pomaly notas

[mavako]

Hodne se mi zpomaluje notas, postupne se zpomaluje az me to donuti restartovat a znova cekat az se za....
Prosim o pomoc
Dekuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Iveta at 2012-11-18 14:49:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 23 GB (8%) free of 288 GB
Total RAM: 2927 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:49:32, on 18.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files\trend micro\Iveta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13087 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
winlogon.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
C:\windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\Explorer.EXE
WLIDSvcM.exe 2264
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE" -Embedding
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Combo: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>632472192</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2364.afb4b00.800157937 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2364 "\\.\pipe\gecko-crash-server-pipe.2364" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --proxy-stub-channel=Flash1092.6C5D3AA0.41 --host-broker-channel=Flash1092.6C5D3AA0.18467 --host-pid=1092 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --channel=6092.0045F8C8.1856773308 --proxy-stub-channel=Flash1092.6C5D3AA0.41 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" --host-npapi-version=27 --type=renderer
taskeng.exe {CE7537F7-F53D-428D-B076-06996AA276DE}
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Iveta\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-930483831-902529386-340292010-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-930483831-902529386-340292010-1002UA.job
C:\windows\tasks\HPCeeScheduleForIveta.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.2.9&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-12-13 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-06-19 1691192]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-24 166424]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-24 391192]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-24 410648]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-11 24783624]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-17 487424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-08 4030008]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]

C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-18 14:44:28 ----D---- C:\rsit
2012-11-18 14:44:28 ----D---- C:\Program Files\trend micro
2012-11-13 23:39:11 ----A---- C:\windows\system32\Wdfres.dll
2012-11-13 23:39:11 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2012-11-13 23:39:11 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2012-11-13 23:30:19 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2012-11-13 23:30:19 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2012-11-13 23:30:18 ----A---- C:\windows\system32\WUDFSvc.dll
2012-11-13 23:30:18 ----A---- C:\windows\system32\WUDFPlatform.dll
2012-11-13 23:30:17 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2012-11-13 23:30:15 ----A---- C:\windows\system32\WUDFx.dll
2012-11-13 23:30:15 ----A---- C:\windows\system32\WUDFHost.exe
2012-11-13 23:29:29 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2012-11-13 23:29:29 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2012-11-13 23:29:29 ----A---- C:\windows\system32\dhcpcsvc6.dll
2012-11-13 23:29:29 ----A---- C:\windows\system32\dhcpcore6.dll
2012-11-13 23:29:25 ----A---- C:\windows\system32\win32k.sys
2012-11-13 23:28:55 ----A---- C:\windows\SYSWOW64\synceng.dll
2012-11-13 23:28:55 ----A---- C:\windows\system32\synceng.dll
2012-11-13 23:28:51 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2012-11-13 23:28:51 ----A---- C:\windows\SYSWOW64\ncsi.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\nlasvc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\netcorehc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\ncsi.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\iphlpsvc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\drivers\tcpip.sys
2012-11-13 23:28:50 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2012-11-13 23:28:50 ----A---- C:\windows\SYSWOW64\netevent.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\nlaapi.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\netevent.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\wextract.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\webcheck.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\url.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msrating.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msls31.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\inseng.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iexpress.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iesetup.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iernonce.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iepeers.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieakeng.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ie4uinit.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\icardie.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\occache.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshta.exe
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\imgutil.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieakui.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieaksie.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\admparse.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\wininet.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\urlmon.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\pngfilt.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\occache.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\msrating.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\msls31.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshtmler.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshtml.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshta.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\msfeedssync.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\msfeedsbs.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jsproxy.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jscript9.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jscript.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\imgutil.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieUnatt.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieui.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iesysprep.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iertutil.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iepeers.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieakui.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieaksie.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieakeng.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\IEAdvpack.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\admparse.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\iesetup.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\iernonce.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieframe.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieapfltr.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieapfltr.dat
2012-11-13 22:58:52 ----A---- C:\windows\system32\ie4uinit.exe
2012-11-13 22:58:52 ----A---- C:\windows\system32\icardie.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\dxtrans.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\dxtmsft.dll
2012-11-13 22:58:50 ----A---- C:\windows\system32\url.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\wextract.exe
2012-11-13 22:58:49 ----A---- C:\windows\system32\webcheck.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\vbscript.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\mshtmled.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\msfeeds.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\licmgr10.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\inseng.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\iexpress.exe
2012-11-13 22:58:49 ----A---- C:\windows\system32\iedkcs32.dll
2012-11-13 22:56:50 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-13 22:56:50 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-13 22:56:50 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-13 22:56:49 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2012-11-13 22:56:49 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\wksprtPS.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\rdpendp_winip.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\MsRdpWebAccess.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\aaclient.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\wksprtPS.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\TSWbPrxy.exe
2012-11-13 22:56:47 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\tsgqec.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\rdpudd.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\rdpendp_winip.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\aaclient.dll
2012-11-13 22:56:46 ----A---- C:\windows\SYSWOW64\mstsc.exe
2012-11-13 22:56:46 ----A---- C:\windows\system32\wksprt.exe
2012-11-13 22:56:46 ----A---- C:\windows\system32\rdpcorets.dll
2012-11-13 22:56:46 ----A---- C:\windows\system32\mstsc.exe
2012-11-13 22:56:45 ----A---- C:\windows\SYSWOW64\mstscax.dll
2012-11-13 22:56:44 ----A---- C:\windows\system32\mstscax.dll
2012-11-13 22:55:46 ----A---- C:\windows\SYSWOW64\qdvd.dll
2012-11-13 22:55:46 ----A---- C:\windows\system32\qdvd.dll
2012-11-13 22:55:45 ----A---- C:\windows\SYSWOW64\schannel.dll
2012-11-13 22:55:45 ----A---- C:\windows\system32\schannel.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\sspicli.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\secur32.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\ncrypt.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\lsasrv.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2012-11-13 22:55:44 ----A---- C:\windows\system32\drivers\cng.sys
2012-10-29 10:52:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-19 19:15:49 ----D---- C:\Program Files (x86)\ZAV1

======List of files/folders modified in the last 1 month======

2012-11-18 14:49:31 ----D---- C:\windows\Temp
2012-11-18 14:49:25 ----D---- C:\windows\Prefetch
2012-11-18 14:44:28 ----RD---- C:\Program Files
2012-11-18 14:42:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-18 13:02:14 ----D---- C:\windows\System32
2012-11-18 13:02:14 ----D---- C:\windows\inf
2012-11-18 13:02:14 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-11-18 12:52:10 ----D---- C:\windows\system32\config
2012-11-18 12:39:52 ----SHD---- C:\System Volume Information
2012-11-18 10:26:12 ----D---- C:\Users\Iveta\AppData\Roaming\Dropbox
2012-11-18 10:25:50 ----D---- C:\windows\system32\catroot2
2012-11-18 10:25:31 ----A---- C:\windows\SYSWOW64\log.txt
2012-11-17 20:41:37 ----D---- C:\Users\Iveta\AppData\Roaming\Skype
2012-11-14 15:02:38 ----D---- C:\windows\rescache
2012-11-14 14:44:34 ----RSD---- C:\windows\assembly
2012-11-14 14:44:34 ----D---- C:\windows\Microsoft.NET
2012-11-14 00:05:30 ----D---- C:\windows\winsxs
2012-11-14 00:03:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2012-11-14 00:03:08 ----D---- C:\windows\SysWOW64
2012-11-14 00:03:08 ----D---- C:\windows\system32\drivers\cs-CZ
2012-11-14 00:03:08 ----D---- C:\windows\system32\cs-CZ
2012-11-14 00:03:07 ----D---- C:\windows\SYSWOW64\migration
2012-11-14 00:03:07 ----D---- C:\windows\system32\wbem
2012-11-14 00:03:07 ----D---- C:\windows\system32\migration
2012-11-14 00:03:07 ----D---- C:\windows\system32\drivers
2012-11-14 00:03:06 ----RSD---- C:\windows\Fonts
2012-11-13 23:43:19 ----SHD---- C:\windows\Installer
2012-11-13 23:39:22 ----D---- C:\windows\system32\catroot
2012-11-13 23:31:08 ----D---- C:\windows\debug
2012-11-13 23:31:04 ----A---- C:\windows\system32\MRT.exe
2012-11-13 23:14:11 ----D---- C:\Windows
2012-11-13 23:11:52 ----D---- C:\Program Files\Internet Explorer
2012-11-13 23:11:52 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-13 23:11:50 ----D---- C:\windows\SYSWOW64\en-US
2012-11-13 23:11:50 ----D---- C:\windows\system32\en-US
2012-11-13 23:11:50 ----D---- C:\windows\PolicyDefinitions
2012-11-13 23:11:49 ----D---- C:\windows\SYSWOW64\wbem
2012-11-13 23:11:48 ----D---- C:\windows\system32\drivers\en-US
2012-11-13 23:11:47 ----D---- C:\windows\system32\DriverStore
2012-11-13 23:00:05 ----D---- C:\windows\Logs
2012-11-13 19:25:14 ----D---- C:\windows\system32\NDF
2012-11-13 07:35:15 ----D---- C:\ProgramData\PDFC
2012-11-02 10:23:15 ----D---- C:\ProgramData\Skype
2012-10-29 11:42:40 ----RD---- C:\Program Files (x86)
2012-10-28 14:44:43 ----D---- C:\Program Files\Hewlett-Packard
2012-10-28 14:44:34 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-10-28 14:44:32 ----D---- C:\windows\SYSWOW64\cs
2012-10-28 14:44:32 ----D---- C:\windows\system32\cs
2012-10-28 14:43:05 ----D---- C:\windows\SYSWOW64\drivers
2012-10-28 14:39:05 ----D---- C:\ProgramData\HPQLOG
2012-10-28 14:36:40 ----D---- C:\windows\SYSWOW64\pt-BR
2012-10-28 14:36:40 ----D---- C:\windows\system32\pt-BR
2012-10-28 14:25:58 ----D---- C:\windows\Minidump
2012-10-28 14:19:01 ----D---- C:\ProgramData\McAfee
2012-10-28 14:19:01 ----D---- C:\Program Files (x86)\Common Files
2012-10-28 14:16:56 ----HD---- C:\ProgramData
2012-10-28 14:16:02 ----D---- C:\ProgramData\Hewlett-Packard
2012-10-28 14:14:14 ----D---- C:\windows\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2006-10-18 52760]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-02-09 834544]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-10 52736]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 89216]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-03-17 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-03-17 1594368]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 mvusbews;USB EWS Device; C:\windows\System32\Drivers\mvusbews.sys [2010-04-28 20480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-19 103992]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2010-04-29 127800]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [2010-03-17 244736]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-20 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-20 647680]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-29 115168]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-02-11 1255736]

-----------------EOF-----------------



DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455
Run by Iveta at 14:50:34 on 2012-11-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2927.1200 [GMT 1:00]
.
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
C:\windows\system32\HPSIsvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system\uArcCapture.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Motorola\Bluetooth\audiosrv.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\windows\system32\taskeng.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\igfxsrvc.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.centrum.cz/#utm_source=icq&utm_medium=generic
uSearch Bar = hxxp://search.qip.ru/ie
uSearch Page = hxxp://search.qip.ru
uDefault_Page_URL = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.bing.com
mDefault_Page_URL = hxxp://www.bing.com
uSearchAssistant = hxxp://search.qip.ru/ie
uURLSearchHooks: QIPBHO Class: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: QIPBHO Class: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
StartupFolder: C:\Users\Iveta\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{62A88E9A-1F72-42CD-97E6-5190BE782421} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{62A88E9A-1F72-42CD-97E6-5190BE782421}\2456A66716B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{62A88E9A-1F72-42CD-97E6-5190BE782421}\4505D2C494E4B4F5333413543434 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{62A88E9A-1F72-42CD-97E6-5190BE782421}\75C414E4F573937354 : DHCPNameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{62A88E9A-1F72-42CD-97E6-5190BE782421}\94E6374716E65647F54374F583634343 : DHCPNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mStart Page = hxxp://www.bing.com
x64-mDefault_Page_URL = hxxp://www.bing.com
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Users\Iveta\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\windows\System32\drivers\epfwwfp.sys [2011-8-4 62496]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-1-22 52760]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\windows\System32\drivers\EpfwLWF.sys [2011-8-4 38288]
R2 AESTFilters;Andrea ST Filters Service;C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2010-12-20 89600]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-12-20 677128]
R2 eamonm;eamonm;C:\windows\System32\drivers\eamonm.sys [2011-8-9 202576]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-9-8 974944]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-6-19 103992]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-4-5 103992]
R2 hpHotkeyMonitor;HP Hotkey Monitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-3-1 264248]
R2 HPSIService;HP SI Service;C:\windows\System32\HPSIsvc.exe [2011-4-11 127800]
R2 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2011-5-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-12 13336]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-12-12 635416]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]
R2 uArcCapture;ArcCapture;C:\Windows\system\uArcCapture.exe [2010-12-20 506472]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2009-12-14 2019120]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2010-12-20 32640]
R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-12-20 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-12-20 1096968]
R3 BTMCOM;Bluetooth Serial Port;C:\windows\System32\drivers\btmcom.sys [2010-12-20 52736]
R3 BTMUSB;Motorola Bluetooth Radio Service;C:\windows\System32\drivers\btmusb.sys [2010-12-20 3232768]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-20 1028096]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-10 158720]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\System32\drivers\netr28x.sys [2010-12-20 931168]
R3 rtsuvc;HP Webcam [2 MP Fixed];C:\windows\System32\drivers\rtsuvc.sys [2010-12-20 89216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 mvusbews;USB EWS Device;C:\windows\System32\drivers\mvusbews.sys [2011-4-11 20480]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-13 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-12-12 232480]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-12-12 325152]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-11-13 57856]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2011-2-11 1255736]
.
=============== File Associations ===============
.
ShellExec: DigitalTheatre.exe: open="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTStart.exe" "%1"
.
=============== Created Last 30 ================
.
2012-11-18 13:44:28 -------- d-----w- C:\Program Files\trend micro
2012-11-18 13:42:24 261600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-11-16 07:14:14 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF059580-9A8E-423B-BE07-036AD7273899}\mpengine.dll
2012-11-13 22:39:12 2560 ----a-w- C:\windows\System32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-13 22:39:11 9728 ----a-w- C:\windows\System32\Wdfres.dll
2012-11-13 22:39:11 785512 ----a-w- C:\windows\System32\drivers\Wdf01000.sys
2012-11-13 22:39:11 54376 ----a-w- C:\windows\System32\drivers\WdfLdr.sys
2012-11-13 22:30:19 87040 ----a-w- C:\windows\System32\drivers\WUDFPf.sys
2012-11-13 22:30:19 198656 ----a-w- C:\windows\System32\drivers\WUDFRd.sys
2012-11-13 22:30:18 84992 ----a-w- C:\windows\System32\WUDFSvc.dll
2012-11-13 22:30:18 194048 ----a-w- C:\windows\System32\WUDFPlatform.dll
2012-11-13 22:30:17 45056 ----a-w- C:\windows\System32\WUDFCoinstaller.dll
2012-11-13 22:30:15 744448 ----a-w- C:\windows\System32\WUDFx.dll
2012-11-13 22:30:15 229888 ----a-w- C:\windows\System32\WUDFHost.exe
2012-11-13 22:29:29 55296 ----a-w- C:\windows\System32\dhcpcsvc6.dll
2012-11-13 22:29:29 44032 ----a-w- C:\windows\SysWow64\dhcpcsvc6.dll
2012-11-13 22:29:29 226816 ----a-w- C:\windows\System32\dhcpcore6.dll
2012-11-13 22:29:29 193536 ----a-w- C:\windows\SysWow64\dhcpcore6.dll
2012-11-13 22:29:25 3149824 ----a-w- C:\windows\System32\win32k.sys
2012-11-13 21:56:51 3072 ----a-w- C:\windows\System32\drivers\en-US\tsusbflt.sys.mui
2012-11-13 21:55:46 514560 ----a-w- C:\windows\SysWow64\qdvd.dll
2012-11-13 21:55:46 366592 ----a-w- C:\windows\System32\qdvd.dll
2012-11-13 21:55:45 340992 ----a-w- C:\windows\System32\schannel.dll
2012-11-13 21:55:45 247808 ----a-w- C:\windows\SysWow64\schannel.dll
2012-11-13 21:55:44 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2012-11-13 21:55:44 458712 ----a-w- C:\windows\System32\drivers\cng.sys
2012-11-13 21:55:44 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-11-13 21:55:44 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-11-13 21:55:44 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2012-11-13 21:55:44 154480 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2012-11-13 21:55:44 1448448 ----a-w- C:\windows\System32\lsasrv.dll
2012-10-19 18:15:49 -------- d-----w- C:\Program Files (x86)\ZAV1
.
==================== Find3M ====================
.
2012-10-09 10:00:11 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 10:00:11 696760 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-10-03 17:56:54 1914248 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\windows\System32\synceng.dll
2012-09-14 19:19:29 2048 ----a-w- C:\windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:07 220160 ----a-w- C:\windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
2012-08-24 16:57:40 247808 ----a-w- C:\windows\SysWow64\schannel.dll
2012-08-23 14:13:11 243200 ----a-w- C:\windows\System32\rdpudd.dll
2012-08-23 14:10:20 19456 ----a-w- C:\windows\System32\drivers\rdpvideominiport.sys
2012-08-23 14:07:35 57856 ----a-w- C:\windows\System32\drivers\TsUsbFlt.sys
2012-08-23 13:47:20 46592 ----a-w- C:\windows\SysWow64\MsRdpWebAccess.dll
2012-08-23 13:46:20 16896 ----a-w- C:\windows\SysWow64\wksprtPS.dll
2012-08-23 13:41:52 13312 ----a-w- C:\windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-08-23 13:40:56 13312 ----a-w- C:\windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-08-23 13:24:57 15360 ----a-w- C:\windows\System32\RdpGroupPolicyExtension.dll
2012-08-23 13:20:40 54272 ----a-w- C:\windows\System32\MsRdpWebAccess.dll
2012-08-23 13:18:14 37376 ----a-w- C:\windows\SysWow64\tsgqec.dll
2012-08-23 13:17:54 18432 ----a-w- C:\windows\System32\wksprtPS.dll
2012-08-23 13:06:58 43520 ----a-w- C:\windows\System32\TsUsbGDCoInstaller.dll
2012-08-23 12:52:53 44032 ----a-w- C:\windows\System32\tsgqec.dll
2012-08-23 11:20:06 62976 ----a-w- C:\windows\System32\TSWbPrxy.exe
2012-08-23 11:15:57 269312 ----a-w- C:\windows\SysWow64\aaclient.dll
2012-08-23 11:14:09 384000 ----a-w- C:\windows\System32\wksprt.exe
2012-08-23 11:12:17 192000 ----a-w- C:\windows\SysWow64\rdpendp_winip.dll
2012-08-23 10:54:24 322560 ----a-w- C:\windows\System32\aaclient.dll
2012-08-23 10:51:14 228864 ----a-w- C:\windows\System32\rdpendp_winip.dll
2012-08-23 10:39:24 1048064 ----a-w- C:\windows\SysWow64\mstsc.exe
2012-08-23 10:22:22 1123840 ----a-w- C:\windows\System32\mstsc.exe
2012-08-23 09:51:57 3174912 ----a-w- C:\windows\System32\rdpcorets.dll
2012-08-23 08:19:01 4916224 ----a-w- C:\windows\SysWow64\mstscax.dll
2012-08-23 08:13:07 5773824 ----a-w- C:\windows\System32\mstscax.dll
2012-08-22 18:12:40 950128 ----a-w- C:\windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\windows\System32\OxpsConverter.exe
2012-08-20 18:48:44 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 14:51:25,62 ===============

[Rudy]

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

[mavako]

# AdwCleaner v2.008 - Logfile created 11/18/2012 at 19:25:50
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Iveta - IVETA-HP
# Boot Mode : Normal
# Running from : C:\Users\Iveta\Desktop\Nová složka (2)\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\icqplugin.xml
File Found : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\qip-search.xml
Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\ICQ6Toolbar
Folder Found : C:\ProgramData\ICQ\ICQToolbar

***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKU\S-1-5-21-930483831-902529386-340292010-1002\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-930483831-902529386-340292010-1002\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie

-\\ Mozilla Firefox v16.0.2 (cs)

Profile name : default
File : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\prefs.js

Found : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.36] : icon_url = "hxxp://c.icq.com/favicon.ico",
Found [l.42] : search_url = "hxxp://search.icq.com/search/results.php?ch_id=osd&q={searchTerms}&icid=chrome",

*************************

AdwCleaner[R1].txt - [4252 octets] - [18/11/2012 19:25:50]

########## EOF - C:\AdwCleaner[R1].txt - [4312 octets] ##########

[Rudy]

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

[mavako]

# AdwCleaner v2.008 - Logfile created 11/18/2012 at 19:47:33
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Iveta - IVETA-HP
# Boot Mode : Normal
# Running from : C:\Users\Iveta\Desktop\Nová složka (2)\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\qip-search.xml
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (cs)

Profile name : default
File : C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\prefs.js

Deleted : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]
Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.36] : icon_url = "hxxp://c.icq.com/favicon.ico",
Deleted [l.42] : search_url = "hxxp://search.icq.com/search/results.php?ch_id=osd&q={searchTerms}&icid=chrome"[...]

*************************

AdwCleaner[R1].txt - [4373 octets] - [18/11/2012 19:25:50]
AdwCleaner[S1].txt - [4294 octets] - [18/11/2012 19:47:33]

########## EOF - C:\AdwCleaner[S1].txt - [4354 octets] ##########

[Rudy]

Dejte nový log RSIT.

[mavako]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Iveta at 2012-11-18 20:16:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (8%) free of 288 GB
Total RAM: 2927 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:16:50, on 18.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files\trend micro\Iveta.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12347 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
winlogon.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\System32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
taskeng.exe {6DDD9704-3C58-4468-852C-00D31CB5307F}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
C:\windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2320
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE" -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\SysWOW64\DllHost.exe /Processid:{B366DEBE-645B-43A5-B865-DDD82C345492}
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Iveta\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-930483831-902529386-340292010-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-930483831-902529386-340292010-1002UA.job
C:\windows\tasks\HPCeeScheduleForIveta.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-06-19 1691192]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-24 166424]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-24 391192]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-24 410648]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-11 24783624]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-17 487424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-08 4030008]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]

C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-18 19:47:33 ----A---- C:\AdwCleaner[S1].txt
2012-11-18 19:25:50 ----A---- C:\AdwCleaner[R1].txt
2012-11-18 14:44:28 ----D---- C:\rsit
2012-11-18 14:44:28 ----D---- C:\Program Files\trend micro
2012-11-13 23:39:11 ----A---- C:\windows\system32\Wdfres.dll
2012-11-13 23:39:11 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2012-11-13 23:39:11 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2012-11-13 23:30:19 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2012-11-13 23:30:19 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2012-11-13 23:30:18 ----A---- C:\windows\system32\WUDFSvc.dll
2012-11-13 23:30:18 ----A---- C:\windows\system32\WUDFPlatform.dll
2012-11-13 23:30:17 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2012-11-13 23:30:15 ----A---- C:\windows\system32\WUDFx.dll
2012-11-13 23:30:15 ----A---- C:\windows\system32\WUDFHost.exe
2012-11-13 23:29:29 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2012-11-13 23:29:29 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2012-11-13 23:29:29 ----A---- C:\windows\system32\dhcpcsvc6.dll
2012-11-13 23:29:29 ----A---- C:\windows\system32\dhcpcore6.dll
2012-11-13 23:29:25 ----A---- C:\windows\system32\win32k.sys
2012-11-13 23:28:55 ----A---- C:\windows\SYSWOW64\synceng.dll
2012-11-13 23:28:55 ----A---- C:\windows\system32\synceng.dll
2012-11-13 23:28:51 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2012-11-13 23:28:51 ----A---- C:\windows\SYSWOW64\ncsi.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\nlasvc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\netcorehc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\ncsi.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\iphlpsvc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\drivers\tcpip.sys
2012-11-13 23:28:50 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2012-11-13 23:28:50 ----A---- C:\windows\SYSWOW64\netevent.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\nlaapi.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\netevent.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\wextract.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\webcheck.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\url.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msrating.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msls31.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\inseng.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iexpress.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iesetup.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iernonce.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iepeers.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieakeng.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ie4uinit.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\icardie.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\occache.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshta.exe
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\imgutil.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieakui.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieaksie.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\admparse.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\wininet.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\urlmon.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\pngfilt.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\occache.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\msrating.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\msls31.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshtmler.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshtml.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshta.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\msfeedssync.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\msfeedsbs.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jsproxy.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jscript9.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jscript.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\imgutil.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieUnatt.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieui.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iesysprep.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iertutil.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iepeers.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieakui.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieaksie.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieakeng.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\IEAdvpack.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\admparse.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\iesetup.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\iernonce.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieframe.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieapfltr.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieapfltr.dat
2012-11-13 22:58:52 ----A---- C:\windows\system32\ie4uinit.exe
2012-11-13 22:58:52 ----A---- C:\windows\system32\icardie.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\dxtrans.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\dxtmsft.dll
2012-11-13 22:58:50 ----A---- C:\windows\system32\url.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\wextract.exe
2012-11-13 22:58:49 ----A---- C:\windows\system32\webcheck.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\vbscript.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\mshtmled.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\msfeeds.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\licmgr10.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\inseng.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\iexpress.exe
2012-11-13 22:58:49 ----A---- C:\windows\system32\iedkcs32.dll
2012-11-13 22:56:50 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-13 22:56:50 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-13 22:56:50 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-13 22:56:49 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2012-11-13 22:56:49 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\wksprtPS.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\rdpendp_winip.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\MsRdpWebAccess.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\aaclient.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\wksprtPS.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\TSWbPrxy.exe
2012-11-13 22:56:47 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\tsgqec.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\rdpudd.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\rdpendp_winip.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\aaclient.dll
2012-11-13 22:56:46 ----A---- C:\windows\SYSWOW64\mstsc.exe
2012-11-13 22:56:46 ----A---- C:\windows\system32\wksprt.exe
2012-11-13 22:56:46 ----A---- C:\windows\system32\rdpcorets.dll
2012-11-13 22:56:46 ----A---- C:\windows\system32\mstsc.exe
2012-11-13 22:56:45 ----A---- C:\windows\SYSWOW64\mstscax.dll
2012-11-13 22:56:44 ----A---- C:\windows\system32\mstscax.dll
2012-11-13 22:55:46 ----A---- C:\windows\SYSWOW64\qdvd.dll
2012-11-13 22:55:46 ----A---- C:\windows\system32\qdvd.dll
2012-11-13 22:55:45 ----A---- C:\windows\SYSWOW64\schannel.dll
2012-11-13 22:55:45 ----A---- C:\windows\system32\schannel.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\sspicli.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\secur32.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\ncrypt.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\lsasrv.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2012-11-13 22:55:44 ----A---- C:\windows\system32\drivers\cng.sys
2012-10-29 10:52:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-19 19:15:49 ----D---- C:\Program Files (x86)\ZAV1

======List of files/folders modified in the last 1 month======

2012-11-18 20:16:22 ----D---- C:\windows\Prefetch
2012-11-18 20:16:22 ----D---- C:\Users\Iveta\AppData\Roaming\Dropbox
2012-11-18 20:16:16 ----D---- C:\windows\Temp
2012-11-18 20:15:50 ----D---- C:\windows\system32\config
2012-11-18 20:15:39 ----A---- C:\windows\SYSWOW64\log.txt
2012-11-18 19:47:34 ----RD---- C:\Program Files (x86)
2012-11-18 19:46:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-18 14:44:28 ----RD---- C:\Program Files
2012-11-18 13:02:14 ----D---- C:\windows\System32
2012-11-18 13:02:14 ----D---- C:\windows\inf
2012-11-18 13:02:14 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-11-18 12:39:52 ----SHD---- C:\System Volume Information
2012-11-18 10:25:50 ----D---- C:\windows\system32\catroot2
2012-11-17 20:41:37 ----D---- C:\Users\Iveta\AppData\Roaming\Skype
2012-11-14 15:02:38 ----D---- C:\windows\rescache
2012-11-14 14:44:34 ----RSD---- C:\windows\assembly
2012-11-14 14:44:34 ----D---- C:\windows\Microsoft.NET
2012-11-14 00:05:30 ----D---- C:\windows\winsxs
2012-11-14 00:03:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2012-11-14 00:03:08 ----D---- C:\windows\SysWOW64
2012-11-14 00:03:08 ----D---- C:\windows\system32\drivers\cs-CZ
2012-11-14 00:03:08 ----D---- C:\windows\system32\cs-CZ
2012-11-14 00:03:07 ----D---- C:\windows\SYSWOW64\migration
2012-11-14 00:03:07 ----D---- C:\windows\system32\wbem
2012-11-14 00:03:07 ----D---- C:\windows\system32\migration
2012-11-14 00:03:07 ----D---- C:\windows\system32\drivers
2012-11-14 00:03:06 ----RSD---- C:\windows\Fonts
2012-11-13 23:43:19 ----SHD---- C:\windows\Installer
2012-11-13 23:39:22 ----D---- C:\windows\system32\catroot
2012-11-13 23:31:08 ----D---- C:\windows\debug
2012-11-13 23:31:04 ----A---- C:\windows\system32\MRT.exe
2012-11-13 23:14:11 ----D---- C:\Windows
2012-11-13 23:11:52 ----D---- C:\Program Files\Internet Explorer
2012-11-13 23:11:52 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-13 23:11:50 ----D---- C:\windows\SYSWOW64\en-US
2012-11-13 23:11:50 ----D---- C:\windows\system32\en-US
2012-11-13 23:11:50 ----D---- C:\windows\PolicyDefinitions
2012-11-13 23:11:49 ----D---- C:\windows\SYSWOW64\wbem
2012-11-13 23:11:48 ----D---- C:\windows\system32\drivers\en-US
2012-11-13 23:11:47 ----D---- C:\windows\system32\DriverStore
2012-11-13 23:00:05 ----D---- C:\windows\Logs
2012-11-13 19:25:14 ----D---- C:\windows\system32\NDF
2012-11-13 07:35:15 ----D---- C:\ProgramData\PDFC
2012-11-02 10:23:15 ----D---- C:\ProgramData\Skype
2012-10-28 14:44:43 ----D---- C:\Program Files\Hewlett-Packard
2012-10-28 14:44:34 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-10-28 14:44:32 ----D---- C:\windows\SYSWOW64\cs
2012-10-28 14:44:32 ----D---- C:\windows\system32\cs
2012-10-28 14:43:05 ----D---- C:\windows\SYSWOW64\drivers
2012-10-28 14:39:05 ----D---- C:\ProgramData\HPQLOG
2012-10-28 14:36:40 ----D---- C:\windows\SYSWOW64\pt-BR
2012-10-28 14:36:40 ----D---- C:\windows\system32\pt-BR
2012-10-28 14:25:58 ----D---- C:\windows\Minidump
2012-10-28 14:19:01 ----D---- C:\ProgramData\McAfee
2012-10-28 14:19:01 ----D---- C:\Program Files (x86)\Common Files
2012-10-28 14:16:56 ----HD---- C:\ProgramData
2012-10-28 14:16:02 ----D---- C:\ProgramData\Hewlett-Packard
2012-10-28 14:14:14 ----D---- C:\windows\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2006-10-18 52760]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-02-09 834544]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-10 52736]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 89216]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-03-17 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-03-17 1594368]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 mvusbews;USB EWS Device; C:\windows\System32\Drivers\mvusbews.sys [2010-04-28 20480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2010-04-29 127800]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [2010-03-17 244736]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-20 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-19 103992]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-20 647680]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-29 115168]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-02-11 1255736]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Skype\Toolbars
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-930483831-902529386-340292010-1002Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-930483831-902529386-340292010-1002UA.job

:services
Skype C2C Service

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[mavako]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Iveta at 2012-11-19 18:18:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 24 GB (8%) free of 288 GB
Total RAM: 2927 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:18:53, on 19.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files\trend micro\Iveta.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11870 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
winlogon.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
taskeng.exe {A8880157-7EF3-463F-9A57-6EC12AA48D99}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
C:\windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
C:\windows\Explorer.EXE
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2572
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE" -Embedding
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Iveta\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\HPCeeScheduleForIveta.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Users\Iveta\AppData\Roaming\Mozilla\Firefox\Profiles\e8kpc159.default\searchplugins\
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-06-19 1691192]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-24 166424]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-24 391192]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-24 410648]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-11 24783624]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-17 487424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-08 4030008]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]

C:\Users\Iveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Iveta\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-19 18:14:00 ----D---- C:\_OTM
2012-11-18 19:47:33 ----A---- C:\AdwCleaner[S1].txt
2012-11-18 19:25:50 ----A---- C:\AdwCleaner[R1].txt
2012-11-18 14:44:28 ----D---- C:\rsit
2012-11-18 14:44:28 ----D---- C:\Program Files\trend micro
2012-11-13 23:39:11 ----A---- C:\windows\system32\Wdfres.dll
2012-11-13 23:39:11 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2012-11-13 23:39:11 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2012-11-13 23:30:19 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2012-11-13 23:30:19 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2012-11-13 23:30:18 ----A---- C:\windows\system32\WUDFSvc.dll
2012-11-13 23:30:18 ----A---- C:\windows\system32\WUDFPlatform.dll
2012-11-13 23:30:17 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2012-11-13 23:30:15 ----A---- C:\windows\system32\WUDFx.dll
2012-11-13 23:30:15 ----A---- C:\windows\system32\WUDFHost.exe
2012-11-13 23:29:29 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2012-11-13 23:29:29 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2012-11-13 23:29:29 ----A---- C:\windows\system32\dhcpcsvc6.dll
2012-11-13 23:29:29 ----A---- C:\windows\system32\dhcpcore6.dll
2012-11-13 23:29:25 ----A---- C:\windows\system32\win32k.sys
2012-11-13 23:28:55 ----A---- C:\windows\SYSWOW64\synceng.dll
2012-11-13 23:28:55 ----A---- C:\windows\system32\synceng.dll
2012-11-13 23:28:51 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2012-11-13 23:28:51 ----A---- C:\windows\SYSWOW64\ncsi.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\nlasvc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\netcorehc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\ncsi.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\iphlpsvc.dll
2012-11-13 23:28:51 ----A---- C:\windows\system32\drivers\tcpip.sys
2012-11-13 23:28:50 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2012-11-13 23:28:50 ----A---- C:\windows\SYSWOW64\netevent.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\nlaapi.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\netevent.dll
2012-11-13 23:28:50 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\wextract.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\webcheck.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\url.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msrating.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msls31.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\inseng.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iexpress.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iesetup.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iernonce.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iepeers.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ieakeng.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\ie4uinit.exe
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\icardie.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2012-11-13 22:58:55 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\occache.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\mshta.exe
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\imgutil.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieakui.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\ieaksie.dll
2012-11-13 22:58:54 ----A---- C:\windows\SYSWOW64\admparse.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\wininet.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\urlmon.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\pngfilt.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\occache.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\msrating.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\msls31.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshtmler.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshtml.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\mshta.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\msfeedssync.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\msfeedsbs.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jsproxy.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jscript9.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\jscript.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\imgutil.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieUnatt.exe
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieui.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iesysprep.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iertutil.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\iepeers.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieakui.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieaksie.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\ieakeng.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\IEAdvpack.dll
2012-11-13 22:58:53 ----A---- C:\windows\system32\admparse.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\iesetup.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\iernonce.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieframe.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieapfltr.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\ieapfltr.dat
2012-11-13 22:58:52 ----A---- C:\windows\system32\ie4uinit.exe
2012-11-13 22:58:52 ----A---- C:\windows\system32\icardie.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\dxtrans.dll
2012-11-13 22:58:52 ----A---- C:\windows\system32\dxtmsft.dll
2012-11-13 22:58:50 ----A---- C:\windows\system32\url.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\wextract.exe
2012-11-13 22:58:49 ----A---- C:\windows\system32\webcheck.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\vbscript.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\mshtmled.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\msfeeds.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\licmgr10.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\inseng.dll
2012-11-13 22:58:49 ----A---- C:\windows\system32\iexpress.exe
2012-11-13 22:58:49 ----A---- C:\windows\system32\iedkcs32.dll
2012-11-13 22:56:50 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-13 22:56:50 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-13 22:56:50 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-13 22:56:49 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2012-11-13 22:56:49 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\wksprtPS.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\rdpendp_winip.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\MsRdpWebAccess.dll
2012-11-13 22:56:47 ----A---- C:\windows\SYSWOW64\aaclient.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\wksprtPS.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\TSWbPrxy.exe
2012-11-13 22:56:47 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\tsgqec.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\rdpudd.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\rdpendp_winip.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2012-11-13 22:56:47 ----A---- C:\windows\system32\aaclient.dll
2012-11-13 22:56:46 ----A---- C:\windows\SYSWOW64\mstsc.exe
2012-11-13 22:56:46 ----A---- C:\windows\system32\wksprt.exe
2012-11-13 22:56:46 ----A---- C:\windows\system32\rdpcorets.dll
2012-11-13 22:56:46 ----A---- C:\windows\system32\mstsc.exe
2012-11-13 22:56:45 ----A---- C:\windows\SYSWOW64\mstscax.dll
2012-11-13 22:56:44 ----A---- C:\windows\system32\mstscax.dll
2012-11-13 22:55:46 ----A---- C:\windows\SYSWOW64\qdvd.dll
2012-11-13 22:55:46 ----A---- C:\windows\system32\qdvd.dll
2012-11-13 22:55:45 ----A---- C:\windows\SYSWOW64\schannel.dll
2012-11-13 22:55:45 ----A---- C:\windows\system32\schannel.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\sspicli.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\secur32.dll
2012-11-13 22:55:44 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\ncrypt.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\lsasrv.dll
2012-11-13 22:55:44 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2012-11-13 22:55:44 ----A---- C:\windows\system32\drivers\cng.sys
2012-10-29 10:52:22 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2012-11-19 18:18:54 ----D---- C:\windows\Prefetch
2012-11-19 18:18:29 ----D---- C:\Users\Iveta\AppData\Roaming\Dropbox
2012-11-19 18:16:42 ----D---- C:\windows\Temp
2012-11-19 18:16:38 ----D---- C:\windows\system32\config
2012-11-19 18:16:27 ----A---- C:\windows\SYSWOW64\log.txt
2012-11-19 18:14:00 ----RD---- C:\Program Files (x86)\Skype
2012-11-19 18:14:00 ----D---- C:\windows\Tasks
2012-11-19 17:30:36 ----D---- C:\Users\Iveta\AppData\Roaming\Skype
2012-11-19 10:00:47 ----D---- C:\windows\System32
2012-11-19 10:00:47 ----D---- C:\windows\inf
2012-11-19 10:00:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-11-18 19:47:34 ----RD---- C:\Program Files (x86)
2012-11-18 19:47:34 ----D---- C:\ProgramData\ICQ
2012-11-18 19:46:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-18 14:44:28 ----RD---- C:\Program Files
2012-11-18 12:39:52 ----SHD---- C:\System Volume Information
2012-11-18 10:25:50 ----D---- C:\windows\system32\catroot2
2012-11-14 15:02:38 ----D---- C:\windows\rescache
2012-11-14 14:44:34 ----RSD---- C:\windows\assembly
2012-11-14 14:44:34 ----D---- C:\windows\Microsoft.NET
2012-11-14 00:05:30 ----D---- C:\windows\winsxs
2012-11-14 00:03:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2012-11-14 00:03:08 ----D---- C:\windows\SysWOW64
2012-11-14 00:03:08 ----D---- C:\windows\system32\drivers\cs-CZ
2012-11-14 00:03:08 ----D---- C:\windows\system32\cs-CZ
2012-11-14 00:03:07 ----D---- C:\windows\SYSWOW64\migration
2012-11-14 00:03:07 ----D---- C:\windows\system32\wbem
2012-11-14 00:03:07 ----D---- C:\windows\system32\migration
2012-11-14 00:03:07 ----D---- C:\windows\system32\drivers
2012-11-14 00:03:06 ----RSD---- C:\windows\Fonts
2012-11-13 23:43:19 ----SHD---- C:\windows\Installer
2012-11-13 23:39:22 ----D---- C:\windows\system32\catroot
2012-11-13 23:31:08 ----D---- C:\windows\debug
2012-11-13 23:31:04 ----A---- C:\windows\system32\MRT.exe
2012-11-13 23:14:11 ----D---- C:\Windows
2012-11-13 23:11:52 ----D---- C:\Program Files\Internet Explorer
2012-11-13 23:11:52 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-13 23:11:50 ----D---- C:\windows\SYSWOW64\en-US
2012-11-13 23:11:50 ----D---- C:\windows\system32\en-US
2012-11-13 23:11:50 ----D---- C:\windows\PolicyDefinitions
2012-11-13 23:11:49 ----D---- C:\windows\SYSWOW64\wbem
2012-11-13 23:11:48 ----D---- C:\windows\system32\drivers\en-US
2012-11-13 23:11:47 ----D---- C:\windows\system32\DriverStore
2012-11-13 23:00:05 ----D---- C:\windows\Logs
2012-11-13 19:25:14 ----D---- C:\windows\system32\NDF
2012-11-13 07:35:15 ----D---- C:\ProgramData\PDFC
2012-11-02 10:23:15 ----D---- C:\ProgramData\Skype
2012-10-28 14:44:43 ----D---- C:\Program Files\Hewlett-Packard
2012-10-28 14:44:34 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-10-28 14:44:32 ----D---- C:\windows\SYSWOW64\cs
2012-10-28 14:44:32 ----D---- C:\windows\system32\cs
2012-10-28 14:43:05 ----D---- C:\windows\SYSWOW64\drivers
2012-10-28 14:39:05 ----D---- C:\ProgramData\HPQLOG
2012-10-28 14:36:40 ----D---- C:\windows\SYSWOW64\pt-BR
2012-10-28 14:36:40 ----D---- C:\windows\system32\pt-BR
2012-10-28 14:25:58 ----D---- C:\windows\Minidump
2012-10-28 14:19:01 ----D---- C:\ProgramData\McAfee
2012-10-28 14:19:01 ----D---- C:\Program Files (x86)\Common Files
2012-10-28 14:16:56 ----HD---- C:\ProgramData
2012-10-28 14:16:02 ----D---- C:\ProgramData\Hewlett-Packard
2012-10-28 14:14:14 ----D---- C:\windows\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2006-10-18 52760]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-02-09 834544]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-10 52736]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 89216]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-03-17 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-03-17 1594368]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 mvusbews;USB EWS Device; C:\windows\System32\Drivers\mvusbews.sys [2010-04-28 20480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-08 974944]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-19 103992]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2010-04-29 127800]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [2010-03-17 244736]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-20 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-20 647680]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-29 115168]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-02-11 1255736]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Iveta.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.