V google chromu jsem zaznamenal reklamní okno, které se mi ukazuje jen při přímém připojení k internetu (= není tam, když jsem ve firmě).
Ukázka: http://imageshack.us/photo/my-images/843/chromeq.jpg/
Prosím o kontrolu a případně radu.
Děkuji
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pospisil at 2013-03-23 18:50:15
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 15 GB (10%) free of 147 GB
Total RAM: 3996 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:59, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\TC UP\TC UP.exe
C:\Program Files (x86)\TC UP\TOTALCMD.EXE
C:\Program Files (x86)\TC UP\tcmatch.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Pospisil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szdc.cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/anyvideo2dvd/ ... C78C459AFC}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Správa železniční dopravní cesty, státní organizace
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxysetup2.szdc.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Any Video To DVD Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 95.211.0.119 www.google-analytics.com.
O1 - Hosts: 95.211.0.119 ad-emea.doubleclick.net.
O1 - Hosts: 95.211.0.119 www.statcounter.com.
O1 - Hosts: 93.115.241.27 www.google-analytics.com.
O1 - Hosts: 93.115.241.27 ad-emea.doubleclick.net.
O1 - Hosts: 93.115.241.27 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-869890024-1638057701-321323812-1008\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'tv')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.pectest.cdcargo.cz
O15 - Trusted Zone: http://*.jv.cd.cz
O15 - Trusted Zone: http://*.mk.cd.cz
O15 - Trusted Zone: *.seznam.cz
O15 - Trusted Zone: http://webmail.szdc.cz
O15 - Trusted Zone: http://login.szn.cz
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/In ... ect121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3638927E-E897-4A11-B10E-2A88316E2765}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{62103EC7-3C2B-4559-B56F-462C5ECA3A15}: NameServer = 10.4.10.10,10.4.12.20
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = red.szdc.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll PGPmapih.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: PGPserv - PGP Corporation - C:\Windows\SysWOW64\PGPserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17898 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=beaed513-9724-4c7b-8e6a-5e76cb4c4635 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\5149782d-0735-483f-b1e7-a5444156c540-1e4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ShrewSoft\VPN Client\dtpd.exe" -service
C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
"C:\Program Files\ShrewSoft\VPN Client\iked.exe" -service
"C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe" -service
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sIR
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PGPserv.exe
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=a7fbfe0f-3854-432c-a057-fa66e8c40d3c /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\4a300305-64c3-427f-87bc-1d1b4d809226-ca8-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"taskhost.exe"
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {F07A94FD-298A-41DF-8EC4-653FE974FC1E}
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose
"C:\Program Files (x86)\TC UP\TC UP.exe"
"C:\Program Files (x86)\TC UP\TOTALCMD.EXE" /i="C:\Program Files (x86)\TC UP\wincmd.ini"
"C:\ProgramData\FileOpen\Services\FileOpenBroker64.exe"
"C:\Program Files (x86)\TC UP\tcmatch.exe" gui
"taskhost.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3684 CREDAT:203009
"C:\Windows\system32\taskmgr.exe" /4
"C:\Users\Pospisil\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3684 CREDAT:203010
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7936.0.825656213\256878514" --supports-dual-gpus=false --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/8/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_13/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="7936.1.967604878\1019392474" /prefetch:3
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3684 CREDAT:137488
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7936.2.966208960\347942195" --lang=cs --ignored=" --type=renderer " /prefetch:13
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForPospisil.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2010-01-29 74552]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pospisil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Pospisil\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-01-20 28539272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
""= []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"RIMBBLaunchAgent.exe"=c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64
PGPpwflt
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uvnc_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
.vbs - edit -
.vbs - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
======List of files/folders created in the last 1 months======
2013-03-23 18:50:15 ----D---- C:\rsit
2013-03-14 03:04:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 03:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 03:04:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 03:04:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 03:03:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 03:03:59 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 03:03:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 03:03:55 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 03:03:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 03:03:54 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 02:41:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-09 12:16:59 ----D---- C:\Users\Pospisil\AppData\Roaming\AVG
2013-03-09 12:16:06 ----D---- C:\ProgramData\AVG
2013-03-09 12:15:52 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-06 19:57:29 ----D---- C:\Users\Pospisil\AppData\Roaming\langmaster.gopas
2013-03-06 19:56:42 ----AD---- C:\ProgramData\TEMP
2013-03-06 19:47:58 ----D---- C:\Program Files (x86)\Gopas
2013-03-06 18:35:14 ----A---- C:\gui730_3-10010496.exe
2013-03-03 18:43:46 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-02 21:39:15 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-03-02 21:38:57 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-03-02 21:05:43 ----D---- C:\Program Files\Microsoft Office 15
2013-03-02 20:40:25 ----D---- C:\Users\Pospisil\AppData\Roaming\WinISO Computing
2013-03-02 20:40:19 ----A---- C:\Windows\system32\drivers\WinisoCDBus.sys
2013-03-02 20:40:13 ----D---- C:\Program Files (x86)\WinISO Computing
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 07:26:22 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:26:22 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\FntCache.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\DWrite.dll
2013-02-28 07:26:14 ----A---- C:\Windows\system32\d2d1.dll
2013-02-28 07:26:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
======List of files/folders modified in the last 1 months======
2013-03-23 19:00:00 ----D---- C:\Windows\Temp
2013-03-23 18:59:59 ----D---- C:\Program Files\trend micro
2013-03-23 18:58:18 ----D---- C:\Windows\tracing
2013-03-23 18:50:52 ----D---- C:\Windows\Prefetch
2013-03-23 18:02:31 ----D---- C:\ProgramData\MFAData
2013-03-23 16:51:22 ----SHD---- C:\System Volume Information
2013-03-23 14:51:17 ----D---- C:\Windows\system32\config
2013-03-23 09:43:57 ----D---- C:\Programy
2013-03-23 09:39:15 ----SHD---- C:\Windows\Installer
2013-03-23 09:37:48 ----HD---- C:\Config.Msi
2013-03-23 09:37:20 ----D---- C:\Windows\system32\DriverStore
2013-03-23 09:37:20 ----D---- C:\Windows\system32\catroot
2013-03-23 09:37:18 ----D---- C:\Windows\inf
2013-03-23 09:36:50 ----D---- C:\Windows\system32\drivers
2013-03-22 19:58:38 ----D---- C:\Users\Pospisil\AppData\Roaming\Skype
2013-03-22 18:59:51 ----D---- C:\Windows\System32
2013-03-22 18:59:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-22 08:22:56 ----D---- C:\Windows\system32\Tasks
2013-03-21 17:29:20 ----D---- C:\ProgramData\Adobe
2013-03-20 10:40:57 ----D---- C:\Tiskopis LP plán místo - SAP.dot
2013-03-18 13:07:29 ----D---- C:\Windows\Minidump
2013-03-18 13:06:56 ----D---- C:\Windows
2013-03-18 06:22:22 ----D---- C:\Windows\ModemLogs
2013-03-15 08:17:33 ----D---- C:\Windows\SysWOW64
2013-03-15 08:17:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-14 10:21:27 ----D---- C:\Windows\rescache
2013-03-14 05:18:22 ----D---- C:\Windows\winsxs
2013-03-14 05:17:27 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 05:17:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 03:32:22 ----D---- C:\Windows\AppPatch
2013-03-14 03:32:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 03:32:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 03:32:19 ----D---- C:\Windows\system32\migration
2013-03-14 03:32:18 ----D---- C:\Program Files\Internet Explorer
2013-03-14 03:16:25 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 03:09:09 ----D---- C:\Windows\debug
2013-03-14 03:08:59 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 03:04:48 ----D---- C:\Windows\system32\catroot2
2013-03-12 10:19:05 ----D---- C:\VREP
2013-03-11 10:26:31 ----D---- C:\ProgramData\FLEXnet
2013-03-10 21:33:37 ----D---- C:\Program Files (x86)\AVG
2013-03-09 16:23:54 ----D---- C:\Windows\system32\LogFiles
2013-03-09 12:16:06 ----HD---- C:\ProgramData
2013-03-09 11:17:00 ----RD---- C:\Program Files (x86)
2013-03-08 06:03:58 ----D---- C:\Users\Pospisil\AppData\Roaming\602XML
2013-03-05 12:40:27 ----D---- C:\Windows\system32\drivers\etc
2013-03-04 05:53:17 ----D---- C:\HRDATA
2013-03-03 22:30:44 ----D---- C:\Windows\Microsoft.NET
2013-03-03 21:17:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-03 21:05:21 ----RSD---- C:\Windows\assembly
2013-03-03 20:15:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-03 20:15:53 ----D---- C:\Windows\system32\en-US
2013-03-03 19:47:18 ----D---- C:\Program Files (x86)\MSBuild
2013-03-03 19:40:42 ----RD---- C:\Program Files
2013-03-03 19:27:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-03 18:44:30 ----SD---- C:\Users\Pospisil\AppData\Roaming\Microsoft
2013-03-03 18:43:48 ----RSD---- C:\Windows\Fonts
2013-03-03 18:43:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-03 08:59:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-03 08:59:57 ----D---- C:\Windows\system32\cs-CZ
2013-03-02 22:28:12 ----D---- C:\Program Files (x86)\Microsoft Office
2013-03-02 22:26:23 ----D---- C:\Program Files\CCleaner
2013-03-02 21:16:53 ----SD---- C:\ProgramData\Microsoft
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 07:35:06 ----D---- C:\Windows\system32\pt-BR
2013-02-28 07:35:06 ----D---- C:\Windows\system32\it-IT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pt-PT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pl-PL
2013-02-28 07:35:05 ----D---- C:\Windows\system32\ko-KR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\zh-HK
2013-02-28 07:35:04 ----D---- C:\Windows\system32\nl-NL
2013-02-28 07:35:04 ----D---- C:\Windows\system32\hu-HU
2013-02-28 07:35:04 ----D---- C:\Windows\system32\fr-FR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\el-GR
2013-02-28 07:35:03 ----D---- C:\Windows\system32\fi-FI
2013-02-28 07:35:02 ----D---- C:\Windows\system32\tr-TR
2013-02-28 07:35:02 ----D---- C:\Windows\system32\sv-SE
2013-02-28 07:35:01 ----D---- C:\Windows\system32\zh-TW
2013-02-28 07:35:01 ----D---- C:\Windows\system32\es-ES
2013-02-28 07:35:01 ----D---- C:\Windows\system32\de-DE
2013-02-28 07:35:00 ----D---- C:\Windows\system32\zh-CN
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ru-RU
2013-02-28 07:35:00 ----D---- C:\Windows\system32\nb-NO
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ja-JP
2013-02-28 07:34:59 ----D---- C:\Windows\system32\da-DK
2013-02-25 04:16:40 ----D---- C:\ProgramData\hpqLog
2013-02-24 20:52:01 ----D---- C:\A
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pgpfs;PGP File Sharing; C:\Windows\System32\Drivers\PGPfsfd.sys [2010-02-15 169592]
R0 PGPwded;PGPwded Storage Filter Service; C:\Windows\system32\drivers\PGPwded.sys [2010-02-15 332920]
R0 Pgpwdefs;Pgpwdefs; C:\Windows\system32\DRIVERS\Pgpwdefs.sys [2010-02-15 14456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R2 PGPdisk;PGPdisk; C:\Windows\system32\drivers\PGPdisk.sys [2010-02-15 274552]
R2 PGPsdkDriver;PGPsdkDriver; C:\Windows\System32\Drivers\PGPsdk.sys [2010-02-15 50296]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 52584]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2011-07-26 17720]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-11-04 944640]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-10-22 44544]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2010-08-04 6075816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2009-11-15 50688]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [2011-04-18 332160]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2009-11-15 948224]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2009-11-15 690688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$IR;SQL Server (IR); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-02-21 186488]
R2 PGPserv;PGPserv; C:\Windows\SysWOW64\PGPserv.exe [2010-02-15 135288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-17 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-11 150648]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-08-17 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 iswinservice;ISWin Service; C:\Program Files (x86)\ISWIN\ISwinService.exe [2011-09-17 22016]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zaneřáděný ntb...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119525
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný ntb...
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dreamteam2cz
- Návštěvník
- Příspěvky: 53
- Registrován: 06 úno 2011 21:14
Re: Zaneřáděný ntb...
Již mi to dělá i IE...
# AdwCleaner v2.115 - Log vytvooen 23/03/2013 v 19:55:36
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Pospisil - SZDC000PHA07993
# Spuštin systém : Normální
# Spuštino z : C:\Users\Pospisil\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Users\Pospisil\AppData\LocalLow\Toolbar4
Složka Nalezeno : C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Nalezeno : C:\Users\tv\AppData\LocalLow\Toolbar4
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Nalezeno : HKCU\Software\Somoto
Klíe Nalezeno : HKCU\Software\Somoto Toolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\4265477261706869630A
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1001\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1008\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.bigseekpro.com/anyvideo2dvd/{0CBF31 ... src=newtab
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/anyvideo2dvd/{0CBF31 ... C78C459AFC}
-\\ Mozilla Firefox v17.0.1 (en-US)
Soubor : C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Roaming\Mozilla\Firefox\Profiles\8goe48q1.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v25.0.1364.172
Soubor : C:\Users\Pospisil\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.13.1734.0
Soubor : C:\Users\Pospisil\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [10996 octets] - [23/03/2013 19:55:36]
########## EOF - C:\AdwCleaner[R1].txt - [11057 octets] ##########
# AdwCleaner v2.115 - Log vytvooen 23/03/2013 v 19:55:36
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Pospisil - SZDC000PHA07993
# Spuštin systém : Normální
# Spuštino z : C:\Users\Pospisil\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Users\Pospisil\AppData\LocalLow\Toolbar4
Složka Nalezeno : C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Nalezeno : C:\Users\tv\AppData\LocalLow\Toolbar4
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Nalezeno : HKCU\Software\Somoto
Klíe Nalezeno : HKCU\Software\Somoto Toolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\4265477261706869630A
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1001\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-869890024-1638057701-321323812-1008\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.bigseekpro.com/anyvideo2dvd/{0CBF31 ... src=newtab
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/anyvideo2dvd/{0CBF31 ... C78C459AFC}
-\\ Mozilla Firefox v17.0.1 (en-US)
Soubor : C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Roaming\Mozilla\Firefox\Profiles\8goe48q1.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v25.0.1364.172
Soubor : C:\Users\Pospisil\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.13.1734.0
Soubor : C:\Users\Pospisil\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [10996 octets] - [23/03/2013 19:55:36]
########## EOF - C:\AdwCleaner[R1].txt - [11057 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119525
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný ntb...
Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dreamteam2cz
- Návštěvník
- Příspěvky: 53
- Registrován: 06 úno 2011 21:14
Re: Zaneřáděný ntb...
V průběhu se ozvalo AVG - povolil jsem činnost.
# AdwCleaner v2.115 - Log vytvooen 23/03/2013 v 20:16:15
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Pospisil - SZDC000PHA07993
# Spuštin systém : Normální
# Spuštino z : C:\Users\Pospisil\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Users\Pospisil\AppData\LocalLow\Toolbar4
Složka Vymazáno : C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Vymazáno : C:\Users\tv\AppData\LocalLow\Toolbar4
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Vymazáno : HKCU\Software\Somoto
Klíe Vymazáno : HKCU\Software\Somoto Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\SMTTB2009
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Klíe Vymazáno : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\4265477261706869630A
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKU\S-1-5-21-869890024-1638057701-321323812-1008\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.bigseekpro.com/anyvideo2dvd/{0CBF31 ... src=newtab --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/anyvideo2dvd/{0CBF31 ... C78C459AFC} --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0.1 (en-US)
Soubor : C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\prefs.js
C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\user.js ... Vymazáno !
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Roaming\Mozilla\Firefox\Profiles\8goe48q1.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v25.0.1364.172
Soubor : C:\Users\Pospisil\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.13.1734.0
Soubor : C:\Users\Pospisil\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [11079 octets] - [23/03/2013 19:55:36]
AdwCleaner[S1].txt - [336 octets] - [23/03/2013 20:04:10]
AdwCleaner[S2].txt - [10670 octets] - [23/03/2013 20:16:15]
########## EOF - C:\AdwCleaner[S2].txt - [10731 octets] ##########
# AdwCleaner v2.115 - Log vytvooen 23/03/2013 v 20:16:15
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Pospisil - SZDC000PHA07993
# Spuštin systém : Normální
# Spuštino z : C:\Users\Pospisil\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Users\Pospisil\AppData\LocalLow\Toolbar4
Složka Vymazáno : C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Vymazáno : C:\Users\tv\AppData\LocalLow\Toolbar4
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Vymazáno : HKCU\Software\Somoto
Klíe Vymazáno : HKCU\Software\Somoto Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\SMTTB2009
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Klíe Vymazáno : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\4265477261706869630A
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKU\S-1-5-21-869890024-1638057701-321323812-1008\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.bigseekpro.com/anyvideo2dvd/{0CBF31 ... src=newtab --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/anyvideo2dvd/{0CBF31 ... C78C459AFC} --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0.1 (en-US)
Soubor : C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\prefs.js
C:\Users\Pospisil\AppData\Roaming\Mozilla\Firefox\Profiles\zhm4dh66.default\user.js ... Vymazáno !
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Roaming\Mozilla\Firefox\Profiles\8goe48q1.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v25.0.1364.172
Soubor : C:\Users\Pospisil\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
-\\ Opera v12.13.1734.0
Soubor : C:\Users\Pospisil\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
Soubor : C:\Users\tv\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [11079 octets] - [23/03/2013 19:55:36]
AdwCleaner[S1].txt - [336 octets] - [23/03/2013 20:04:10]
AdwCleaner[S2].txt - [10670 octets] - [23/03/2013 20:16:15]
########## EOF - C:\AdwCleaner[S2].txt - [10731 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119525
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný ntb...
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dreamteam2cz
- Návštěvník
- Příspěvky: 53
- Registrován: 06 úno 2011 21:14
Re: Zaneřáděný ntb...
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pospisil at 2013-03-23 21:36:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 15 GB (10%) free of 147 GB
Total RAM: 3996 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:55, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\trend micro\Pospisil.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szdc.cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Správa železniční dopravní cesty, státní organizace
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxysetup2.szdc.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy2.szdc.cz:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.cd.cz;*.szdc.cz;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 95.211.0.119 www.google-analytics.com.
O1 - Hosts: 95.211.0.119 ad-emea.doubleclick.net.
O1 - Hosts: 95.211.0.119 www.statcounter.com.
O1 - Hosts: 93.115.241.27 www.google-analytics.com.
O1 - Hosts: 93.115.241.27 ad-emea.doubleclick.net.
O1 - Hosts: 93.115.241.27 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.pectest.cdcargo.cz
O15 - Trusted Zone: http://*.jv.cd.cz
O15 - Trusted Zone: http://*.mk.cd.cz
O15 - Trusted Zone: *.seznam.cz
O15 - Trusted Zone: http://webmail.szdc.cz
O15 - Trusted Zone: http://login.szn.cz
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/In ... ect121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3638927E-E897-4A11-B10E-2A88316E2765}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{62103EC7-3C2B-4559-B56F-462C5ECA3A15}: NameServer = 10.4.10.10,10.4.12.20
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = red.szdc.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll PGPmapih.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: PGPserv - PGP Corporation - C:\Windows\SysWOW64\PGPserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17073 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=f4aabd0b-6ac4-4460-9160-a3151120404f /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\f457890d-6b46-4e43-b062-cd67bfa09d27-1e4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ShrewSoft\VPN Client\dtpd.exe" -service
C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
"C:\Program Files\ShrewSoft\VPN Client\iked.exe" -service
"C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe" -service
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sIR
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PGPserv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\UI0Detect.exe
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=cacd397b-fbec-4a67-bbfa-465c408c3307 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\b1aa8671-3456-463f-affe-c115d069972c-da0-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {6128CD84-D23D-4C00-9047-3B5B9BA62EEE}
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose
"C:\Users\Pospisil\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForPospisil.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2010-01-29 74552]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pospisil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Pospisil\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-01-20 28539272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
""= []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"RIMBBLaunchAgent.exe"=c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64
PGPpwflt
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uvnc_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
.vbs - edit -
.vbs - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
======List of files/folders created in the last 1 months======
2013-03-23 20:16:15 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 20:04:10 ----A---- C:\AdwCleaner[S1].txt
2013-03-23 19:55:36 ----A---- C:\AdwCleaner[R1].txt
2013-03-23 18:50:15 ----D---- C:\rsit
2013-03-14 03:04:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 03:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 03:04:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 03:04:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 03:03:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 03:03:59 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 03:03:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 03:03:55 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 03:03:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 03:03:54 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 02:41:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-09 12:16:59 ----D---- C:\Users\Pospisil\AppData\Roaming\AVG
2013-03-09 12:16:06 ----D---- C:\ProgramData\AVG
2013-03-09 12:15:52 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-06 19:57:29 ----D---- C:\Users\Pospisil\AppData\Roaming\langmaster.gopas
2013-03-06 19:56:42 ----AD---- C:\ProgramData\TEMP
2013-03-06 19:47:58 ----D---- C:\Program Files (x86)\Gopas
2013-03-06 18:35:14 ----A---- C:\gui730_3-10010496.exe
2013-03-03 18:43:46 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-02 21:39:15 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-03-02 21:38:57 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-03-02 21:05:43 ----D---- C:\Program Files\Microsoft Office 15
2013-03-02 20:40:25 ----D---- C:\Users\Pospisil\AppData\Roaming\WinISO Computing
2013-03-02 20:40:19 ----A---- C:\Windows\system32\drivers\WinisoCDBus.sys
2013-03-02 20:40:13 ----D---- C:\Program Files (x86)\WinISO Computing
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 07:26:22 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:26:22 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\FntCache.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\DWrite.dll
2013-02-28 07:26:14 ----A---- C:\Windows\system32\d2d1.dll
2013-02-28 07:26:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
======List of files/folders modified in the last 1 months======
2013-03-23 21:36:31 ----D---- C:\Windows\Temp
2013-03-23 21:36:30 ----D---- C:\Program Files\trend micro
2013-03-23 21:35:56 ----D---- C:\ProgramData\MFAData
2013-03-23 21:29:59 ----D---- C:\Windows\tracing
2013-03-23 21:29:24 ----D---- C:\Users\Pospisil\AppData\Roaming\Skype
2013-03-23 20:38:42 ----D---- C:\Windows\system32\config
2013-03-23 20:31:36 ----D---- C:\Windows\System32
2013-03-23 20:31:36 ----D---- C:\Windows\inf
2013-03-23 20:31:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-23 20:26:27 ----D---- C:\Windows\Prefetch
2013-03-23 16:51:22 ----SHD---- C:\System Volume Information
2013-03-23 09:43:57 ----D---- C:\Programy
2013-03-23 09:39:15 ----SHD---- C:\Windows\Installer
2013-03-23 09:37:48 ----HD---- C:\Config.Msi
2013-03-23 09:37:20 ----D---- C:\Windows\system32\DriverStore
2013-03-23 09:37:20 ----D---- C:\Windows\system32\catroot
2013-03-23 09:36:50 ----D---- C:\Windows\system32\drivers
2013-03-22 08:22:56 ----D---- C:\Windows\system32\Tasks
2013-03-21 17:29:20 ----D---- C:\ProgramData\Adobe
2013-03-20 10:40:57 ----D---- C:\Tiskopis LP plán místo - SAP.dot
2013-03-18 13:07:29 ----D---- C:\Windows\Minidump
2013-03-18 13:06:56 ----D---- C:\Windows
2013-03-18 06:22:22 ----D---- C:\Windows\ModemLogs
2013-03-15 08:17:33 ----D---- C:\Windows\SysWOW64
2013-03-15 08:17:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-14 10:21:27 ----D---- C:\Windows\rescache
2013-03-14 05:18:22 ----D---- C:\Windows\winsxs
2013-03-14 05:17:27 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 05:17:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 03:32:22 ----D---- C:\Windows\AppPatch
2013-03-14 03:32:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 03:32:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 03:32:19 ----D---- C:\Windows\system32\migration
2013-03-14 03:32:18 ----D---- C:\Program Files\Internet Explorer
2013-03-14 03:16:25 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 03:09:09 ----D---- C:\Windows\debug
2013-03-14 03:08:59 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 03:04:48 ----D---- C:\Windows\system32\catroot2
2013-03-12 10:19:05 ----D---- C:\VREP
2013-03-11 10:26:31 ----D---- C:\ProgramData\FLEXnet
2013-03-10 21:33:37 ----D---- C:\Program Files (x86)\AVG
2013-03-09 16:23:54 ----D---- C:\Windows\system32\LogFiles
2013-03-09 12:16:06 ----HD---- C:\ProgramData
2013-03-09 11:17:00 ----RD---- C:\Program Files (x86)
2013-03-08 06:03:58 ----D---- C:\Users\Pospisil\AppData\Roaming\602XML
2013-03-05 12:40:27 ----D---- C:\Windows\system32\drivers\etc
2013-03-04 05:53:17 ----D---- C:\HRDATA
2013-03-03 22:30:44 ----D---- C:\Windows\Microsoft.NET
2013-03-03 21:17:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-03 21:05:21 ----RSD---- C:\Windows\assembly
2013-03-03 20:15:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-03 20:15:53 ----D---- C:\Windows\system32\en-US
2013-03-03 19:47:18 ----D---- C:\Program Files (x86)\MSBuild
2013-03-03 19:40:42 ----RD---- C:\Program Files
2013-03-03 19:27:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-03 18:44:30 ----SD---- C:\Users\Pospisil\AppData\Roaming\Microsoft
2013-03-03 18:43:48 ----RSD---- C:\Windows\Fonts
2013-03-03 18:43:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-03 08:59:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-03 08:59:57 ----D---- C:\Windows\system32\cs-CZ
2013-03-02 22:28:12 ----D---- C:\Program Files (x86)\Microsoft Office
2013-03-02 22:26:23 ----D---- C:\Program Files\CCleaner
2013-03-02 21:16:53 ----SD---- C:\ProgramData\Microsoft
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 07:35:06 ----D---- C:\Windows\system32\pt-BR
2013-02-28 07:35:06 ----D---- C:\Windows\system32\it-IT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pt-PT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pl-PL
2013-02-28 07:35:05 ----D---- C:\Windows\system32\ko-KR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\zh-HK
2013-02-28 07:35:04 ----D---- C:\Windows\system32\nl-NL
2013-02-28 07:35:04 ----D---- C:\Windows\system32\hu-HU
2013-02-28 07:35:04 ----D---- C:\Windows\system32\fr-FR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\el-GR
2013-02-28 07:35:03 ----D---- C:\Windows\system32\fi-FI
2013-02-28 07:35:02 ----D---- C:\Windows\system32\tr-TR
2013-02-28 07:35:02 ----D---- C:\Windows\system32\sv-SE
2013-02-28 07:35:01 ----D---- C:\Windows\system32\zh-TW
2013-02-28 07:35:01 ----D---- C:\Windows\system32\es-ES
2013-02-28 07:35:01 ----D---- C:\Windows\system32\de-DE
2013-02-28 07:35:00 ----D---- C:\Windows\system32\zh-CN
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ru-RU
2013-02-28 07:35:00 ----D---- C:\Windows\system32\nb-NO
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ja-JP
2013-02-28 07:34:59 ----D---- C:\Windows\system32\da-DK
2013-02-25 04:16:40 ----D---- C:\ProgramData\hpqLog
2013-02-24 20:52:01 ----D---- C:\A
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pgpfs;PGP File Sharing; C:\Windows\System32\Drivers\PGPfsfd.sys [2010-02-15 169592]
R0 PGPwded;PGPwded Storage Filter Service; C:\Windows\system32\drivers\PGPwded.sys [2010-02-15 332920]
R0 Pgpwdefs;Pgpwdefs; C:\Windows\system32\DRIVERS\Pgpwdefs.sys [2010-02-15 14456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R2 PGPdisk;PGPdisk; C:\Windows\system32\drivers\PGPdisk.sys [2010-02-15 274552]
R2 PGPsdkDriver;PGPsdkDriver; C:\Windows\System32\Drivers\PGPsdk.sys [2010-02-15 50296]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 52584]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2011-07-26 17720]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-11-04 944640]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-10-22 44544]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2010-08-04 6075816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2009-11-15 50688]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [2011-04-18 332160]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2009-11-15 948224]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2009-11-15 690688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$IR;SQL Server (IR); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-02-21 186488]
R2 PGPserv;PGPserv; C:\Windows\SysWOW64\PGPserv.exe [2010-02-15 135288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-17 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-11 150648]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-08-17 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 iswinservice;ISWin Service; C:\Program Files (x86)\ISWIN\ISwinService.exe [2011-09-17 22016]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Run by Pospisil at 2013-03-23 21:36:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 15 GB (10%) free of 147 GB
Total RAM: 3996 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:55, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\trend micro\Pospisil.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szdc.cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Správa železniční dopravní cesty, státní organizace
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxysetup2.szdc.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy2.szdc.cz:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.cd.cz;*.szdc.cz;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 95.211.0.119 www.google-analytics.com.
O1 - Hosts: 95.211.0.119 ad-emea.doubleclick.net.
O1 - Hosts: 95.211.0.119 www.statcounter.com.
O1 - Hosts: 93.115.241.27 www.google-analytics.com.
O1 - Hosts: 93.115.241.27 ad-emea.doubleclick.net.
O1 - Hosts: 93.115.241.27 www.statcounter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.pectest.cdcargo.cz
O15 - Trusted Zone: http://*.jv.cd.cz
O15 - Trusted Zone: http://*.mk.cd.cz
O15 - Trusted Zone: *.seznam.cz
O15 - Trusted Zone: http://webmail.szdc.cz
O15 - Trusted Zone: http://login.szn.cz
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/In ... ect121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3638927E-E897-4A11-B10E-2A88316E2765}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{62103EC7-3C2B-4559-B56F-462C5ECA3A15}: NameServer = 10.4.10.10,10.4.12.20
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = red.szdc.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll PGPmapih.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: PGPserv - PGP Corporation - C:\Windows\SysWOW64\PGPserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17073 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=f4aabd0b-6ac4-4460-9160-a3151120404f /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\f457890d-6b46-4e43-b062-cd67bfa09d27-1e4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ShrewSoft\VPN Client\dtpd.exe" -service
C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
"C:\Program Files\ShrewSoft\VPN Client\iked.exe" -service
"C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe" -service
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sIR
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PGPserv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\UI0Detect.exe
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=cacd397b-fbec-4a67-bbfa-465c408c3307 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\b1aa8671-3456-463f-affe-c115d069972c-da0-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {6128CD84-D23D-4C00-9047-3B5B9BA62EEE}
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose
"C:\Users\Pospisil\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForPospisil.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2010-01-29 74552]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pospisil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Pospisil\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-01-20 28539272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
""= []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"RIMBBLaunchAgent.exe"=c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64
PGPpwflt
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uvnc_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
.vbs - edit -
.vbs - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
======List of files/folders created in the last 1 months======
2013-03-23 20:16:15 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 20:04:10 ----A---- C:\AdwCleaner[S1].txt
2013-03-23 19:55:36 ----A---- C:\AdwCleaner[R1].txt
2013-03-23 18:50:15 ----D---- C:\rsit
2013-03-14 03:04:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 03:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 03:04:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 03:04:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 03:03:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 03:03:59 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 03:03:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 03:03:55 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 03:03:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 03:03:54 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 02:41:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-09 12:16:59 ----D---- C:\Users\Pospisil\AppData\Roaming\AVG
2013-03-09 12:16:06 ----D---- C:\ProgramData\AVG
2013-03-09 12:15:52 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-06 19:57:29 ----D---- C:\Users\Pospisil\AppData\Roaming\langmaster.gopas
2013-03-06 19:56:42 ----AD---- C:\ProgramData\TEMP
2013-03-06 19:47:58 ----D---- C:\Program Files (x86)\Gopas
2013-03-06 18:35:14 ----A---- C:\gui730_3-10010496.exe
2013-03-03 18:43:46 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-02 21:39:15 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-03-02 21:38:57 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-03-02 21:05:43 ----D---- C:\Program Files\Microsoft Office 15
2013-03-02 20:40:25 ----D---- C:\Users\Pospisil\AppData\Roaming\WinISO Computing
2013-03-02 20:40:19 ----A---- C:\Windows\system32\drivers\WinisoCDBus.sys
2013-03-02 20:40:13 ----D---- C:\Program Files (x86)\WinISO Computing
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 07:26:22 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:26:22 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\FntCache.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\DWrite.dll
2013-02-28 07:26:14 ----A---- C:\Windows\system32\d2d1.dll
2013-02-28 07:26:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
======List of files/folders modified in the last 1 months======
2013-03-23 21:36:31 ----D---- C:\Windows\Temp
2013-03-23 21:36:30 ----D---- C:\Program Files\trend micro
2013-03-23 21:35:56 ----D---- C:\ProgramData\MFAData
2013-03-23 21:29:59 ----D---- C:\Windows\tracing
2013-03-23 21:29:24 ----D---- C:\Users\Pospisil\AppData\Roaming\Skype
2013-03-23 20:38:42 ----D---- C:\Windows\system32\config
2013-03-23 20:31:36 ----D---- C:\Windows\System32
2013-03-23 20:31:36 ----D---- C:\Windows\inf
2013-03-23 20:31:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-23 20:26:27 ----D---- C:\Windows\Prefetch
2013-03-23 16:51:22 ----SHD---- C:\System Volume Information
2013-03-23 09:43:57 ----D---- C:\Programy
2013-03-23 09:39:15 ----SHD---- C:\Windows\Installer
2013-03-23 09:37:48 ----HD---- C:\Config.Msi
2013-03-23 09:37:20 ----D---- C:\Windows\system32\DriverStore
2013-03-23 09:37:20 ----D---- C:\Windows\system32\catroot
2013-03-23 09:36:50 ----D---- C:\Windows\system32\drivers
2013-03-22 08:22:56 ----D---- C:\Windows\system32\Tasks
2013-03-21 17:29:20 ----D---- C:\ProgramData\Adobe
2013-03-20 10:40:57 ----D---- C:\Tiskopis LP plán místo - SAP.dot
2013-03-18 13:07:29 ----D---- C:\Windows\Minidump
2013-03-18 13:06:56 ----D---- C:\Windows
2013-03-18 06:22:22 ----D---- C:\Windows\ModemLogs
2013-03-15 08:17:33 ----D---- C:\Windows\SysWOW64
2013-03-15 08:17:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-14 10:21:27 ----D---- C:\Windows\rescache
2013-03-14 05:18:22 ----D---- C:\Windows\winsxs
2013-03-14 05:17:27 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 05:17:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 03:32:22 ----D---- C:\Windows\AppPatch
2013-03-14 03:32:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 03:32:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 03:32:19 ----D---- C:\Windows\system32\migration
2013-03-14 03:32:18 ----D---- C:\Program Files\Internet Explorer
2013-03-14 03:16:25 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 03:09:09 ----D---- C:\Windows\debug
2013-03-14 03:08:59 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 03:04:48 ----D---- C:\Windows\system32\catroot2
2013-03-12 10:19:05 ----D---- C:\VREP
2013-03-11 10:26:31 ----D---- C:\ProgramData\FLEXnet
2013-03-10 21:33:37 ----D---- C:\Program Files (x86)\AVG
2013-03-09 16:23:54 ----D---- C:\Windows\system32\LogFiles
2013-03-09 12:16:06 ----HD---- C:\ProgramData
2013-03-09 11:17:00 ----RD---- C:\Program Files (x86)
2013-03-08 06:03:58 ----D---- C:\Users\Pospisil\AppData\Roaming\602XML
2013-03-05 12:40:27 ----D---- C:\Windows\system32\drivers\etc
2013-03-04 05:53:17 ----D---- C:\HRDATA
2013-03-03 22:30:44 ----D---- C:\Windows\Microsoft.NET
2013-03-03 21:17:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-03 21:05:21 ----RSD---- C:\Windows\assembly
2013-03-03 20:15:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-03 20:15:53 ----D---- C:\Windows\system32\en-US
2013-03-03 19:47:18 ----D---- C:\Program Files (x86)\MSBuild
2013-03-03 19:40:42 ----RD---- C:\Program Files
2013-03-03 19:27:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-03 18:44:30 ----SD---- C:\Users\Pospisil\AppData\Roaming\Microsoft
2013-03-03 18:43:48 ----RSD---- C:\Windows\Fonts
2013-03-03 18:43:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-03 08:59:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-03 08:59:57 ----D---- C:\Windows\system32\cs-CZ
2013-03-02 22:28:12 ----D---- C:\Program Files (x86)\Microsoft Office
2013-03-02 22:26:23 ----D---- C:\Program Files\CCleaner
2013-03-02 21:16:53 ----SD---- C:\ProgramData\Microsoft
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 07:35:06 ----D---- C:\Windows\system32\pt-BR
2013-02-28 07:35:06 ----D---- C:\Windows\system32\it-IT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pt-PT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pl-PL
2013-02-28 07:35:05 ----D---- C:\Windows\system32\ko-KR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\zh-HK
2013-02-28 07:35:04 ----D---- C:\Windows\system32\nl-NL
2013-02-28 07:35:04 ----D---- C:\Windows\system32\hu-HU
2013-02-28 07:35:04 ----D---- C:\Windows\system32\fr-FR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\el-GR
2013-02-28 07:35:03 ----D---- C:\Windows\system32\fi-FI
2013-02-28 07:35:02 ----D---- C:\Windows\system32\tr-TR
2013-02-28 07:35:02 ----D---- C:\Windows\system32\sv-SE
2013-02-28 07:35:01 ----D---- C:\Windows\system32\zh-TW
2013-02-28 07:35:01 ----D---- C:\Windows\system32\es-ES
2013-02-28 07:35:01 ----D---- C:\Windows\system32\de-DE
2013-02-28 07:35:00 ----D---- C:\Windows\system32\zh-CN
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ru-RU
2013-02-28 07:35:00 ----D---- C:\Windows\system32\nb-NO
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ja-JP
2013-02-28 07:34:59 ----D---- C:\Windows\system32\da-DK
2013-02-25 04:16:40 ----D---- C:\ProgramData\hpqLog
2013-02-24 20:52:01 ----D---- C:\A
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pgpfs;PGP File Sharing; C:\Windows\System32\Drivers\PGPfsfd.sys [2010-02-15 169592]
R0 PGPwded;PGPwded Storage Filter Service; C:\Windows\system32\drivers\PGPwded.sys [2010-02-15 332920]
R0 Pgpwdefs;Pgpwdefs; C:\Windows\system32\DRIVERS\Pgpwdefs.sys [2010-02-15 14456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R2 PGPdisk;PGPdisk; C:\Windows\system32\drivers\PGPdisk.sys [2010-02-15 274552]
R2 PGPsdkDriver;PGPsdkDriver; C:\Windows\System32\Drivers\PGPsdk.sys [2010-02-15 50296]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 52584]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2011-07-26 17720]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-11-04 944640]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-10-22 44544]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2010-08-04 6075816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2009-11-15 50688]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [2011-04-18 332160]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2009-11-15 948224]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2009-11-15 690688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$IR;SQL Server (IR); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-02-21 186488]
R2 PGPserv;PGPserv; C:\Windows\SysWOW64\PGPserv.exe [2010-02-15 135288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-17 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-11 150648]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-08-17 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 iswinservice;ISWin Service; C:\Program Files (x86)\ISWIN\ISwinService.exe [2011-09-17 22016]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119525
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný ntb...
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\gui730_3-10010496.exe
:services
Skype C2C Service
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dreamteam2cz
- Návštěvník
- Příspěvky: 53
- Registrován: 06 úno 2011 21:14
Re: Zaneřáděný ntb...
Tu je:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pospisil at 2013-03-24 08:31:22
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 15 GB (10%) free of 147 GB
Total RAM: 3996 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:31:30, on 24.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\Pospisil.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szdc.cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Správa železniční dopravní cesty, státní organizace
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxysetup2.szdc.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy2.szdc.cz:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.cd.cz;*.szdc.cz;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.pectest.cdcargo.cz
O15 - Trusted Zone: http://*.jv.cd.cz
O15 - Trusted Zone: http://*.mk.cd.cz
O15 - Trusted Zone: *.seznam.cz
O15 - Trusted Zone: http://webmail.szdc.cz
O15 - Trusted Zone: http://login.szn.cz
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/In ... ect121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3638927E-E897-4A11-B10E-2A88316E2765}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{62103EC7-3C2B-4559-B56F-462C5ECA3A15}: NameServer = 10.4.10.10,10.4.12.20
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = red.szdc.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll PGPmapih.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: PGPserv - PGP Corporation - C:\Windows\SysWOW64\PGPserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16605 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=3ab9bb38-c3e3-4126-96a7-214f32e78e57 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\bb03b62b-8c92-4c6f-854a-e0754773e75a-1e8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ShrewSoft\VPN Client\dtpd.exe" -service
C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
"C:\Program Files\ShrewSoft\VPN Client\iked.exe" -service
"C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe" -service
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sIR
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PGPserv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\UI0Detect.exe
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=78f1947f-0187-4e38-9b3b-ab6c10ad2e0e /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\06dbbb70-1abd-4f39-a2bf-b04dda6a2a78-4f4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"taskhost.exe"
taskeng.exe {9F167B39-2CC8-4C4D-B585-C5420B0F3968}
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-869890024-1638057701-321323812-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-869890024-1638057701-321323812-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Pospisil\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForPospisil.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2010-01-29 74552]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pospisil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Pospisil\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-01-20 28539272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
""= []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"RIMBBLaunchAgent.exe"=c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64
PGPpwflt
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uvnc_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
.vbs - edit -
.vbs - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
======List of files/folders created in the last 1 months======
2013-03-24 08:19:45 ----D---- C:\_OTM
2013-03-23 22:12:33 ----A---- C:\AdwCleaner[S3].txt
2013-03-23 20:16:15 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 20:04:10 ----A---- C:\AdwCleaner[S1].txt
2013-03-23 19:55:36 ----A---- C:\AdwCleaner[R1].txt
2013-03-23 18:50:15 ----D---- C:\rsit
2013-03-14 03:04:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 03:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 03:04:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 03:04:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 03:03:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 03:03:59 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 03:03:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 03:03:55 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 03:03:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 03:03:54 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 02:41:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-09 12:16:59 ----D---- C:\Users\Pospisil\AppData\Roaming\AVG
2013-03-09 12:16:06 ----D---- C:\ProgramData\AVG
2013-03-09 12:15:52 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-06 19:57:29 ----D---- C:\Users\Pospisil\AppData\Roaming\langmaster.gopas
2013-03-06 19:56:42 ----AD---- C:\ProgramData\TEMP
2013-03-06 19:47:58 ----D---- C:\Program Files (x86)\Gopas
2013-03-03 18:43:46 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-02 21:39:15 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-03-02 21:38:57 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-03-02 21:05:43 ----D---- C:\Program Files\Microsoft Office 15
2013-03-02 20:40:25 ----D---- C:\Users\Pospisil\AppData\Roaming\WinISO Computing
2013-03-02 20:40:19 ----A---- C:\Windows\system32\drivers\WinisoCDBus.sys
2013-03-02 20:40:13 ----D---- C:\Program Files (x86)\WinISO Computing
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 07:26:22 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:26:22 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\FntCache.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\DWrite.dll
2013-02-28 07:26:14 ----A---- C:\Windows\system32\d2d1.dll
2013-02-28 07:26:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
======List of files/folders modified in the last 1 months======
2013-03-24 08:31:26 ----D---- C:\Windows\Temp
2013-03-24 08:31:25 ----D---- C:\Program Files\trend micro
2013-03-24 08:30:58 ----D---- C:\Users\Pospisil\AppData\Roaming\Skype
2013-03-24 08:29:23 ----D---- C:\ProgramData\MFAData
2013-03-24 08:27:11 ----D---- C:\Windows\system32\config
2013-03-24 08:24:00 ----D---- C:\Windows\tracing
2013-03-24 08:20:24 ----D---- C:\Windows\system32\drivers\etc
2013-03-24 08:20:17 ----D---- C:\Windows
2013-03-24 08:19:46 ----RD---- C:\Program Files (x86)\Skype
2013-03-24 08:19:46 ----D---- C:\Windows\Tasks
2013-03-23 20:31:36 ----D---- C:\Windows\System32
2013-03-23 20:31:36 ----D---- C:\Windows\inf
2013-03-23 20:31:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-23 20:26:27 ----D---- C:\Windows\Prefetch
2013-03-23 16:51:22 ----SHD---- C:\System Volume Information
2013-03-23 09:43:57 ----D---- C:\Programy
2013-03-23 09:39:15 ----SHD---- C:\Windows\Installer
2013-03-23 09:37:48 ----HD---- C:\Config.Msi
2013-03-23 09:37:20 ----D---- C:\Windows\system32\DriverStore
2013-03-23 09:37:20 ----D---- C:\Windows\system32\catroot
2013-03-23 09:36:50 ----D---- C:\Windows\system32\drivers
2013-03-22 08:22:56 ----D---- C:\Windows\system32\Tasks
2013-03-21 17:29:20 ----D---- C:\ProgramData\Adobe
2013-03-20 10:40:57 ----D---- C:\Tiskopis LP plán místo - SAP.dot
2013-03-18 13:07:29 ----D---- C:\Windows\Minidump
2013-03-18 06:22:22 ----D---- C:\Windows\ModemLogs
2013-03-15 08:17:33 ----D---- C:\Windows\SysWOW64
2013-03-15 08:17:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-14 10:21:27 ----D---- C:\Windows\rescache
2013-03-14 05:18:22 ----D---- C:\Windows\winsxs
2013-03-14 05:17:27 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 05:17:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 03:32:22 ----D---- C:\Windows\AppPatch
2013-03-14 03:32:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 03:32:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 03:32:19 ----D---- C:\Windows\system32\migration
2013-03-14 03:32:18 ----D---- C:\Program Files\Internet Explorer
2013-03-14 03:16:25 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 03:09:09 ----D---- C:\Windows\debug
2013-03-14 03:08:59 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 03:04:48 ----D---- C:\Windows\system32\catroot2
2013-03-12 10:19:05 ----D---- C:\VREP
2013-03-11 10:26:31 ----D---- C:\ProgramData\FLEXnet
2013-03-10 21:33:37 ----D---- C:\Program Files (x86)\AVG
2013-03-09 16:23:54 ----D---- C:\Windows\system32\LogFiles
2013-03-09 12:16:06 ----HD---- C:\ProgramData
2013-03-09 11:17:00 ----RD---- C:\Program Files (x86)
2013-03-08 06:03:58 ----D---- C:\Users\Pospisil\AppData\Roaming\602XML
2013-03-04 05:53:17 ----D---- C:\HRDATA
2013-03-03 22:30:44 ----D---- C:\Windows\Microsoft.NET
2013-03-03 21:17:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-03 21:05:21 ----RSD---- C:\Windows\assembly
2013-03-03 20:15:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-03 20:15:53 ----D---- C:\Windows\system32\en-US
2013-03-03 19:47:18 ----D---- C:\Program Files (x86)\MSBuild
2013-03-03 19:40:42 ----RD---- C:\Program Files
2013-03-03 19:27:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-03 18:44:30 ----SD---- C:\Users\Pospisil\AppData\Roaming\Microsoft
2013-03-03 18:43:48 ----RSD---- C:\Windows\Fonts
2013-03-03 18:43:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-03 08:59:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-03 08:59:57 ----D---- C:\Windows\system32\cs-CZ
2013-03-02 22:28:12 ----D---- C:\Program Files (x86)\Microsoft Office
2013-03-02 22:26:23 ----D---- C:\Program Files\CCleaner
2013-03-02 21:16:53 ----SD---- C:\ProgramData\Microsoft
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 07:35:06 ----D---- C:\Windows\system32\pt-BR
2013-02-28 07:35:06 ----D---- C:\Windows\system32\it-IT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pt-PT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pl-PL
2013-02-28 07:35:05 ----D---- C:\Windows\system32\ko-KR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\zh-HK
2013-02-28 07:35:04 ----D---- C:\Windows\system32\nl-NL
2013-02-28 07:35:04 ----D---- C:\Windows\system32\hu-HU
2013-02-28 07:35:04 ----D---- C:\Windows\system32\fr-FR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\el-GR
2013-02-28 07:35:03 ----D---- C:\Windows\system32\fi-FI
2013-02-28 07:35:02 ----D---- C:\Windows\system32\tr-TR
2013-02-28 07:35:02 ----D---- C:\Windows\system32\sv-SE
2013-02-28 07:35:01 ----D---- C:\Windows\system32\zh-TW
2013-02-28 07:35:01 ----D---- C:\Windows\system32\es-ES
2013-02-28 07:35:01 ----D---- C:\Windows\system32\de-DE
2013-02-28 07:35:00 ----D---- C:\Windows\system32\zh-CN
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ru-RU
2013-02-28 07:35:00 ----D---- C:\Windows\system32\nb-NO
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ja-JP
2013-02-28 07:34:59 ----D---- C:\Windows\system32\da-DK
2013-02-25 04:16:40 ----D---- C:\ProgramData\hpqLog
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pgpfs;PGP File Sharing; C:\Windows\System32\Drivers\PGPfsfd.sys [2010-02-15 169592]
R0 PGPwded;PGPwded Storage Filter Service; C:\Windows\system32\drivers\PGPwded.sys [2010-02-15 332920]
R0 Pgpwdefs;Pgpwdefs; C:\Windows\system32\DRIVERS\Pgpwdefs.sys [2010-02-15 14456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R2 PGPdisk;PGPdisk; C:\Windows\system32\drivers\PGPdisk.sys [2010-02-15 274552]
R2 PGPsdkDriver;PGPsdkDriver; C:\Windows\System32\Drivers\PGPsdk.sys [2010-02-15 50296]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 52584]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2011-07-26 17720]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-11-04 944640]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-10-22 44544]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2010-08-04 6075816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2009-11-15 50688]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [2011-04-18 332160]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2009-11-15 948224]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2009-11-15 690688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$IR;SQL Server (IR); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-02-21 186488]
R2 PGPserv;PGPserv; C:\Windows\SysWOW64\PGPserv.exe [2010-02-15 135288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-17 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-11 150648]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-08-17 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 iswinservice;ISWin Service; C:\Program Files (x86)\ISWIN\ISwinService.exe [2011-09-17 22016]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pospisil at 2013-03-24 08:31:22
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 15 GB (10%) free of 147 GB
Total RAM: 3996 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:31:30, on 24.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\Pospisil.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szdc.cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Správa železniční dopravní cesty, státní organizace
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxysetup2.szdc.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy2.szdc.cz:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.cd.cz;*.szdc.cz;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.pectest.cdcargo.cz
O15 - Trusted Zone: http://*.jv.cd.cz
O15 - Trusted Zone: http://*.mk.cd.cz
O15 - Trusted Zone: *.seznam.cz
O15 - Trusted Zone: http://webmail.szdc.cz
O15 - Trusted Zone: http://login.szn.cz
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/In ... ect121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3638927E-E897-4A11-B10E-2A88316E2765}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{62103EC7-3C2B-4559-B56F-462C5ECA3A15}: NameServer = 10.4.10.10,10.4.12.20
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = red.szdc.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll PGPmapih.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: PGPserv - PGP Corporation - C:\Windows\SysWOW64\PGPserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16605 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=3ab9bb38-c3e3-4126-96a7-214f32e78e57 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\bb03b62b-8c92-4c6f-854a-e0754773e75a-1e8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ShrewSoft\VPN Client\dtpd.exe" -service
C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
"C:\Program Files\ShrewSoft\VPN Client\iked.exe" -service
"C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe" -service
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sIR
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PGPserv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\UI0Detect.exe
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=78f1947f-0187-4e38-9b3b-ab6c10ad2e0e /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\06dbbb70-1abd-4f39-a2bf-b04dda6a2a78-4f4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"taskhost.exe"
taskeng.exe {9F167B39-2CC8-4C4D-B585-C5420B0F3968}
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-869890024-1638057701-321323812-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-869890024-1638057701-321323812-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\Pospisil\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForPospisil.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2010-01-29 74552]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pospisil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Pospisil\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-01-20 28539272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
""= []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"RIMBBLaunchAgent.exe"=c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64
PGPpwflt
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uvnc_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
.vbs - edit -
.vbs - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
======List of files/folders created in the last 1 months======
2013-03-24 08:19:45 ----D---- C:\_OTM
2013-03-23 22:12:33 ----A---- C:\AdwCleaner[S3].txt
2013-03-23 20:16:15 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 20:04:10 ----A---- C:\AdwCleaner[S1].txt
2013-03-23 19:55:36 ----A---- C:\AdwCleaner[R1].txt
2013-03-23 18:50:15 ----D---- C:\rsit
2013-03-14 03:04:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 03:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 03:04:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 03:04:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 03:03:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 03:03:59 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 03:03:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 03:03:55 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 03:03:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 03:03:54 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 02:41:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-09 12:16:59 ----D---- C:\Users\Pospisil\AppData\Roaming\AVG
2013-03-09 12:16:06 ----D---- C:\ProgramData\AVG
2013-03-09 12:15:52 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-06 19:57:29 ----D---- C:\Users\Pospisil\AppData\Roaming\langmaster.gopas
2013-03-06 19:56:42 ----AD---- C:\ProgramData\TEMP
2013-03-06 19:47:58 ----D---- C:\Program Files (x86)\Gopas
2013-03-03 18:43:46 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-02 21:39:15 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-03-02 21:38:57 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-03-02 21:05:43 ----D---- C:\Program Files\Microsoft Office 15
2013-03-02 20:40:25 ----D---- C:\Users\Pospisil\AppData\Roaming\WinISO Computing
2013-03-02 20:40:19 ----A---- C:\Windows\system32\drivers\WinisoCDBus.sys
2013-03-02 20:40:13 ----D---- C:\Program Files (x86)\WinISO Computing
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 07:26:22 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:26:22 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\FntCache.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\DWrite.dll
2013-02-28 07:26:14 ----A---- C:\Windows\system32\d2d1.dll
2013-02-28 07:26:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
======List of files/folders modified in the last 1 months======
2013-03-24 08:31:26 ----D---- C:\Windows\Temp
2013-03-24 08:31:25 ----D---- C:\Program Files\trend micro
2013-03-24 08:30:58 ----D---- C:\Users\Pospisil\AppData\Roaming\Skype
2013-03-24 08:29:23 ----D---- C:\ProgramData\MFAData
2013-03-24 08:27:11 ----D---- C:\Windows\system32\config
2013-03-24 08:24:00 ----D---- C:\Windows\tracing
2013-03-24 08:20:24 ----D---- C:\Windows\system32\drivers\etc
2013-03-24 08:20:17 ----D---- C:\Windows
2013-03-24 08:19:46 ----RD---- C:\Program Files (x86)\Skype
2013-03-24 08:19:46 ----D---- C:\Windows\Tasks
2013-03-23 20:31:36 ----D---- C:\Windows\System32
2013-03-23 20:31:36 ----D---- C:\Windows\inf
2013-03-23 20:31:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-23 20:26:27 ----D---- C:\Windows\Prefetch
2013-03-23 16:51:22 ----SHD---- C:\System Volume Information
2013-03-23 09:43:57 ----D---- C:\Programy
2013-03-23 09:39:15 ----SHD---- C:\Windows\Installer
2013-03-23 09:37:48 ----HD---- C:\Config.Msi
2013-03-23 09:37:20 ----D---- C:\Windows\system32\DriverStore
2013-03-23 09:37:20 ----D---- C:\Windows\system32\catroot
2013-03-23 09:36:50 ----D---- C:\Windows\system32\drivers
2013-03-22 08:22:56 ----D---- C:\Windows\system32\Tasks
2013-03-21 17:29:20 ----D---- C:\ProgramData\Adobe
2013-03-20 10:40:57 ----D---- C:\Tiskopis LP plán místo - SAP.dot
2013-03-18 13:07:29 ----D---- C:\Windows\Minidump
2013-03-18 06:22:22 ----D---- C:\Windows\ModemLogs
2013-03-15 08:17:33 ----D---- C:\Windows\SysWOW64
2013-03-15 08:17:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-14 10:21:27 ----D---- C:\Windows\rescache
2013-03-14 05:18:22 ----D---- C:\Windows\winsxs
2013-03-14 05:17:27 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 05:17:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 03:32:22 ----D---- C:\Windows\AppPatch
2013-03-14 03:32:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 03:32:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 03:32:19 ----D---- C:\Windows\system32\migration
2013-03-14 03:32:18 ----D---- C:\Program Files\Internet Explorer
2013-03-14 03:16:25 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 03:09:09 ----D---- C:\Windows\debug
2013-03-14 03:08:59 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 03:04:48 ----D---- C:\Windows\system32\catroot2
2013-03-12 10:19:05 ----D---- C:\VREP
2013-03-11 10:26:31 ----D---- C:\ProgramData\FLEXnet
2013-03-10 21:33:37 ----D---- C:\Program Files (x86)\AVG
2013-03-09 16:23:54 ----D---- C:\Windows\system32\LogFiles
2013-03-09 12:16:06 ----HD---- C:\ProgramData
2013-03-09 11:17:00 ----RD---- C:\Program Files (x86)
2013-03-08 06:03:58 ----D---- C:\Users\Pospisil\AppData\Roaming\602XML
2013-03-04 05:53:17 ----D---- C:\HRDATA
2013-03-03 22:30:44 ----D---- C:\Windows\Microsoft.NET
2013-03-03 21:17:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-03 21:05:21 ----RSD---- C:\Windows\assembly
2013-03-03 20:15:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-03 20:15:53 ----D---- C:\Windows\system32\en-US
2013-03-03 19:47:18 ----D---- C:\Program Files (x86)\MSBuild
2013-03-03 19:40:42 ----RD---- C:\Program Files
2013-03-03 19:27:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-03 18:44:30 ----SD---- C:\Users\Pospisil\AppData\Roaming\Microsoft
2013-03-03 18:43:48 ----RSD---- C:\Windows\Fonts
2013-03-03 18:43:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-03 08:59:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-03 08:59:57 ----D---- C:\Windows\system32\cs-CZ
2013-03-02 22:28:12 ----D---- C:\Program Files (x86)\Microsoft Office
2013-03-02 22:26:23 ----D---- C:\Program Files\CCleaner
2013-03-02 21:16:53 ----SD---- C:\ProgramData\Microsoft
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 07:35:06 ----D---- C:\Windows\system32\pt-BR
2013-02-28 07:35:06 ----D---- C:\Windows\system32\it-IT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pt-PT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pl-PL
2013-02-28 07:35:05 ----D---- C:\Windows\system32\ko-KR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\zh-HK
2013-02-28 07:35:04 ----D---- C:\Windows\system32\nl-NL
2013-02-28 07:35:04 ----D---- C:\Windows\system32\hu-HU
2013-02-28 07:35:04 ----D---- C:\Windows\system32\fr-FR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\el-GR
2013-02-28 07:35:03 ----D---- C:\Windows\system32\fi-FI
2013-02-28 07:35:02 ----D---- C:\Windows\system32\tr-TR
2013-02-28 07:35:02 ----D---- C:\Windows\system32\sv-SE
2013-02-28 07:35:01 ----D---- C:\Windows\system32\zh-TW
2013-02-28 07:35:01 ----D---- C:\Windows\system32\es-ES
2013-02-28 07:35:01 ----D---- C:\Windows\system32\de-DE
2013-02-28 07:35:00 ----D---- C:\Windows\system32\zh-CN
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ru-RU
2013-02-28 07:35:00 ----D---- C:\Windows\system32\nb-NO
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ja-JP
2013-02-28 07:34:59 ----D---- C:\Windows\system32\da-DK
2013-02-25 04:16:40 ----D---- C:\ProgramData\hpqLog
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pgpfs;PGP File Sharing; C:\Windows\System32\Drivers\PGPfsfd.sys [2010-02-15 169592]
R0 PGPwded;PGPwded Storage Filter Service; C:\Windows\system32\drivers\PGPwded.sys [2010-02-15 332920]
R0 Pgpwdefs;Pgpwdefs; C:\Windows\system32\DRIVERS\Pgpwdefs.sys [2010-02-15 14456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R2 PGPdisk;PGPdisk; C:\Windows\system32\drivers\PGPdisk.sys [2010-02-15 274552]
R2 PGPsdkDriver;PGPsdkDriver; C:\Windows\System32\Drivers\PGPsdk.sys [2010-02-15 50296]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 52584]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2011-07-26 17720]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-11-04 944640]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-10-22 44544]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2010-08-04 6075816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2009-11-15 50688]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [2011-04-18 332160]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2009-11-15 948224]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2009-11-15 690688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$IR;SQL Server (IR); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-02-21 186488]
R2 PGPserv;PGPserv; C:\Windows\SysWOW64\PGPserv.exe [2010-02-15 135288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-17 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-11 150648]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-08-17 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 iswinservice;ISWin Service; C:\Program Files (x86)\ISWIN\ISwinService.exe [2011-09-17 22016]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119525
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný ntb...
Dvouklikem na soubor C:\Program Files\trend micro\Pospisil.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R3 - Default URLSearchHook is missing
O15 - Trusted Zone: *.pectest.cdcargo.cz
O15 - Trusted Zone: http://*.jv.cd.cz
O15 - Trusted Zone: http://*.mk.cd.cz
O15 - Trusted Zone: *.seznam.cz
O15 - Trusted Zone: http://webmail.szdc.cz
O15 - Trusted Zone: http://login.szn.cz
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dreamteam2cz
- Návštěvník
- Příspěvky: 53
- Registrován: 06 úno 2011 21:14
Re: Zaneřáděný ntb...
Provedeno. Nyní se již okno neukazuje - děkuji. PS. Mám někde chybu v zabezpečení? - aby se mi to neopakovalo? Vcelku využívám vícero druhů připojení k internetu (domácí WIFI, CDMA, firemní LAN), a někdy se mi stane, že při odpojení od sítě se mi ukáže modrá smrt. Lze vyčíst z logu, čím by to mohlo býti? Děkuji velice.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pospisil at 2013-03-24 11:57:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 15 GB (10%) free of 147 GB
Total RAM: 3996 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:46, on 24.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\Pospisil.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szdc.cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Správa železniční dopravní cesty, státní organizace
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxysetup2.szdc.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy2.szdc.cz:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.cd.cz;*.szdc.cz;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/In ... ect121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3638927E-E897-4A11-B10E-2A88316E2765}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{62103EC7-3C2B-4559-B56F-462C5ECA3A15}: NameServer = 10.4.10.10,10.4.12.20
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = red.szdc.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll PGPmapih.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: PGPserv - PGP Corporation - C:\Windows\SysWOW64\PGPserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16329 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=abfd613b-e84e-4007-adf6-1b2f97f03f39 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\3640ce58-3cd1-4a68-bbc8-1051b69d6e78-1f0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ShrewSoft\VPN Client\dtpd.exe" -service
C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
"C:\Program Files\ShrewSoft\VPN Client\iked.exe" -service
"C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe" -service
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sIR
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PGPserv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\UI0Detect.exe
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=29a4491c-ffbd-4928-b9b2-800172c18d1c /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\2c384e6b-ed73-4417-961d-0978b44db109-d30-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"taskhost.exe"
taskeng.exe {E5BAC76F-21D2-4092-BDE2-8FE2EBD63E13}
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Pospisil\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForPospisil.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2010-01-29 74552]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pospisil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Pospisil\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-01-20 28539272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
""= []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"RIMBBLaunchAgent.exe"=c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64
PGPpwflt
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uvnc_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
.vbs - edit -
.vbs - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
======List of files/folders created in the last 1 months======
2013-03-24 11:57:35 ----D---- C:\rsit
2013-03-23 22:12:33 ----A---- C:\AdwCleaner[S3].txt
2013-03-23 20:16:15 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 20:04:10 ----A---- C:\AdwCleaner[S1].txt
2013-03-23 19:55:36 ----A---- C:\AdwCleaner[R1].txt
2013-03-14 03:04:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 03:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 03:04:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 03:04:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 03:03:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 03:03:59 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 03:03:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 03:03:55 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 03:03:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 03:03:54 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 02:41:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-09 12:16:59 ----D---- C:\Users\Pospisil\AppData\Roaming\AVG
2013-03-09 12:16:06 ----D---- C:\ProgramData\AVG
2013-03-09 12:15:52 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-06 19:57:29 ----D---- C:\Users\Pospisil\AppData\Roaming\langmaster.gopas
2013-03-06 19:56:42 ----AD---- C:\ProgramData\TEMP
2013-03-06 19:47:58 ----D---- C:\Program Files (x86)\Gopas
2013-03-03 18:43:46 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-02 21:39:15 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-03-02 21:38:57 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-03-02 21:05:43 ----D---- C:\Program Files\Microsoft Office 15
2013-03-02 20:40:25 ----D---- C:\Users\Pospisil\AppData\Roaming\WinISO Computing
2013-03-02 20:40:19 ----A---- C:\Windows\system32\drivers\WinisoCDBus.sys
2013-03-02 20:40:13 ----D---- C:\Program Files (x86)\WinISO Computing
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 07:26:22 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:26:22 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\FntCache.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\DWrite.dll
2013-02-28 07:26:14 ----A---- C:\Windows\system32\d2d1.dll
2013-02-28 07:26:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
======List of files/folders modified in the last 1 months======
2013-03-24 11:57:40 ----D---- C:\Windows\Temp
2013-03-24 11:57:39 ----D---- C:\Program Files\trend micro
2013-03-24 11:56:03 ----D---- C:\Windows\tracing
2013-03-24 11:54:54 ----D---- C:\Windows\system32\config
2013-03-24 11:53:52 ----D---- C:\Users\Pospisil\AppData\Roaming\Skype
2013-03-24 11:35:03 ----D---- C:\ProgramData\MFAData
2013-03-24 08:20:24 ----D---- C:\Windows\system32\drivers\etc
2013-03-24 08:20:17 ----D---- C:\Windows
2013-03-24 08:19:46 ----RD---- C:\Program Files (x86)\Skype
2013-03-24 08:19:46 ----D---- C:\Windows\Tasks
2013-03-23 20:31:36 ----D---- C:\Windows\System32
2013-03-23 20:31:36 ----D---- C:\Windows\inf
2013-03-23 20:31:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-23 20:26:27 ----D---- C:\Windows\Prefetch
2013-03-23 16:51:22 ----SHD---- C:\System Volume Information
2013-03-23 09:43:57 ----D---- C:\Programy
2013-03-23 09:39:15 ----SHD---- C:\Windows\Installer
2013-03-23 09:37:48 ----HD---- C:\Config.Msi
2013-03-23 09:37:20 ----D---- C:\Windows\system32\DriverStore
2013-03-23 09:37:20 ----D---- C:\Windows\system32\catroot
2013-03-23 09:36:50 ----D---- C:\Windows\system32\drivers
2013-03-22 08:22:56 ----D---- C:\Windows\system32\Tasks
2013-03-21 17:29:20 ----D---- C:\ProgramData\Adobe
2013-03-20 10:40:57 ----D---- C:\Tiskopis LP plán místo - SAP.dot
2013-03-18 13:07:29 ----D---- C:\Windows\Minidump
2013-03-18 06:22:22 ----D---- C:\Windows\ModemLogs
2013-03-15 08:17:33 ----D---- C:\Windows\SysWOW64
2013-03-15 08:17:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-14 10:21:27 ----D---- C:\Windows\rescache
2013-03-14 05:18:22 ----D---- C:\Windows\winsxs
2013-03-14 05:17:27 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 05:17:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 03:32:22 ----D---- C:\Windows\AppPatch
2013-03-14 03:32:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 03:32:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 03:32:19 ----D---- C:\Windows\system32\migration
2013-03-14 03:32:18 ----D---- C:\Program Files\Internet Explorer
2013-03-14 03:16:25 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 03:09:09 ----D---- C:\Windows\debug
2013-03-14 03:08:59 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 03:04:48 ----D---- C:\Windows\system32\catroot2
2013-03-12 10:19:05 ----D---- C:\VREP
2013-03-11 10:26:31 ----D---- C:\ProgramData\FLEXnet
2013-03-10 21:33:37 ----D---- C:\Program Files (x86)\AVG
2013-03-09 16:23:54 ----D---- C:\Windows\system32\LogFiles
2013-03-09 12:16:06 ----HD---- C:\ProgramData
2013-03-09 11:17:00 ----RD---- C:\Program Files (x86)
2013-03-08 06:03:58 ----D---- C:\Users\Pospisil\AppData\Roaming\602XML
2013-03-04 05:53:17 ----D---- C:\HRDATA
2013-03-03 22:30:44 ----D---- C:\Windows\Microsoft.NET
2013-03-03 21:17:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-03 21:05:21 ----RSD---- C:\Windows\assembly
2013-03-03 20:15:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-03 20:15:53 ----D---- C:\Windows\system32\en-US
2013-03-03 19:47:18 ----D---- C:\Program Files (x86)\MSBuild
2013-03-03 19:40:42 ----RD---- C:\Program Files
2013-03-03 19:27:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-03 18:44:30 ----SD---- C:\Users\Pospisil\AppData\Roaming\Microsoft
2013-03-03 18:43:48 ----RSD---- C:\Windows\Fonts
2013-03-03 18:43:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-03 08:59:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-03 08:59:57 ----D---- C:\Windows\system32\cs-CZ
2013-03-02 22:28:12 ----D---- C:\Program Files (x86)\Microsoft Office
2013-03-02 22:26:23 ----D---- C:\Program Files\CCleaner
2013-03-02 21:16:53 ----SD---- C:\ProgramData\Microsoft
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 07:35:06 ----D---- C:\Windows\system32\pt-BR
2013-02-28 07:35:06 ----D---- C:\Windows\system32\it-IT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pt-PT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pl-PL
2013-02-28 07:35:05 ----D---- C:\Windows\system32\ko-KR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\zh-HK
2013-02-28 07:35:04 ----D---- C:\Windows\system32\nl-NL
2013-02-28 07:35:04 ----D---- C:\Windows\system32\hu-HU
2013-02-28 07:35:04 ----D---- C:\Windows\system32\fr-FR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\el-GR
2013-02-28 07:35:03 ----D---- C:\Windows\system32\fi-FI
2013-02-28 07:35:02 ----D---- C:\Windows\system32\tr-TR
2013-02-28 07:35:02 ----D---- C:\Windows\system32\sv-SE
2013-02-28 07:35:01 ----D---- C:\Windows\system32\zh-TW
2013-02-28 07:35:01 ----D---- C:\Windows\system32\es-ES
2013-02-28 07:35:01 ----D---- C:\Windows\system32\de-DE
2013-02-28 07:35:00 ----D---- C:\Windows\system32\zh-CN
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ru-RU
2013-02-28 07:35:00 ----D---- C:\Windows\system32\nb-NO
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ja-JP
2013-02-28 07:34:59 ----D---- C:\Windows\system32\da-DK
2013-02-25 04:16:40 ----D---- C:\ProgramData\hpqLog
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pgpfs;PGP File Sharing; C:\Windows\System32\Drivers\PGPfsfd.sys [2010-02-15 169592]
R0 PGPwded;PGPwded Storage Filter Service; C:\Windows\system32\drivers\PGPwded.sys [2010-02-15 332920]
R0 Pgpwdefs;Pgpwdefs; C:\Windows\system32\DRIVERS\Pgpwdefs.sys [2010-02-15 14456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R2 PGPdisk;PGPdisk; C:\Windows\system32\drivers\PGPdisk.sys [2010-02-15 274552]
R2 PGPsdkDriver;PGPsdkDriver; C:\Windows\System32\Drivers\PGPsdk.sys [2010-02-15 50296]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 52584]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2011-07-26 17720]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-11-04 944640]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-10-22 44544]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2010-08-04 6075816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2009-11-15 50688]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [2011-04-18 332160]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2009-11-15 948224]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2009-11-15 690688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$IR;SQL Server (IR); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-02-21 186488]
R2 PGPserv;PGPserv; C:\Windows\SysWOW64\PGPserv.exe [2010-02-15 135288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-17 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-11 150648]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-08-17 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 iswinservice;ISWin Service; C:\Program Files (x86)\ISWIN\ISwinService.exe [2011-09-17 22016]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pospisil at 2013-03-24 11:57:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 15 GB (10%) free of 147 GB
Total RAM: 3996 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:46, on 24.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\Pospisil.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.szdc.cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Správa železniční dopravní cesty, státní organizace
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxysetup2.szdc.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy2.szdc.cz:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.cd.cz;*.szdc.cz;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/In ... ect121.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{3638927E-E897-4A11-B10E-2A88316E2765}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{62103EC7-3C2B-4559-B56F-462C5ECA3A15}: NameServer = 10.4.10.10,10.4.12.20
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = red.szdc.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = red.szdc.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\bin\APSHook.dll PGPmapih.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: PGPserv - PGP Corporation - C:\Windows\SysWOW64\PGPserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16329 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=abfd613b-e84e-4007-adf6-1b2f97f03f39 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\3640ce58-3cd1-4a68-bbc8-1051b69d6e78-1f0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ShrewSoft\VPN Client\dtpd.exe" -service
C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
"C:\Program Files\ShrewSoft\VPN Client\iked.exe" -service
"C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe" -service
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sIR
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PGPserv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\UI0Detect.exe
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=29a4491c-ffbd-4928-b9b2-800172c18d1c /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\2c384e6b-ed73-4417-961d-0978b44db109-d30-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"taskhost.exe"
taskeng.exe {E5BAC76F-21D2-4092-BDE2-8FE2EBD63E13}
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe" /Start
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Pospisil\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForPospisil.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2010-01-29 74552]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pospisil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Pospisil\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-01-20 28539272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
""= []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"PTHOSTTR"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
"RIMBBLaunchAgent.exe"=c:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASCredProv64
PGPpwflt
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uvnc_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1
.vbs - edit -
.vbs - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
======List of files/folders created in the last 1 months======
2013-03-24 11:57:35 ----D---- C:\rsit
2013-03-23 22:12:33 ----A---- C:\AdwCleaner[S3].txt
2013-03-23 20:16:15 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 20:04:10 ----A---- C:\AdwCleaner[S1].txt
2013-03-23 19:55:36 ----A---- C:\AdwCleaner[R1].txt
2013-03-14 03:04:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 03:04:04 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 03:04:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\url.dll
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 03:04:02 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 03:04:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 03:04:01 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 03:04:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 03:03:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 03:03:59 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 03:03:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 03:03:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 03:03:55 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 03:03:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 03:03:54 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 02:41:35 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-09 12:16:59 ----D---- C:\Users\Pospisil\AppData\Roaming\AVG
2013-03-09 12:16:06 ----D---- C:\ProgramData\AVG
2013-03-09 12:15:52 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-06 19:57:29 ----D---- C:\Users\Pospisil\AppData\Roaming\langmaster.gopas
2013-03-06 19:56:42 ----AD---- C:\ProgramData\TEMP
2013-03-06 19:47:58 ----D---- C:\Program Files (x86)\Gopas
2013-03-03 18:43:46 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-03-02 21:39:15 ----D---- C:\Program Files (x86)\Microsoft SkyDrive
2013-03-02 21:38:57 ----D---- C:\ProgramData\Microsoft SkyDrive
2013-03-02 21:05:43 ----D---- C:\Program Files\Microsoft Office 15
2013-03-02 20:40:25 ----D---- C:\Users\Pospisil\AppData\Roaming\WinISO Computing
2013-03-02 20:40:19 ----A---- C:\Windows\system32\drivers\WinisoCDBus.sys
2013-03-02 20:40:13 ----D---- C:\Program Files (x86)\WinISO Computing
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-28 07:26:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 07:26:22 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:26:22 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:26:19 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-28 07:26:19 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:26:18 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:26:18 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\dxgi.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d11.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-28 07:26:17 ----A---- C:\Windows\system32\d3d10.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\FntCache.dll
2013-02-28 07:26:16 ----A---- C:\Windows\system32\DWrite.dll
2013-02-28 07:26:14 ----A---- C:\Windows\system32\d2d1.dll
2013-02-28 07:26:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
======List of files/folders modified in the last 1 months======
2013-03-24 11:57:40 ----D---- C:\Windows\Temp
2013-03-24 11:57:39 ----D---- C:\Program Files\trend micro
2013-03-24 11:56:03 ----D---- C:\Windows\tracing
2013-03-24 11:54:54 ----D---- C:\Windows\system32\config
2013-03-24 11:53:52 ----D---- C:\Users\Pospisil\AppData\Roaming\Skype
2013-03-24 11:35:03 ----D---- C:\ProgramData\MFAData
2013-03-24 08:20:24 ----D---- C:\Windows\system32\drivers\etc
2013-03-24 08:20:17 ----D---- C:\Windows
2013-03-24 08:19:46 ----RD---- C:\Program Files (x86)\Skype
2013-03-24 08:19:46 ----D---- C:\Windows\Tasks
2013-03-23 20:31:36 ----D---- C:\Windows\System32
2013-03-23 20:31:36 ----D---- C:\Windows\inf
2013-03-23 20:31:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-23 20:26:27 ----D---- C:\Windows\Prefetch
2013-03-23 16:51:22 ----SHD---- C:\System Volume Information
2013-03-23 09:43:57 ----D---- C:\Programy
2013-03-23 09:39:15 ----SHD---- C:\Windows\Installer
2013-03-23 09:37:48 ----HD---- C:\Config.Msi
2013-03-23 09:37:20 ----D---- C:\Windows\system32\DriverStore
2013-03-23 09:37:20 ----D---- C:\Windows\system32\catroot
2013-03-23 09:36:50 ----D---- C:\Windows\system32\drivers
2013-03-22 08:22:56 ----D---- C:\Windows\system32\Tasks
2013-03-21 17:29:20 ----D---- C:\ProgramData\Adobe
2013-03-20 10:40:57 ----D---- C:\Tiskopis LP plán místo - SAP.dot
2013-03-18 13:07:29 ----D---- C:\Windows\Minidump
2013-03-18 06:22:22 ----D---- C:\Windows\ModemLogs
2013-03-15 08:17:33 ----D---- C:\Windows\SysWOW64
2013-03-15 08:17:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-14 10:21:27 ----D---- C:\Windows\rescache
2013-03-14 05:18:22 ----D---- C:\Windows\winsxs
2013-03-14 05:17:27 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 05:17:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 03:32:22 ----D---- C:\Windows\AppPatch
2013-03-14 03:32:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 03:32:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 03:32:19 ----D---- C:\Windows\system32\migration
2013-03-14 03:32:18 ----D---- C:\Program Files\Internet Explorer
2013-03-14 03:16:25 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 03:09:09 ----D---- C:\Windows\debug
2013-03-14 03:08:59 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 03:04:48 ----D---- C:\Windows\system32\catroot2
2013-03-12 10:19:05 ----D---- C:\VREP
2013-03-11 10:26:31 ----D---- C:\ProgramData\FLEXnet
2013-03-10 21:33:37 ----D---- C:\Program Files (x86)\AVG
2013-03-09 16:23:54 ----D---- C:\Windows\system32\LogFiles
2013-03-09 12:16:06 ----HD---- C:\ProgramData
2013-03-09 11:17:00 ----RD---- C:\Program Files (x86)
2013-03-08 06:03:58 ----D---- C:\Users\Pospisil\AppData\Roaming\602XML
2013-03-04 05:53:17 ----D---- C:\HRDATA
2013-03-03 22:30:44 ----D---- C:\Windows\Microsoft.NET
2013-03-03 21:17:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-03 21:05:21 ----RSD---- C:\Windows\assembly
2013-03-03 20:15:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-03 20:15:53 ----D---- C:\Windows\system32\en-US
2013-03-03 19:47:18 ----D---- C:\Program Files (x86)\MSBuild
2013-03-03 19:40:42 ----RD---- C:\Program Files
2013-03-03 19:27:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-03 18:44:30 ----SD---- C:\Users\Pospisil\AppData\Roaming\Microsoft
2013-03-03 18:43:48 ----RSD---- C:\Windows\Fonts
2013-03-03 18:43:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-03 08:59:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-03 08:59:57 ----D---- C:\Windows\system32\cs-CZ
2013-03-02 22:28:12 ----D---- C:\Program Files (x86)\Microsoft Office
2013-03-02 22:26:23 ----D---- C:\Program Files\CCleaner
2013-03-02 21:16:53 ----SD---- C:\ProgramData\Microsoft
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 07:35:18 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 07:35:17 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 07:35:16 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 07:35:15 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 07:35:06 ----D---- C:\Windows\system32\pt-BR
2013-02-28 07:35:06 ----D---- C:\Windows\system32\it-IT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pt-PT
2013-02-28 07:35:05 ----D---- C:\Windows\system32\pl-PL
2013-02-28 07:35:05 ----D---- C:\Windows\system32\ko-KR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\zh-HK
2013-02-28 07:35:04 ----D---- C:\Windows\system32\nl-NL
2013-02-28 07:35:04 ----D---- C:\Windows\system32\hu-HU
2013-02-28 07:35:04 ----D---- C:\Windows\system32\fr-FR
2013-02-28 07:35:04 ----D---- C:\Windows\system32\el-GR
2013-02-28 07:35:03 ----D---- C:\Windows\system32\fi-FI
2013-02-28 07:35:02 ----D---- C:\Windows\system32\tr-TR
2013-02-28 07:35:02 ----D---- C:\Windows\system32\sv-SE
2013-02-28 07:35:01 ----D---- C:\Windows\system32\zh-TW
2013-02-28 07:35:01 ----D---- C:\Windows\system32\es-ES
2013-02-28 07:35:01 ----D---- C:\Windows\system32\de-DE
2013-02-28 07:35:00 ----D---- C:\Windows\system32\zh-CN
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ru-RU
2013-02-28 07:35:00 ----D---- C:\Windows\system32\nb-NO
2013-02-28 07:35:00 ----D---- C:\Windows\system32\ja-JP
2013-02-28 07:34:59 ----D---- C:\Windows\system32\da-DK
2013-02-25 04:16:40 ----D---- C:\ProgramData\hpqLog
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pgpfs;PGP File Sharing; C:\Windows\System32\Drivers\PGPfsfd.sys [2010-02-15 169592]
R0 PGPwded;PGPwded Storage Filter Service; C:\Windows\system32\drivers\PGPwded.sys [2010-02-15 332920]
R0 Pgpwdefs;Pgpwdefs; C:\Windows\system32\DRIVERS\Pgpwdefs.sys [2010-02-15 14456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R2 PGPdisk;PGPdisk; C:\Windows\system32\drivers\PGPdisk.sys [2010-02-15 274552]
R2 PGPsdkDriver;PGPsdkDriver; C:\Windows\System32\Drivers\PGPsdk.sys [2010-02-15 50296]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2012-08-30 1109296]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 52584]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2011-07-26 17720]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 azvusb;Virtual USB Hub; C:\Windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-11-04 944640]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-10-22 44544]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-07-09 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2010-08-04 6075816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 dtpd;ShrewSoft DNS Proxy Daemon; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [2009-11-15 50688]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [2011-04-18 332160]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 iked;ShrewSoft IKE Daemon; C:\Program Files\ShrewSoft\VPN Client\iked.exe [2009-11-15 948224]
R2 ipsecd;ShrewSoft IPSEC Daemon; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [2009-11-15 690688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$IR;SQL Server (IR); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [2013-02-21 186488]
R2 PGPserv;PGPserv; C:\Windows\SysWOW64\PGPserv.exe [2010-02-15 135288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-17 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-09-11 150648]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-08-17 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 iswinservice;ISWin Service; C:\Program Files (x86)\ISWIN\ISwinService.exe [2011-09-17 22016]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119525
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný ntb...
Log je již OK. Patrně nějaký spyware (což není virus) se někam zapsal a spouštěl se. Můžete zkusit přidat třeba SpywareTerminatora: http://www.stahuj.centrum.cz/utility_a_ ... erminator/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?
