK
2011-12-29 14:15:08 ----D---- C:\Windows\system32\ro-RO
2011-12-29 14:15:08 ----D---- C:\Windows\system32\pt-BR
2011-12-29 14:15:08 ----D---- C:\Windows\system32\pl-PL
2011-12-29 14:15:08 ----D---- C:\Windows\system32\nb-NO
2011-12-29 14:15:08 ----D---- C:\Windows\system32\hu-HU
2011-12-29 14:15:08 ----D---- C:\Windows\system32\fr-FR
2011-12-29 14:15:08 ----D---- C:\Windows\system32\fi-FI
2011-12-29 14:15:08 ----D---- C:\Windows\system32\en-US
2011-12-29 14:15:08 ----D---- C:\Windows\system32\el-GR
2011-12-29 14:15:08 ----D---- C:\Windows\system32\cs-CZ
2011-12-29 14:15:08 ----D---- C:\Windows\system32\ar-SA
2011-12-29 13:02:07 ----D---- C:\Program Files (x86)\BRS
2011-12-29 13:00:00 ----D---- C:\Users\Jirka\AppData\Roaming\Real
2011-12-29 12:59:11 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2011-12-29 12:53:36 ----HD---- C:\temp
2011-12-29 12:38:18 ----D---- C:\Program Files\Common Files\LogiShrd
2011-12-29 12:37:10 ----D---- C:\ProgramData\Logishrd
2011-12-29 12:37:09 ----D---- C:\Program Files\Logitech
2011-12-28 16:41:09 ----D---- C:\Program Files (x86)\rFactor
2011-12-22 19:28:48 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-18 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2011-08-11 3852976]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2008-08-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-08-11 72216]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2009-12-03 103224]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-12-06 327168]
R3 ksaud;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys [2011-09-13 1588608]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-08-11 11552]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-08-23 120336]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-04-30 42776]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SliceDisk5;SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1235968]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\drivers\WinUSB.SYS [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 36936]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-12-06 235520]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 361984]
R2 AMD_RAIDXpert;AMD RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 DvmMDES;DeviceVM Meta Data Export Service; D:\ASUS.SYS\config\DVMExportService.exe [2009-07-17 319488]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 MagicTuneEngine;MagicTuneEngine; C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe [2007-08-23 45056]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 SBSDWSCService;SBSD Security Center Service; D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2011-08-11 551896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-03-06 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-03-06 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2012-03-06 79360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-01-20 326792]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2009-09-28 120640]
S4 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2008-08-11 57920]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomalý PC, některé web stránky se nenačítají nebo pomalu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý PC, některé web stránky se nenačítají nebo pomalu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartute PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\DAEMON Tools Toolbar
C:\Users\Jirka\AppData\Local\Google\Update
C:\Program Files (x86)\Google\Common\Google Updater
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-371625170-755913128-1498929702-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-371625170-755913128-1498929702-1000UA.job
C:\Users\Jirka\AppData\Local\Google\Update
C:\Program Files (x86)\Common Files\Spigot
:services
gusvc
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
-[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pomalý PC, některé web stránky se nenačítají nebo pomalu
Děkuju za rychlou odpověď. Zde je nový RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2012-03-11 22:29:15
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 2 GB (5%) free of 50 GB
Total RAM: 8191 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:29:31, on 11.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Windows\TEMP\SKYBCAB.tmp
C:\Windows\syswow64\MsiExec.exe
C:\Program Files\trend micro\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VolPanel] "d:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C79A55E7-1FA5-4FD5-9E1C-FAFEFC95DBFA}: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - D:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12224 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e4
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {349C139C-C279-4AAD-ADCD-FE668B428F40}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe" -s
"C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe"
\??\C:\Windows\system32\conhost.exe "1627621086-1465226832-1136468499-846547628-6588131081672657894662175494260464349
"D:\ASUS.SYS\config\DVMExportService.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Windows\System32\rundll32.exe" sbavmon.dll,SBAVMonitor
"C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"D:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun
"C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe" -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3804
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
KHALMNPR.EXE /API
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\TEMP\SKYBCAB.tmp" /LANG=cs /QUIET
"D:\Downloads\RSITx64.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe -Embedding 81A4BAC9CEDF421524F3912EC7FC2985
C:\Windows\syswow64\MsiExec.exe -Embedding C151F8714EDCC04D27B827315F5C3DA0 M Global\MSI0000
"C:\Program Files\Alwil Software\Avast5\defs\12030700\Sf.bin" -f"\\.\aswMonFltProxy\FFFFFA8008DEF9B0" -I0000004768 -O0000004772 -F0000004776 -t00003000 -p"000004EC01CF4DF0" -m
=========Mozilla firefox=========
ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/ig"
prefs.js - "extensions.enabledItems" - "{097d3191-e6fa-4728-9826-b533d755359d}:0.7.13, {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.10, firegestures@xuldev.org:1.6.5, {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.4, LogMeInClient@logmein.com:1.0.0.608, personas@christopher.beard:1.6.2, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.1, {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1, DTToolbar@toolbarnet.com:1.1.8.0191, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =302398&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13]
"Description"=15.0.1.13
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default\extensions\
DTToolbar@toolbarnet.com
LogMeInClient@logmein.com
personas@christopher.beard
{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default\searchplugins\
daemon-search.xml
qipsearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-29 425680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-05 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-05 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1744152]
"Creative SB Monitoring Utility"=RunDll32 sbavmon.dll,SBAVMonitor []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe [2012-03-06 741240]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMDownloading your update...1285781003180]
c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe c:\programdata\corel\downloads\540215253_610005\1285781003180\dim_params.xml -Launch=3 -uibase=c:\users\jirka\appdata\roaming\corel\messages\540215253_610005\en\messagecache1\workflow []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\QIP Infium JadrisPack\infium.exe /autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2008-08-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe /nosplash /minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-29 296056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
C:\PROGRA~2\MAGICT~1\GAMMAT~1.EXE [2007-01-15 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe [2009-12-03 5724472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Game Alarm.lnk]
C:\Games\Game Alarm\gamealarm.exe -silent 2 []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-29 296056]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-12-05 343168]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"VolPanel"=d:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [2010-02-18 241789]
"Module Loader"=C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [2007-07-23 57344]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 2252800]
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 68376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-03-11 22:29:26 ----SHD---- C:\Config.Msi
2012-03-11 22:24:21 ----D---- C:\_OTM
2012-03-08 17:43:22 ----D---- C:\Users\Jirka\AppData\Roaming\AIMP3
2012-03-07 20:52:35 ----D---- C:\ProgramData\Creative Labs
2012-03-07 20:10:34 ----D---- C:\Program Files\trend micro
2012-03-07 20:10:33 ----D---- C:\rsit
2012-03-06 20:48:10 ----A---- C:\Windows\sbwin.ini
2012-03-06 20:16:29 ----D---- C:\ProgramData\Creative
2012-03-06 20:13:12 ----HD---- C:\Program Files (x86)\Creative Installation Information
2012-03-06 20:12:42 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\system32\CmdRtr64.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\system32\APOMgr64.DLL
2012-03-06 20:12:19 ----A---- C:\Windows\system32\kschimp.ini
2012-03-06 20:12:11 ----A---- C:\Windows\SYSWOW64\KSVSPI32.dll
2012-03-06 20:12:11 ----A---- C:\Windows\SYSWOW64\KSAPO32.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\SBAVMon.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSWrap64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSVSPI64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSppld64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSPPCn64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KsDvInst.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSDGFX64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSAPO64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\JDetect.exe
2012-03-06 20:12:11 ----A---- C:\Windows\KSAIM64.exe
2012-03-06 20:12:11 ----A---- C:\ProgramData\cfSB1095.ini
2012-03-06 20:11:50 ----RA---- C:\Windows\SYSWOW64\tmpC601.tmp
2012-03-06 20:11:46 ----N---- C:\Windows\SYSWOW64\Sens_oal.dll
2012-03-06 20:11:46 ----N---- C:\Windows\system32\Sens_oal.dll
2012-03-06 20:11:39 ----D---- C:\Users\Jirka\AppData\Roaming\Creative
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\CTOPT399.dll
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\CTChkAud.dll
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\AddCat.exe
2012-03-06 20:11:32 ----N---- C:\Windows\system32\CTOPT399.dll
2012-03-06 20:11:32 ----N---- C:\Windows\system32\CTChkAud.dll
2012-03-06 20:11:32 ----N---- C:\Windows\system32\AddCat.exe
2012-03-06 20:11:27 ----N---- C:\Windows\Ctregrun.exe
2012-03-06 20:09:57 ----D---- C:\Program Files\Creative
2012-03-06 20:09:52 ----D---- C:\Program Files (x86)\Creative
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\java.exe
2012-03-01 17:18:37 ----D---- C:\Windows\system32\Macromed
2012-02-16 23:29:02 ----SHD---- C:\Windows\SYSWOW64\%APPDATA%
2012-02-16 17:51:58 ----A---- C:\Windows\system32\shell32.dll
2012-02-16 17:51:56 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-02-16 17:51:55 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-02-16 17:51:55 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-16 17:51:52 ----A---- C:\Windows\system32\win32k.sys
2012-02-16 17:51:40 ----A---- C:\Windows\system32\drivers\afd.sys
2012-02-16 17:51:38 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-02-16 17:51:38 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-16 17:51:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-02-16 17:51:33 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 17:51:31 ----A---- C:\Windows\system32\ieframe.dll
2012-02-16 17:51:30 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 17:51:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-02-16 17:51:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-02-16 17:51:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-02-16 17:51:27 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\msfeeds.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\url.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\url.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\jsproxy.dll
======List of files/folders modified in the last 1 month======
2012-03-11 22:29:30 ----D---- C:\Windows\Prefetch
2012-03-11 22:29:26 ----SHD---- C:\Windows\Installer
2012-03-11 22:29:26 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2012-03-11 22:28:24 ----D---- C:\Windows\Temp
2012-03-11 22:27:52 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2012-03-11 22:27:51 ----D---- C:\Program Files (x86)\SpeedFan
2012-03-11 22:26:37 ----D---- C:\Windows\system32\config
2012-03-11 22:25:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-11 22:24:25 ----D---- C:\Windows\Tasks
2012-03-11 22:24:23 ----RD---- C:\Program Files (x86)
2012-03-11 18:14:39 ----D---- C:\Windows\System32
2012-03-11 18:14:39 ----D---- C:\Windows\inf
2012-03-11 18:14:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-09 19:07:57 ----D---- C:\Users\Jirka\AppData\Roaming\Media Player Classic
2012-03-09 18:04:27 ----D---- C:\Windows\SYSWOW64\Adobe
2012-03-09 16:30:41 ----D---- C:\Windows
2012-03-09 16:11:31 ----D---- C:\Windows\system32\drivers
2012-03-09 15:51:46 ----D---- C:\Windows\system32\DriverStore
2012-03-09 15:51:46 ----D---- C:\Windows\system32\catroot
2012-03-08 22:22:50 ----D---- C:\Users\Jirka\AppData\Roaming\Mozilla
2012-03-08 19:08:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-03-08 19:08:35 ----D---- C:\Windows\SysWOW64
2012-03-08 17:48:11 ----D---- C:\Users\Jirka\AppData\Roaming\Winamp
2012-03-08 17:38:52 ----D---- C:\Windows\system32\LogFiles
2012-03-08 17:21:56 ----RD---- C:\Program Files (x86)\Skype
2012-03-08 17:21:40 ----D---- C:\Program Files (x86)\Common Files
2012-03-08 17:21:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-03-08 17:19:43 ----HD---- C:\ProgramData
2012-03-08 17:19:07 ----D---- C:\Program Files (x86)\Cyklotrasy
2012-03-07 20:10:34 ----RD---- C:\Program Files
2012-03-07 18:57:16 ----D---- C:\Windows\system32\catroot2
2012-03-06 20:19:44 ----D---- C:\Windows\Downloaded Program Files
2012-03-06 20:11:50 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-03-06 20:11:50 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-03-06 20:11:50 ----A---- C:\Windows\system32\wrap_oal.dll
2012-03-06 20:11:50 ----A---- C:\Windows\system32\OpenAL32.dll
2012-03-05 20:07:24 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-03-05 19:14:57 ----RSD---- C:\Windows\assembly
2012-03-05 18:54:27 ----D---- C:\Windows\debug
2012-03-05 18:41:22 ----D---- C:\Windows\system32\Tasks
2012-03-02 19:19:57 ----D---- C:\ProgramData\Skype
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe
2012-02-21 17:22:56 ----D---- C:\Windows\Microsoft.NET
2012-02-20 17:21:11 ----D---- C:\Windows\winsxs
2012-02-20 17:18:53 ----D---- C:\Windows\SYSWOW64\migration
2012-02-20 17:18:53 ----D---- C:\Windows\system32\migration
2012-02-20 17:18:53 ----D---- C:\Program Files\Internet Explorer
2012-02-20 17:18:53 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-20 17:18:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-16 23:29:09 ----D---- C:\ProgramData\Microsoft Help
2012-02-16 23:27:39 ----A---- C:\Windows\system32\MRT.exe
2012-02-15 22:54:02 ----D---- C:\Windows\system32\NDF
2012-02-12 20:17:59 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-18 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2008-08-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-08-11 72216]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2009-12-03 103224]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-12-06 327168]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 ksaud;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys [2011-09-13 1588608]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-08-11 11552]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-08-23 120336]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
S3 ax7mqk1g;ax7mqk1g; C:\Windows\system32\drivers\ax7mqk1g.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-04-30 42776]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SliceDisk5;SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1235968]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\drivers\WinUSB.SYS [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 36936]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-12-06 235520]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 361984]
R2 AMD_RAIDXpert;AMD RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 DvmMDES;DeviceVM Meta Data Export Service; D:\ASUS.SYS\config\DVMExportService.exe [2009-07-17 319488]
R2 MagicTuneEngine;MagicTuneEngine; C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe [2007-08-23 45056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-03-06 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-03-06 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2012-03-06 79360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2009-09-28 120640]
S4 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2008-08-11 57920]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2012-03-11 22:29:15
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 2 GB (5%) free of 50 GB
Total RAM: 8191 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:29:31, on 11.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Windows\TEMP\SKYBCAB.tmp
C:\Windows\syswow64\MsiExec.exe
C:\Program Files\trend micro\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VolPanel] "d:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C79A55E7-1FA5-4FD5-9E1C-FAFEFC95DBFA}: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - D:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12224 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e4
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {349C139C-C279-4AAD-ADCD-FE668B428F40}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe" -s
"C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe"
\??\C:\Windows\system32\conhost.exe "1627621086-1465226832-1136468499-846547628-6588131081672657894662175494260464349
"D:\ASUS.SYS\config\DVMExportService.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Windows\System32\rundll32.exe" sbavmon.dll,SBAVMonitor
"C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"D:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun
"C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe" -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3804
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
KHALMNPR.EXE /API
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\TEMP\SKYBCAB.tmp" /LANG=cs /QUIET
"D:\Downloads\RSITx64.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe -Embedding 81A4BAC9CEDF421524F3912EC7FC2985
C:\Windows\syswow64\MsiExec.exe -Embedding C151F8714EDCC04D27B827315F5C3DA0 M Global\MSI0000
"C:\Program Files\Alwil Software\Avast5\defs\12030700\Sf.bin" -f"\\.\aswMonFltProxy\FFFFFA8008DEF9B0" -I0000004768 -O0000004772 -F0000004776 -t00003000 -p"000004EC01CF4DF0" -m
=========Mozilla firefox=========
ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/ig"
prefs.js - "extensions.enabledItems" - "{097d3191-e6fa-4728-9826-b533d755359d}:0.7.13, {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.10, firegestures@xuldev.org:1.6.5, {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.4, LogMeInClient@logmein.com:1.0.0.608, personas@christopher.beard:1.6.2, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.1, {5F590AA2-1221-4113-A6F4-A4BB62414FAC}:0.45.6.20100202.1, DTToolbar@toolbarnet.com:1.1.8.0191, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =302398&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13]
"Description"=15.0.1.13
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default\extensions\
DTToolbar@toolbarnet.com
LogMeInClient@logmein.com
personas@christopher.beard
{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\13m1skca.default\searchplugins\
daemon-search.xml
qipsearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-29 425680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-05 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-05 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1744152]
"Creative SB Monitoring Utility"=RunDll32 sbavmon.dll,SBAVMonitor []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Jirka\AppData\Roaming\uTorrent\utorrent.exe [2012-03-06 741240]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIMDownloading your update...1285781003180]
c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe c:\programdata\corel\downloads\540215253_610005\1285781003180\dim_params.xml -Launch=3 -uibase=c:\users\jirka\appdata\roaming\corel\messages\540215253_610005\en\messagecache1\workflow []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\QIP Infium JadrisPack\infium.exe /autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2008-08-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe /nosplash /minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-29 296056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
C:\PROGRA~2\MAGICT~1\GAMMAT~1.EXE [2007-01-15 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe [2009-12-03 5724472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Game Alarm.lnk]
C:\Games\Game Alarm\gamealarm.exe -silent 2 []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-29 296056]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-12-05 343168]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"VolPanel"=d:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [2010-02-18 241789]
"Module Loader"=C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [2007-07-23 57344]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 2252800]
C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 68376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-03-11 22:29:26 ----SHD---- C:\Config.Msi
2012-03-11 22:24:21 ----D---- C:\_OTM
2012-03-08 17:43:22 ----D---- C:\Users\Jirka\AppData\Roaming\AIMP3
2012-03-07 20:52:35 ----D---- C:\ProgramData\Creative Labs
2012-03-07 20:10:34 ----D---- C:\Program Files\trend micro
2012-03-07 20:10:33 ----D---- C:\rsit
2012-03-06 20:48:10 ----A---- C:\Windows\sbwin.ini
2012-03-06 20:16:29 ----D---- C:\ProgramData\Creative
2012-03-06 20:13:12 ----HD---- C:\Program Files (x86)\Creative Installation Information
2012-03-06 20:12:42 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\system32\CmdRtr64.DLL
2012-03-06 20:12:42 ----A---- C:\Windows\system32\APOMgr64.DLL
2012-03-06 20:12:19 ----A---- C:\Windows\system32\kschimp.ini
2012-03-06 20:12:11 ----A---- C:\Windows\SYSWOW64\KSVSPI32.dll
2012-03-06 20:12:11 ----A---- C:\Windows\SYSWOW64\KSAPO32.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\SBAVMon.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSWrap64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSVSPI64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSppld64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSPPCn64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KsDvInst.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSDGFX64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\KSAPO64.dll
2012-03-06 20:12:11 ----A---- C:\Windows\system32\JDetect.exe
2012-03-06 20:12:11 ----A---- C:\Windows\KSAIM64.exe
2012-03-06 20:12:11 ----A---- C:\ProgramData\cfSB1095.ini
2012-03-06 20:11:50 ----RA---- C:\Windows\SYSWOW64\tmpC601.tmp
2012-03-06 20:11:46 ----N---- C:\Windows\SYSWOW64\Sens_oal.dll
2012-03-06 20:11:46 ----N---- C:\Windows\system32\Sens_oal.dll
2012-03-06 20:11:39 ----D---- C:\Users\Jirka\AppData\Roaming\Creative
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\CTOPT399.dll
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\CTChkAud.dll
2012-03-06 20:11:32 ----N---- C:\Windows\SYSWOW64\AddCat.exe
2012-03-06 20:11:32 ----N---- C:\Windows\system32\CTOPT399.dll
2012-03-06 20:11:32 ----N---- C:\Windows\system32\CTChkAud.dll
2012-03-06 20:11:32 ----N---- C:\Windows\system32\AddCat.exe
2012-03-06 20:11:27 ----N---- C:\Windows\Ctregrun.exe
2012-03-06 20:09:57 ----D---- C:\Program Files\Creative
2012-03-06 20:09:52 ----D---- C:\Program Files (x86)\Creative
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-03-05 20:07:28 ----A---- C:\Windows\SYSWOW64\java.exe
2012-03-01 17:18:37 ----D---- C:\Windows\system32\Macromed
2012-02-16 23:29:02 ----SHD---- C:\Windows\SYSWOW64\%APPDATA%
2012-02-16 17:51:58 ----A---- C:\Windows\system32\shell32.dll
2012-02-16 17:51:56 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-02-16 17:51:55 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-02-16 17:51:55 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-16 17:51:52 ----A---- C:\Windows\system32\win32k.sys
2012-02-16 17:51:40 ----A---- C:\Windows\system32\drivers\afd.sys
2012-02-16 17:51:38 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-02-16 17:51:38 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-16 17:51:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-02-16 17:51:33 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 17:51:31 ----A---- C:\Windows\system32\ieframe.dll
2012-02-16 17:51:30 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 17:51:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-02-16 17:51:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-02-16 17:51:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-02-16 17:51:27 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-02-16 17:51:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\msfeeds.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 17:51:26 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\url.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-02-16 17:51:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\url.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 17:51:25 ----A---- C:\Windows\system32\jsproxy.dll
======List of files/folders modified in the last 1 month======
2012-03-11 22:29:30 ----D---- C:\Windows\Prefetch
2012-03-11 22:29:26 ----SHD---- C:\Windows\Installer
2012-03-11 22:29:26 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2012-03-11 22:28:24 ----D---- C:\Windows\Temp
2012-03-11 22:27:52 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2012-03-11 22:27:51 ----D---- C:\Program Files (x86)\SpeedFan
2012-03-11 22:26:37 ----D---- C:\Windows\system32\config
2012-03-11 22:25:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-11 22:24:25 ----D---- C:\Windows\Tasks
2012-03-11 22:24:23 ----RD---- C:\Program Files (x86)
2012-03-11 18:14:39 ----D---- C:\Windows\System32
2012-03-11 18:14:39 ----D---- C:\Windows\inf
2012-03-11 18:14:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-09 19:07:57 ----D---- C:\Users\Jirka\AppData\Roaming\Media Player Classic
2012-03-09 18:04:27 ----D---- C:\Windows\SYSWOW64\Adobe
2012-03-09 16:30:41 ----D---- C:\Windows
2012-03-09 16:11:31 ----D---- C:\Windows\system32\drivers
2012-03-09 15:51:46 ----D---- C:\Windows\system32\DriverStore
2012-03-09 15:51:46 ----D---- C:\Windows\system32\catroot
2012-03-08 22:22:50 ----D---- C:\Users\Jirka\AppData\Roaming\Mozilla
2012-03-08 19:08:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-03-08 19:08:35 ----D---- C:\Windows\SysWOW64
2012-03-08 17:48:11 ----D---- C:\Users\Jirka\AppData\Roaming\Winamp
2012-03-08 17:38:52 ----D---- C:\Windows\system32\LogFiles
2012-03-08 17:21:56 ----RD---- C:\Program Files (x86)\Skype
2012-03-08 17:21:40 ----D---- C:\Program Files (x86)\Common Files
2012-03-08 17:21:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-03-08 17:19:43 ----HD---- C:\ProgramData
2012-03-08 17:19:07 ----D---- C:\Program Files (x86)\Cyklotrasy
2012-03-07 20:10:34 ----RD---- C:\Program Files
2012-03-07 18:57:16 ----D---- C:\Windows\system32\catroot2
2012-03-06 20:19:44 ----D---- C:\Windows\Downloaded Program Files
2012-03-06 20:11:50 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-03-06 20:11:50 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-03-06 20:11:50 ----A---- C:\Windows\system32\wrap_oal.dll
2012-03-06 20:11:50 ----A---- C:\Windows\system32\OpenAL32.dll
2012-03-05 20:07:24 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-03-05 19:14:57 ----RSD---- C:\Windows\assembly
2012-03-05 18:54:27 ----D---- C:\Windows\debug
2012-03-05 18:41:22 ----D---- C:\Windows\system32\Tasks
2012-03-02 19:19:57 ----D---- C:\ProgramData\Skype
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe
2012-02-21 17:22:56 ----D---- C:\Windows\Microsoft.NET
2012-02-20 17:21:11 ----D---- C:\Windows\winsxs
2012-02-20 17:18:53 ----D---- C:\Windows\SYSWOW64\migration
2012-02-20 17:18:53 ----D---- C:\Windows\system32\migration
2012-02-20 17:18:53 ----D---- C:\Program Files\Internet Explorer
2012-02-20 17:18:53 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-20 17:18:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-16 23:29:09 ----D---- C:\ProgramData\Microsoft Help
2012-02-16 23:27:39 ----A---- C:\Windows\system32\MRT.exe
2012-02-15 22:54:02 ----D---- C:\Windows\system32\NDF
2012-02-12 20:17:59 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-18 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2008-08-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-08-11 72216]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2009-12-03 103224]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-12-06 327168]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 ksaud;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys [2011-09-13 1588608]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-08-11 11552]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-08-23 120336]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-12-06 10720256]
S3 ax7mqk1g;ax7mqk1g; C:\Windows\system32\drivers\ax7mqk1g.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2011-04-30 42776]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SliceDisk5;SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1235968]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\drivers\WinUSB.SYS [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 36936]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-12-06 235520]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 361984]
R2 AMD_RAIDXpert;AMD RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 DvmMDES;DeviceVM Meta Data Export Service; D:\ASUS.SYS\config\DVMExportService.exe [2009-07-17 319488]
R2 MagicTuneEngine;MagicTuneEngine; C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe [2007-08-23 45056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-03-06 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-03-06 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2012-03-06 79360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2009-04-22 124256]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2009-09-28 120640]
S4 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2008-08-11 57920]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý PC, některé web stránky se nenačítají nebo pomalu
Dvouklikem na soubor C:\Program Files\trend micro\Jirka.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
a klikněte na >FixChecked<. Restartujte PC.R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ...
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pomalý PC, některé web stránky se nenačítají nebo pomalu
Dobrý den,
děkuju, provedeno.
Mám ale nový problém, včera se mi během hraní hry vypnul monitor. Od té chvíle vždy při restartu při spouštění Windows 7 zhasne. Přitom systém normálně naběhne. Monitor funguje pouze v nouzovém režimu. Stáhnul jsem a nainstaloval nejnovější ovladače ATI Radeon HD 5770, což nepomohlo. Prosím o radu. O hardware problém s grafikou se asi nejedná, když funguje v nouzovém režimu, ne?
Předem díky za rychlou odpověď.
děkuju, provedeno.
Mám ale nový problém, včera se mi během hraní hry vypnul monitor. Od té chvíle vždy při restartu při spouštění Windows 7 zhasne. Přitom systém normálně naběhne. Monitor funguje pouze v nouzovém režimu. Stáhnul jsem a nainstaloval nejnovější ovladače ATI Radeon HD 5770, což nepomohlo. Prosím o radu. O hardware problém s grafikou se asi nejedná, když funguje v nouzovém režimu, ne?
Předem díky za rychlou odpověď.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý PC, některé web stránky se nenačítají nebo pomalu
Zkuste obnovu systému k datu, kdy korektně fungoval. S tím, co jsme mazali, by to nemělo mít nic společného.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pomalý PC, některé web stránky se nenačítají nebo pomalu
Tak problém byl banální, grafika posílala signál do vypnuté TV přes HDMI. Odpojil jsem HDMI kabel a je to ok.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý PC, některé web stránky se nenačítají nebo pomalu
Tak to jsem opravdu nemohl vědět.Jerzi píše:Tak problém byl banální, grafika posílala signál do vypnuté TV přes HDMI. Odpojil jsem HDMI kabel a je to ok.
Hlavně, že to je OK.Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?