Logfile of random's system information tool 1.09 (written by random/random)
Run by uživatel at 2013-09-25 21:10:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 221 GB (38%) free of 589 GB
Total RAM: 3552 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:49, on 25.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\uživatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uživatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uživatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uživatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\uživatel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Google Update] "C:\Users\uživatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{62995024-B86A-454C-9332-0FD5EF260752}: NameServer = 1.1.1.1,1.1.1.17
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (file missing)
O23 - Service: HP Software Framework Service (hpqwmiex) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
--
End of file - 11448 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 32846880
\??\C:\windows\system32\conhost.exe "1438302535-12555891944201000741583871319752983672-19756104614738162731403919412
atieclxx
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe"
C:\windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
C:\windows\Explorer.EXE
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\windows\system32\Dwm.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2548
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files\Logitech\SetPoint\SetPoint.exe"
"C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
C:\windows\System32\alg.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\uživatel\Desktop\RogueKiller.exe"
"C:\Users\uživatel\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\uživatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1096.0.1937973487\1912573649" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --disable-image-transport-surface --reduce-gpu-sandbox --gpu-vendor-id=0x1002 --gpu-device-id=0x9647 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.836.1.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\uživatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="1096.1.1404980227\1013342853" /prefetch:673131151
"C:\Users\uživatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="1096.2.913190713\2081058706" /prefetch:673131151
"C:\Users\uživatel\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3895686349-747113448-2056458508-1001Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3895686349-747113448-2056458508-1001UA.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3895686349-747113448-2056458508-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3895686349-747113448-2056458508-1001UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\cy88v6ad.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-18 2710824]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-11 1128448]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-09-22 4035152]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"Kernel and Hardware Abstraction Layer"=C:\windows\KHALMNPR.EXE [2009-06-17 130576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\uživatel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Facebook Update"=C:\Users\uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-06 138096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-04-22 658424]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-26 336384]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe []
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 76816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-09-23 13:49:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-23 12:41:54 ----D---- C:\AdwCleaner
2013-09-22 15:20:45 ----D---- C:\Users\uživatel\AppData\Roaming\Malwarebytes
2013-09-22 15:20:28 ----D---- C:\ProgramData\Malwarebytes
2013-09-12 13:02:33 ----D---- C:\Program Files (x86)\Rockstar Games
2013-09-11 23:53:56 ----A---- C:\windows\SYSWOW64\Msvcr71.dll
2013-09-11 23:53:56 ----A---- C:\windows\SYSWOW64\mfc71.dll
2013-09-11 23:53:55 ----A---- C:\windows\SYSWOW64\gdiplus.dll
2013-09-11 21:47:46 ----SHD---- C:\ProgramData\SecuROM
2013-09-11 21:46:03 ----RHD---- C:\Users\uživatel\AppData\Roaming\SecuROM
2013-09-11 21:40:50 ----A---- C:\windows\SYSWOW64\CmdLineExt_x64.dll
2013-09-11 10:16:37 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-09-11 10:16:37 ----A---- C:\windows\system32\ieui.dll
2013-09-11 10:16:35 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-09-11 10:16:35 ----A---- C:\windows\system32\iesetup.dll
2013-09-11 10:16:34 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-11 10:16:34 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-09-11 10:16:34 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-09-11 10:16:34 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-09-11 10:16:34 ----A---- C:\windows\system32\iesysprep.dll
2013-09-11 10:16:34 ----A---- C:\windows\system32\iernonce.dll
2013-09-11 10:16:34 ----A---- C:\windows\system32\ie4uinit.exe
2013-09-11 10:16:33 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-09-11 10:16:32 ----A---- C:\windows\system32\iertutil.dll
2013-09-11 10:16:30 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-09-11 10:16:29 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-09-11 10:16:29 ----A---- C:\windows\system32\msfeeds.dll
2013-09-11 10:16:29 ----A---- C:\windows\system32\jscript.dll
2013-09-11 10:16:27 ----A---- C:\windows\system32\jscript9.dll
2013-09-11 10:16:24 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-09-11 10:16:23 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-09-11 10:16:22 ----A---- C:\windows\system32\urlmon.dll
2013-09-11 10:16:20 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-09-11 10:16:20 ----A---- C:\windows\system32\jsproxy.dll
2013-09-11 10:16:18 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-09-11 10:16:17 ----A---- C:\windows\system32\wininet.dll
2013-09-11 10:16:13 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-09-11 10:16:11 ----A---- C:\windows\system32\ieframe.dll
2013-09-11 10:16:07 ----A---- C:\windows\system32\mshtml.dll
2013-09-11 10:15:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-09-10 23:52:00 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-09-10 23:51:59 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-09-10 23:51:58 ----A---- C:\windows\system32\ntoskrnl.exe
2013-09-10 23:51:58 ----A---- C:\windows\system32\ntdll.dll
2013-09-10 23:51:57 ----A---- C:\windows\SYSWOW64\ntdll.dll
2013-09-10 23:51:57 ----A---- C:\windows\system32\KernelBase.dll
2013-09-10 23:51:56 ----A---- C:\windows\SYSWOW64\kernel32.dll
2013-09-10 23:51:56 ----A---- C:\windows\system32\wow64.dll
2013-09-10 23:51:55 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2013-09-10 23:51:55 ----A---- C:\windows\system32\winsrv.dll
2013-09-10 23:51:55 ----A---- C:\windows\system32\smss.exe
2013-09-10 23:51:55 ----A---- C:\windows\system32\kernel32.dll
2013-09-10 23:51:55 ----A---- C:\windows\system32\csrsrv.dll
2013-09-10 23:51:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 23:51:54 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 23:51:54 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-09-10 23:51:54 ----A---- C:\windows\system32\wow64win.dll
2013-09-10 23:51:54 ----A---- C:\windows\system32\wow64cpu.dll
2013-09-10 23:51:54 ----A---- C:\windows\system32\ntvdm64.dll
2013-09-10 23:51:54 ----A---- C:\windows\system32\conhost.exe
2013-09-10 23:51:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 23:51:53 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 23:51:53 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-09-10 23:51:52 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 23:51:52 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 23:51:51 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 23:51:50 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 23:51:49 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 23:51:49 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 23:51:49 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 23:51:49 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 23:51:49 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 23:51:49 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 23:51:49 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 23:51:48 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 23:51:48 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 23:51:48 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 23:51:48 ----A---- C:\windows\SYSWOW64\user.exe
2013-09-10 23:51:48 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-09-10 23:51:48 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-09-10 23:51:48 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2013-09-10 23:51:48 ----A---- C:\windows\system32\apisetschema.dll
2013-09-10 23:18:57 ----A---- C:\windows\system32\drivers\ataport.sys
2013-09-10 22:57:58 ----A---- C:\windows\system32\win32k.sys
2013-09-10 22:57:06 ----A---- C:\windows\system32\shell32.dll
2013-09-10 22:57:02 ----A---- C:\windows\SYSWOW64\shell32.dll
2013-09-10 22:57:01 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2013-09-10 22:57:01 ----A---- C:\windows\system32\shdocvw.dll
======List of files/folders modified in the last 1 month======
2013-09-25 21:10:49 ----D---- C:\windows\Prefetch
2013-09-25 21:10:48 ----D---- C:\windows\Temp
2013-09-25 21:10:48 ----D---- C:\Program Files\trend micro
2013-09-25 19:27:46 ----D---- C:\windows\System32
2013-09-25 19:27:46 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-09-25 19:27:45 ----D---- C:\windows\inf
2013-09-25 16:35:30 ----D---- C:\windows\system32\drivers
2013-09-25 13:25:39 ----D---- C:\windows\system32\config
2013-09-25 13:12:49 ----D---- C:\ProgramData\PDFC
2013-09-24 11:09:59 ----SHD---- C:\System Volume Information
2013-09-23 13:49:31 ----RD---- C:\Program Files (x86)
2013-09-23 13:49:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-09-23 13:15:48 ----D---- C:\windows\system32\catroot2
2013-09-23 12:40:08 ----D---- C:\Windows
2013-09-22 15:20:28 ----HD---- C:\ProgramData
2013-09-18 19:53:00 ----D---- C:\Users\uživatel\AppData\Roaming\vlc
2013-09-12 16:31:44 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-12 14:56:40 ----D---- C:\windows\rescache
2013-09-12 13:29:01 ----SHD---- C:\windows\Installer
2013-09-12 13:28:29 ----RSD---- C:\windows\assembly
2013-09-11 23:53:56 ----D---- C:\windows\SysWOW64
2013-09-11 20:36:45 ----D---- C:\windows\winsxs
2013-09-11 20:35:57 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-11 20:35:55 ----D---- C:\Program Files\Internet Explorer
2013-09-11 10:17:06 ----D---- C:\windows\system32\catroot
2013-09-11 10:08:01 ----D---- C:\ProgramData\Microsoft Help
2013-09-11 10:00:42 ----D---- C:\windows\AppPatch
2013-09-11 10:00:40 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-09-11 10:00:39 ----D---- C:\windows\system32\cs-CZ
2013-09-11 10:00:38 ----D---- C:\windows\system32\DriverStore
2013-09-11 00:49:04 ----D---- C:\windows\system32\MRT
2013-09-11 00:48:19 ----D---- C:\windows\Microsoft.NET
2013-09-11 00:46:38 ----A---- C:\windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-05 30008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-03 283200]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-05 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 9263104]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 300544]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-22 2727424]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-03-08 174680]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2011-04-07 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-05-11 523264]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\drivers\SynTP.sys [2011-04-18 1413168]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys []
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-05-25 204288]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-05 30520]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-04-22 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [2012-12-31 186760]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-11 301056]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-06 116648]
S2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-08-25 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-25 655624]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-06 116648]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-11 118680]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-01-31 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Stahnete OTL 
Vypnete antivir, at nebrani programu v praci!
To myslite vazne??? Na plose by meli byt jen zastupci, pripadne par dalsich drobnosti, ale velikost by nemela prekrocit 200-300MB! 
Přispějete na provoz fóra?