Nod32 našel toto:
C:\Documents and Settings\milosak\Local Settings\Temporary Internet Files\Content.IE5\A6Q6QP2W\kmp[1].exe Win32/SoftonicDownloader.D potenciálně nechtěná aplikace Léčit
C:\Documents and Settings\milosak\Local Settings\Temporary Internet Files\Content.IE5\QWWZTX03\kmp[1].exe Win32/SoftonicDownloader.D potenciálně nechtěná aplikace Léčit
Přikládám log a prosím o kontrolu. Díky.
Logfile of random's system information tool 1.10 (written by random/random)
Run by milosak at 2016-01-28 23:26:00
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (10%) free of 95 GB
Total RAM: 1023 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:26:22, on 28.1.2016
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\System32\svchost.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\1Password 4\Agile1pAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Cobian Backup 11\Cobian.exe
C:\Program Files\SlimStar 250\MagicKey.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Program Files\SlimStar 250\OSD.EXE
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\PSPad editor\PSPad.exe
c:\Documents and Settings\milosak\Dokumenty\webmaster\ZKUŠEBNÍ\RSIT.exe
C:\Program Files\trend micro\milosak.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/advanced_search?hl=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 88.86.104.16 www.littleschool.cz
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: 1Password - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S91.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [Agile1pAgent] C:\Program Files\1Password 4\Agile1pAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files\Cobian Backup 11\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - texty.ahk.lnk = C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
O4 - Global Startup: SlimStar 250.lnk = C:\Program Files\SlimStar 250\MagicKey.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra 'Tools' menuitem: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Správa aplikací AppMgmtNtmsSvc (AppMgmtNtmsSvc) - Unknown owner - C:\WINDOWS\
O23 - Service: ASP.NET State Service aspnet_stateTapiSrv (aspnet_stateTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Indexing Service cisvcThemes (cisvcThemes) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesTapiSrv (cisvcThemesTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesVSS (cisvcThemesVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: Klient DNS Dnscachewinmgmt (Dnscachewinmgmt) - Unknown owner - C:\WINDOWS\
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Systém událostí modelu COM+ EventSystemRDSessMgr (EventSystemRDSessMgr) - Unknown owner - C:\WINDOWS\
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Machine Debug Manager MDM HotKey Poller (MDM HotKey Poller) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDMBrowser (MDMBrowser) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDM HotKey Poller MDMdmserver (MDMdmserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Zprostředkovatel zabezpečení NT LM NtLmSspSpooler (NtLmSspSpooler) - Unknown owner - C:\WINDOWS\
O23 - Service: Služby IPSEC PolicyAgentVSS (PolicyAgentVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Načítání obrázků (WIA) stisvcMSIServer (stisvcMSIServer) - Unknown owner - C:\WINDOWS\
O23 - Service: Motivy ThemesNetlogon (ThemesNetlogon) - Unknown owner - C:\WINDOWS\
O23 - Service: Telnet TlntSvrNtLmSsp (TlntSvrNtLmSsp) - Unknown owner - C:\WINDOWS\
O23 - Service: Hostitel zařízení UPnP upnphostlanmanserver (upnphostlanmanserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Adaptér výkonu služby WMI WmiApSrvTrkWks (WmiApSrvTrkWks) - Unknown owner - C:\WINDOWS\
--
End of file - 11091 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\extensions\
cs@dictionaries.addons.mozilla.org
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\searchplugins\
firmycz.xml
google-images.xml
googlemaps.xml
googletranslate.xml
youtube.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}]
1Password - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL [2015-12-30 2200848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-05 626528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-02 842296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-07-28 110592]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-06 86016]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2011-09-01 339968]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"EPSON Stylus DX4000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 2312824]
"Agile1pAgent"=C:\Program Files\1Password 4\Agile1pAgent.exe [2015-12-30 4879120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-28 68856]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe /autostart []
"Cobian Backup 11"=C:\Program Files\Cobian Backup 11\Cobian.exe [2013-03-07 720896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\milosak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-28 68856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2006-02-02 1753088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^e-Backup 1.42 Scheduler.lnk]
C:\WINDOWS\Installer\{CA217BDD-D941-454C-AA7E-C3ADA1648FE3}\_3e121a49.exe /S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^milosak^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.OR~\program\QUICKS~1.EXE [2010-06-07 1195520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SlimStar 250.lnk - C:\Program Files\SlimStar 250\MagicKey.exe
C:\Documents and Settings\milosak\Nabídka Start\Programy\Po spuštění
Zástupce - texty.ahk.lnk - C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe:*:Disabled:ASUS Download Master Utility"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\xampp\apache\bin\httpd.exe"="C:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.tscc"=tsccvid.dll
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave"=wdmaud.drv
"aux"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"wave2"=serwvdrv.dll
"VIDC.CSCD"=camcodec.dll
"vidc.XVID"=xvidvfw.dll
======List of files/folders created in the last 1 month======
2016-01-26 23:59:09 ----D---- C:\Program Files\Mozilla Firefox
2016-01-12 11:17:40 ----A---- C:\WINDOWS\system32\ChilkatZip2.dll
2016-01-12 11:17:39 ----A---- C:\WINDOWS\system32\ChilkatCrypt2.dll
2016-01-12 11:17:16 ----D---- C:\Program Files\1Password 4
2016-01-08 23:04:22 ----SHD---- C:\Config.Msi
======List of files/folders modified in the last 1 month======
2016-01-28 23:26:09 ----D---- C:\Program Files\trend micro
2016-01-28 23:26:02 ----D---- C:\WINDOWS\Prefetch
2016-01-28 23:23:42 ----D---- C:\WINDOWS\temp
2016-01-28 22:28:56 ----D---- C:\Program Files
2016-01-28 22:22:43 ----A---- C:\WINDOWS\WINCMD.INI
2016-01-28 14:04:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-01-28 12:08:51 ----A---- C:\WINDOWS\wcx_ftp.ini
2016-01-28 09:14:58 ----D---- C:\WINDOWS\system32
2016-01-27 16:26:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-01-27 00:41:19 ----D---- C:\WINDOWS\system32\CatRoot2
2016-01-25 11:03:29 ----AC---- C:\WINDOWS\NeroDigital.ini
2016-01-18 01:42:21 ----D---- C:\Program Files\Dropbox
2016-01-18 01:42:19 ----SD---- C:\WINDOWS\Tasks
2016-01-18 01:42:17 ----SHD---- C:\WINDOWS\Installer
2016-01-12 11:17:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2016-01-08 23:05:31 ----D---- C:\Program Files\KeyWallet
2016-01-08 23:04:22 ----D---- C:\Program Files\Common Files
2016-01-06 01:20:49 ----D---- C:\WINDOWS\system32\Restore
2015-12-30 00:53:39 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-12-30 00:53:26 ----D---- C:\WINDOWS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-09-08 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 risdptsk;risdptsk; C:\WINDOWS\System32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2006-04-21 12963]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 UsbFltr;WayTechUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2006-04-21 8429]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2015-06-18 20240]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2015-06-18 52368]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [2015-06-18 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 53904]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 47632]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-03 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-30 8064]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\System32\DRIVERS\w39n51.sys [2006-04-04 1429632]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\milosak\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2014-03-19 28312]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 wlluc48;Wireless LAN PC Card Driver; C:\WINDOWS\system32\DRIVERS\wlluc48.sys [2004-08-03 154624]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 mysql;mysql; C:\xampp\mysql\bin\mysqld.exe [2011-09-09 8158720]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 AppMgmtNtmsSvc;Správa aplikací AppMgmtNtmsSvc; đ%€|x srv []
S2 aspnet_stateTapiSrv;ASP.NET State Service aspnet_stateTapiSrv; đ%€|x srv []
S2 cisvcThemes;Indexing Service cisvcThemes; đ%€|x srv []
S2 cisvcThemesTapiSrv;Indexing Service cisvcThemes cisvcThemesTapiSrv; đ%€|x srv []
S2 cisvcThemesVSS;Indexing Service cisvcThemes cisvcThemesVSS; đ%€|x srv []
S2 Dnscachewinmgmt;Klient DNS Dnscachewinmgmt; đ%€|x srv []
S2 EventSystemRDSessMgr;Systém událostí modelu COM+ EventSystemRDSessMgr; đ%€|x srv []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MDM HotKey Poller;Machine Debug Manager MDM HotKey Poller; đ%€|x srv []
S2 MDMBrowser;Machine Debug Manager MDMBrowser; đ%€|x srv []
S2 MDMdmserver;Machine Debug Manager MDM HotKey Poller MDMdmserver; đ%€|x srv []
S2 NtLmSspSpooler;Zprostředkovatel zabezpečení NT LM NtLmSspSpooler; đ%€|x srv []
S2 PolicyAgentVSS;Služby IPSEC PolicyAgentVSS; đ%€|x srv []
S2 stisvcMSIServer;Načítání obrázků (WIA) stisvcMSIServer; đ%€|x srv []
S2 ThemesNetlogon;Motivy ThemesNetlogon; đ%€|x srv []
S2 TlntSvrNtLmSsp;Telnet TlntSvrNtLmSsp; đ%€|x srv []
S2 upnphostlanmanserver;Hostitel zařízení UPnP upnphostlanmanserver; đ%€|x srv []
S2 WmiApSrvTrkWks;Adaptér výkonu služby WMI WmiApSrvTrkWks; đ%€|x srv []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 FileZilla Server;FileZilla Server FTP server; c:\xampp\FileZillaFTP\FileZillaServer.exe [2011-06-07 630272]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-25 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 292808]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-27 146888]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
SoftonicDownloader
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: SoftonicDownloader
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: SoftonicDownloader
Díky za reakci. Přikládám log.
# AdwCleaner v5.031 - Logfile created 29/01/2016 at 19:17:48
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 2 (x86)
# Username : milosak - ASUS
# Running from : C:\Documents and Settings\milosak\Plocha\adwcleaner_5.031.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Documents and Settings\milosak\Data aplikací\Uniblue
[-] Folder Deleted : C:\Documents and Settings\milosak\Data aplikací\Yahoo!\Companion
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0DC81A74-1FBD-4EF6-82B2-DE3FA05E8233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B26E4A2-7F09-4365-9AB8-13E6891E42CB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21402197-BB5B-476C-AA1D-3FFED8ED813A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{42E8D680-A18B-4CAA-ACE0-18EA05E4A056}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{454A4044-16EC-4D64-9069-C5B8832B7B55}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8F2B3016-17D4-447A-B207-FFA8957A834A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F8FA5B48-B7A2-4BC6-8389-9587643A4660}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\Uniblue
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2491 bytes] ##########
# AdwCleaner v5.031 - Logfile created 29/01/2016 at 19:17:48
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 2 (x86)
# Username : milosak - ASUS
# Running from : C:\Documents and Settings\milosak\Plocha\adwcleaner_5.031.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Documents and Settings\milosak\Data aplikací\Uniblue
[-] Folder Deleted : C:\Documents and Settings\milosak\Data aplikací\Yahoo!\Companion
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0DC81A74-1FBD-4EF6-82B2-DE3FA05E8233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B26E4A2-7F09-4365-9AB8-13E6891E42CB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21402197-BB5B-476C-AA1D-3FFED8ED813A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{42E8D680-A18B-4CAA-ACE0-18EA05E4A056}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{454A4044-16EC-4D64-9069-C5B8832B7B55}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8F2B3016-17D4-447A-B207-FFA8957A834A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F8FA5B48-B7A2-4BC6-8389-9587643A4660}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\Uniblue
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2491 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: SoftonicDownloader
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: SoftonicDownloader
Je zde.
Logfile of random's system information tool 1.10 (written by random/random)
Run by milosak at 2016-01-29 21:14:42
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (9%) free of 95 GB
Total RAM: 1023 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:59, on 29.1.2016
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\1Password 4\Agile1pAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Cobian Backup 11\Cobian.exe
C:\Program Files\SlimStar 250\MagicKey.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Program Files\SlimStar 250\OSD.EXE
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\xampp\apache\bin\httpd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\System32\svchost.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\PSPad editor\PSPad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\Documents and Settings\milosak\Dokumenty\webmaster\ZKUŠEBNÍ\RSIT.exe
C:\Program Files\trend micro\milosak.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/advanced_search?hl=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 88.86.104.16 www.littleschool.cz
O2 - BHO: 1Password - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S91.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [Agile1pAgent] C:\Program Files\1Password 4\Agile1pAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files\Cobian Backup 11\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - texty.ahk.lnk = C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
O4 - Global Startup: SlimStar 250.lnk = C:\Program Files\SlimStar 250\MagicKey.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra 'Tools' menuitem: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Správa aplikací AppMgmtNtmsSvc (AppMgmtNtmsSvc) - Unknown owner - C:\WINDOWS\
O23 - Service: ASP.NET State Service aspnet_stateTapiSrv (aspnet_stateTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Indexing Service cisvcThemes (cisvcThemes) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesTapiSrv (cisvcThemesTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesVSS (cisvcThemesVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: Klient DNS Dnscachewinmgmt (Dnscachewinmgmt) - Unknown owner - C:\WINDOWS\
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Systém událostí modelu COM+ EventSystemRDSessMgr (EventSystemRDSessMgr) - Unknown owner - C:\WINDOWS\
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Machine Debug Manager MDM HotKey Poller (MDM HotKey Poller) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDMBrowser (MDMBrowser) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDM HotKey Poller MDMdmserver (MDMdmserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Zprostředkovatel zabezpečení NT LM NtLmSspSpooler (NtLmSspSpooler) - Unknown owner - C:\WINDOWS\
O23 - Service: Služby IPSEC PolicyAgentVSS (PolicyAgentVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Načítání obrázků (WIA) stisvcMSIServer (stisvcMSIServer) - Unknown owner - C:\WINDOWS\
O23 - Service: Motivy ThemesNetlogon (ThemesNetlogon) - Unknown owner - C:\WINDOWS\
O23 - Service: Telnet TlntSvrNtLmSsp (TlntSvrNtLmSsp) - Unknown owner - C:\WINDOWS\
O23 - Service: Hostitel zařízení UPnP upnphostlanmanserver (upnphostlanmanserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Adaptér výkonu služby WMI WmiApSrvTrkWks (WmiApSrvTrkWks) - Unknown owner - C:\WINDOWS\
--
End of file - 11017 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\extensions\
cs@dictionaries.addons.mozilla.org
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\searchplugins\
firmycz.xml
google-images.xml
googlemaps.xml
googletranslate.xml
youtube.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}]
1Password - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL [2015-12-30 2200848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-05 626528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-02 842296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-07-28 110592]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-06 86016]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2011-09-01 339968]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"EPSON Stylus DX4000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 2312824]
"Agile1pAgent"=C:\Program Files\1Password 4\Agile1pAgent.exe [2015-12-30 4879120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-28 68856]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe /autostart []
"Cobian Backup 11"=C:\Program Files\Cobian Backup 11\Cobian.exe [2013-03-07 720896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\milosak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-28 68856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2006-02-02 1753088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^e-Backup 1.42 Scheduler.lnk]
C:\WINDOWS\Installer\{CA217BDD-D941-454C-AA7E-C3ADA1648FE3}\_3e121a49.exe /S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^milosak^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.OR~\program\QUICKS~1.EXE [2010-06-07 1195520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SlimStar 250.lnk - C:\Program Files\SlimStar 250\MagicKey.exe
C:\Documents and Settings\milosak\Nabídka Start\Programy\Po spuštění
Zástupce - texty.ahk.lnk - C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe:*:Disabled:ASUS Download Master Utility"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\xampp\apache\bin\httpd.exe"="C:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.tscc"=tsccvid.dll
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave"=wdmaud.drv
"aux"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"wave2"=serwvdrv.dll
"VIDC.CSCD"=camcodec.dll
"vidc.XVID"=xvidvfw.dll
======List of files/folders created in the last 1 month======
2016-01-29 19:15:52 ----D---- C:\AdwCleaner
2016-01-26 23:59:09 ----D---- C:\Program Files\Mozilla Firefox
2016-01-12 11:17:40 ----A---- C:\WINDOWS\system32\ChilkatZip2.dll
2016-01-12 11:17:39 ----A---- C:\WINDOWS\system32\ChilkatCrypt2.dll
2016-01-12 11:17:16 ----D---- C:\Program Files\1Password 4
2016-01-08 23:04:22 ----SHD---- C:\Config.Msi
======List of files/folders modified in the last 1 month======
2016-01-29 21:14:48 ----D---- C:\Program Files\trend micro
2016-01-29 21:14:37 ----D---- C:\WINDOWS\Prefetch
2016-01-29 21:14:27 ----D---- C:\WINDOWS\temp
2016-01-29 19:29:42 ----A---- C:\WINDOWS\WINCMD.INI
2016-01-29 19:18:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-01-29 10:43:11 ----A---- C:\WINDOWS\wcx_ftp.ini
2016-01-29 10:28:56 ----D---- C:\Program Files
2016-01-29 09:55:13 ----AC---- C:\WINDOWS\NeroDigital.ini
2016-01-28 09:14:58 ----D---- C:\WINDOWS\system32
2016-01-27 16:26:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-01-27 00:41:19 ----D---- C:\WINDOWS\system32\CatRoot2
2016-01-18 01:42:21 ----D---- C:\Program Files\Dropbox
2016-01-18 01:42:19 ----SD---- C:\WINDOWS\Tasks
2016-01-18 01:42:17 ----SHD---- C:\WINDOWS\Installer
2016-01-12 11:17:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2016-01-08 23:05:31 ----D---- C:\Program Files\KeyWallet
2016-01-08 23:04:22 ----D---- C:\Program Files\Common Files
2016-01-06 01:20:49 ----D---- C:\WINDOWS\system32\Restore
2015-12-30 00:53:39 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-12-30 00:53:26 ----D---- C:\WINDOWS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-09-08 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 risdptsk;risdptsk; C:\WINDOWS\System32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2006-04-21 12963]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 UsbFltr;WayTechUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2006-04-21 8429]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2015-06-18 20240]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2015-06-18 52368]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [2015-06-18 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 53904]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 47632]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-03 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-30 8064]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\System32\DRIVERS\w39n51.sys [2006-04-04 1429632]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\milosak\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2014-03-19 28312]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 wlluc48;Wireless LAN PC Card Driver; C:\WINDOWS\system32\DRIVERS\wlluc48.sys [2004-08-03 154624]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 mysql;mysql; C:\xampp\mysql\bin\mysqld.exe [2011-09-09 8158720]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 AppMgmtNtmsSvc;Správa aplikací AppMgmtNtmsSvc; đ%€|x srv []
S2 aspnet_stateTapiSrv;ASP.NET State Service aspnet_stateTapiSrv; đ%€|x srv []
S2 cisvcThemes;Indexing Service cisvcThemes; đ%€|x srv []
S2 cisvcThemesTapiSrv;Indexing Service cisvcThemes cisvcThemesTapiSrv; đ%€|x srv []
S2 cisvcThemesVSS;Indexing Service cisvcThemes cisvcThemesVSS; đ%€|x srv []
S2 Dnscachewinmgmt;Klient DNS Dnscachewinmgmt; đ%€|x srv []
S2 EventSystemRDSessMgr;Systém událostí modelu COM+ EventSystemRDSessMgr; đ%€|x srv []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MDM HotKey Poller;Machine Debug Manager MDM HotKey Poller; đ%€|x srv []
S2 MDMBrowser;Machine Debug Manager MDMBrowser; đ%€|x srv []
S2 MDMdmserver;Machine Debug Manager MDM HotKey Poller MDMdmserver; đ%€|x srv []
S2 NtLmSspSpooler;Zprostředkovatel zabezpečení NT LM NtLmSspSpooler; đ%€|x srv []
S2 PolicyAgentVSS;Služby IPSEC PolicyAgentVSS; đ%€|x srv []
S2 stisvcMSIServer;Načítání obrázků (WIA) stisvcMSIServer; đ%€|x srv []
S2 ThemesNetlogon;Motivy ThemesNetlogon; đ%€|x srv []
S2 TlntSvrNtLmSsp;Telnet TlntSvrNtLmSsp; đ%€|x srv []
S2 upnphostlanmanserver;Hostitel zařízení UPnP upnphostlanmanserver; đ%€|x srv []
S2 WmiApSrvTrkWks;Adaptér výkonu služby WMI WmiApSrvTrkWks; đ%€|x srv []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 FileZilla Server;FileZilla Server FTP server; c:\xampp\FileZillaFTP\FileZillaServer.exe [2011-06-07 630272]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-25 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 292808]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-27 146888]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by milosak at 2016-01-29 21:14:42
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (9%) free of 95 GB
Total RAM: 1023 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:59, on 29.1.2016
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\1Password 4\Agile1pAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Cobian Backup 11\Cobian.exe
C:\Program Files\SlimStar 250\MagicKey.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Program Files\SlimStar 250\OSD.EXE
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\xampp\apache\bin\httpd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\System32\svchost.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\PSPad editor\PSPad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\Documents and Settings\milosak\Dokumenty\webmaster\ZKUŠEBNÍ\RSIT.exe
C:\Program Files\trend micro\milosak.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/advanced_search?hl=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 88.86.104.16 www.littleschool.cz
O2 - BHO: 1Password - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S91.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [Agile1pAgent] C:\Program Files\1Password 4\Agile1pAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files\Cobian Backup 11\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - texty.ahk.lnk = C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
O4 - Global Startup: SlimStar 250.lnk = C:\Program Files\SlimStar 250\MagicKey.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra 'Tools' menuitem: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Správa aplikací AppMgmtNtmsSvc (AppMgmtNtmsSvc) - Unknown owner - C:\WINDOWS\
O23 - Service: ASP.NET State Service aspnet_stateTapiSrv (aspnet_stateTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Indexing Service cisvcThemes (cisvcThemes) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesTapiSrv (cisvcThemesTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesVSS (cisvcThemesVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: Klient DNS Dnscachewinmgmt (Dnscachewinmgmt) - Unknown owner - C:\WINDOWS\
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Systém událostí modelu COM+ EventSystemRDSessMgr (EventSystemRDSessMgr) - Unknown owner - C:\WINDOWS\
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Machine Debug Manager MDM HotKey Poller (MDM HotKey Poller) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDMBrowser (MDMBrowser) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDM HotKey Poller MDMdmserver (MDMdmserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Zprostředkovatel zabezpečení NT LM NtLmSspSpooler (NtLmSspSpooler) - Unknown owner - C:\WINDOWS\
O23 - Service: Služby IPSEC PolicyAgentVSS (PolicyAgentVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Načítání obrázků (WIA) stisvcMSIServer (stisvcMSIServer) - Unknown owner - C:\WINDOWS\
O23 - Service: Motivy ThemesNetlogon (ThemesNetlogon) - Unknown owner - C:\WINDOWS\
O23 - Service: Telnet TlntSvrNtLmSsp (TlntSvrNtLmSsp) - Unknown owner - C:\WINDOWS\
O23 - Service: Hostitel zařízení UPnP upnphostlanmanserver (upnphostlanmanserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Adaptér výkonu služby WMI WmiApSrvTrkWks (WmiApSrvTrkWks) - Unknown owner - C:\WINDOWS\
--
End of file - 11017 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\extensions\
cs@dictionaries.addons.mozilla.org
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\searchplugins\
firmycz.xml
google-images.xml
googlemaps.xml
googletranslate.xml
youtube.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}]
1Password - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL [2015-12-30 2200848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-05 626528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-02 842296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-07-28 110592]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-06 86016]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2011-09-01 339968]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"EPSON Stylus DX4000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 2312824]
"Agile1pAgent"=C:\Program Files\1Password 4\Agile1pAgent.exe [2015-12-30 4879120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-28 68856]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe /autostart []
"Cobian Backup 11"=C:\Program Files\Cobian Backup 11\Cobian.exe [2013-03-07 720896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\milosak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-28 68856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2006-02-02 1753088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^e-Backup 1.42 Scheduler.lnk]
C:\WINDOWS\Installer\{CA217BDD-D941-454C-AA7E-C3ADA1648FE3}\_3e121a49.exe /S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^milosak^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.OR~\program\QUICKS~1.EXE [2010-06-07 1195520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SlimStar 250.lnk - C:\Program Files\SlimStar 250\MagicKey.exe
C:\Documents and Settings\milosak\Nabídka Start\Programy\Po spuštění
Zástupce - texty.ahk.lnk - C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe:*:Disabled:ASUS Download Master Utility"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\xampp\apache\bin\httpd.exe"="C:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.tscc"=tsccvid.dll
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave"=wdmaud.drv
"aux"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"wave2"=serwvdrv.dll
"VIDC.CSCD"=camcodec.dll
"vidc.XVID"=xvidvfw.dll
======List of files/folders created in the last 1 month======
2016-01-29 19:15:52 ----D---- C:\AdwCleaner
2016-01-26 23:59:09 ----D---- C:\Program Files\Mozilla Firefox
2016-01-12 11:17:40 ----A---- C:\WINDOWS\system32\ChilkatZip2.dll
2016-01-12 11:17:39 ----A---- C:\WINDOWS\system32\ChilkatCrypt2.dll
2016-01-12 11:17:16 ----D---- C:\Program Files\1Password 4
2016-01-08 23:04:22 ----SHD---- C:\Config.Msi
======List of files/folders modified in the last 1 month======
2016-01-29 21:14:48 ----D---- C:\Program Files\trend micro
2016-01-29 21:14:37 ----D---- C:\WINDOWS\Prefetch
2016-01-29 21:14:27 ----D---- C:\WINDOWS\temp
2016-01-29 19:29:42 ----A---- C:\WINDOWS\WINCMD.INI
2016-01-29 19:18:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-01-29 10:43:11 ----A---- C:\WINDOWS\wcx_ftp.ini
2016-01-29 10:28:56 ----D---- C:\Program Files
2016-01-29 09:55:13 ----AC---- C:\WINDOWS\NeroDigital.ini
2016-01-28 09:14:58 ----D---- C:\WINDOWS\system32
2016-01-27 16:26:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-01-27 00:41:19 ----D---- C:\WINDOWS\system32\CatRoot2
2016-01-18 01:42:21 ----D---- C:\Program Files\Dropbox
2016-01-18 01:42:19 ----SD---- C:\WINDOWS\Tasks
2016-01-18 01:42:17 ----SHD---- C:\WINDOWS\Installer
2016-01-12 11:17:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2016-01-08 23:05:31 ----D---- C:\Program Files\KeyWallet
2016-01-08 23:04:22 ----D---- C:\Program Files\Common Files
2016-01-06 01:20:49 ----D---- C:\WINDOWS\system32\Restore
2015-12-30 00:53:39 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-12-30 00:53:26 ----D---- C:\WINDOWS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-09-08 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 risdptsk;risdptsk; C:\WINDOWS\System32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2006-04-21 12963]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 UsbFltr;WayTechUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2006-04-21 8429]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2015-06-18 20240]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2015-06-18 52368]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [2015-06-18 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 53904]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 47632]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-03 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-30 8064]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\System32\DRIVERS\w39n51.sys [2006-04-04 1429632]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\milosak\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2014-03-19 28312]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 wlluc48;Wireless LAN PC Card Driver; C:\WINDOWS\system32\DRIVERS\wlluc48.sys [2004-08-03 154624]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 mysql;mysql; C:\xampp\mysql\bin\mysqld.exe [2011-09-09 8158720]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 AppMgmtNtmsSvc;Správa aplikací AppMgmtNtmsSvc; đ%€|x srv []
S2 aspnet_stateTapiSrv;ASP.NET State Service aspnet_stateTapiSrv; đ%€|x srv []
S2 cisvcThemes;Indexing Service cisvcThemes; đ%€|x srv []
S2 cisvcThemesTapiSrv;Indexing Service cisvcThemes cisvcThemesTapiSrv; đ%€|x srv []
S2 cisvcThemesVSS;Indexing Service cisvcThemes cisvcThemesVSS; đ%€|x srv []
S2 Dnscachewinmgmt;Klient DNS Dnscachewinmgmt; đ%€|x srv []
S2 EventSystemRDSessMgr;Systém událostí modelu COM+ EventSystemRDSessMgr; đ%€|x srv []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MDM HotKey Poller;Machine Debug Manager MDM HotKey Poller; đ%€|x srv []
S2 MDMBrowser;Machine Debug Manager MDMBrowser; đ%€|x srv []
S2 MDMdmserver;Machine Debug Manager MDM HotKey Poller MDMdmserver; đ%€|x srv []
S2 NtLmSspSpooler;Zprostředkovatel zabezpečení NT LM NtLmSspSpooler; đ%€|x srv []
S2 PolicyAgentVSS;Služby IPSEC PolicyAgentVSS; đ%€|x srv []
S2 stisvcMSIServer;Načítání obrázků (WIA) stisvcMSIServer; đ%€|x srv []
S2 ThemesNetlogon;Motivy ThemesNetlogon; đ%€|x srv []
S2 TlntSvrNtLmSsp;Telnet TlntSvrNtLmSsp; đ%€|x srv []
S2 upnphostlanmanserver;Hostitel zařízení UPnP upnphostlanmanserver; đ%€|x srv []
S2 WmiApSrvTrkWks;Adaptér výkonu služby WMI WmiApSrvTrkWks; đ%€|x srv []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 FileZilla Server;FileZilla Server FTP server; c:\xampp\FileZillaFTP\FileZillaServer.exe [2011-06-07 630272]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-25 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 292808]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-27 146888]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: SoftonicDownloader
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files\Google\GoogleToolbarNotifier
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: SoftonicDownloader
Nový log
Logfile of random's system information tool 1.10 (written by random/random)
Run by milosak at 2016-01-29 22:16:41
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (10%) free of 95 GB
Total RAM: 1023 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:08, on 29.1.2016
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\1Password 4\Agile1pAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Cobian Backup 11\Cobian.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\SlimStar 250\MagicKey.exe
C:\Program Files\SlimStar 250\OSD.EXE
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\totalcmd\TOTALCMD.EXE
c:\Documents and Settings\milosak\Dokumenty\webmaster\ZKUŠEBNÍ\RSIT.exe
C:\Program Files\trend micro\milosak.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/advanced_search?hl=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 88.86.104.16 www.littleschool.cz
O2 - BHO: 1Password - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S91.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [Agile1pAgent] C:\Program Files\1Password 4\Agile1pAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files\Cobian Backup 11\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - texty.ahk.lnk = C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
O4 - Global Startup: SlimStar 250.lnk = C:\Program Files\SlimStar 250\MagicKey.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra 'Tools' menuitem: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Správa aplikací AppMgmtNtmsSvc (AppMgmtNtmsSvc) - Unknown owner - C:\WINDOWS\
O23 - Service: ASP.NET State Service aspnet_stateTapiSrv (aspnet_stateTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Indexing Service cisvcThemes (cisvcThemes) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesTapiSrv (cisvcThemesTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesVSS (cisvcThemesVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: Klient DNS Dnscachewinmgmt (Dnscachewinmgmt) - Unknown owner - C:\WINDOWS\
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Systém událostí modelu COM+ EventSystemRDSessMgr (EventSystemRDSessMgr) - Unknown owner - C:\WINDOWS\
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Machine Debug Manager MDM HotKey Poller (MDM HotKey Poller) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDMBrowser (MDMBrowser) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDM HotKey Poller MDMdmserver (MDMdmserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Zprostředkovatel zabezpečení NT LM NtLmSspSpooler (NtLmSspSpooler) - Unknown owner - C:\WINDOWS\
O23 - Service: Služby IPSEC PolicyAgentVSS (PolicyAgentVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Načítání obrázků (WIA) stisvcMSIServer (stisvcMSIServer) - Unknown owner - C:\WINDOWS\
O23 - Service: Motivy ThemesNetlogon (ThemesNetlogon) - Unknown owner - C:\WINDOWS\
O23 - Service: Telnet TlntSvrNtLmSsp (TlntSvrNtLmSsp) - Unknown owner - C:\WINDOWS\
O23 - Service: Hostitel zařízení UPnP upnphostlanmanserver (upnphostlanmanserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Adaptér výkonu služby WMI WmiApSrvTrkWks (WmiApSrvTrkWks) - Unknown owner - C:\WINDOWS\
--
End of file - 10530 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\extensions\
cs@dictionaries.addons.mozilla.org
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\searchplugins\
firmycz.xml
google-images.xml
googlemaps.xml
googletranslate.xml
youtube.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}]
1Password - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL [2015-12-30 2200848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-05 626528]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-07-28 110592]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-06 86016]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2011-09-01 339968]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"EPSON Stylus DX4000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 2312824]
"Agile1pAgent"=C:\Program Files\1Password 4\Agile1pAgent.exe [2015-12-30 4879120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe /autostart []
"Cobian Backup 11"=C:\Program Files\Cobian Backup 11\Cobian.exe [2013-03-07 720896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\milosak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2006-02-02 1753088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^e-Backup 1.42 Scheduler.lnk]
C:\WINDOWS\Installer\{CA217BDD-D941-454C-AA7E-C3ADA1648FE3}\_3e121a49.exe /S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^milosak^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.OR~\program\QUICKS~1.EXE [2010-06-07 1195520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SlimStar 250.lnk - C:\Program Files\SlimStar 250\MagicKey.exe
C:\Documents and Settings\milosak\Nabídka Start\Programy\Po spuštění
Zástupce - texty.ahk.lnk - C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe:*:Disabled:ASUS Download Master Utility"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\xampp\apache\bin\httpd.exe"="C:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.tscc"=tsccvid.dll
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave"=wdmaud.drv
"aux"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"wave2"=serwvdrv.dll
"VIDC.CSCD"=camcodec.dll
"vidc.XVID"=xvidvfw.dll
======List of files/folders created in the last 1 month======
2016-01-29 21:47:18 ----D---- C:\_OTM
2016-01-29 19:15:52 ----D---- C:\AdwCleaner
2016-01-26 23:59:09 ----D---- C:\Program Files\Mozilla Firefox
2016-01-12 11:17:40 ----A---- C:\WINDOWS\system32\ChilkatZip2.dll
2016-01-12 11:17:39 ----A---- C:\WINDOWS\system32\ChilkatCrypt2.dll
2016-01-12 11:17:16 ----D---- C:\Program Files\1Password 4
2016-01-08 23:04:22 ----SHD---- C:\Config.Msi
======List of files/folders modified in the last 1 month======
2016-01-29 22:16:48 ----D---- C:\Program Files\trend micro
2016-01-29 22:16:10 ----A---- C:\WINDOWS\WINCMD.INI
2016-01-29 22:14:02 ----D---- C:\WINDOWS\temp
2016-01-29 22:08:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-01-29 21:59:23 ----D---- C:\WINDOWS\system32
2016-01-29 21:59:23 ----D---- C:\WINDOWS
2016-01-29 21:47:25 ----SD---- C:\WINDOWS\Tasks
2016-01-29 21:47:25 ----D---- C:\Program Files\Google
2016-01-29 21:14:49 ----D---- C:\WINDOWS\Prefetch
2016-01-29 10:43:11 ----A---- C:\WINDOWS\wcx_ftp.ini
2016-01-29 10:28:56 ----D---- C:\Program Files
2016-01-29 09:55:13 ----AC---- C:\WINDOWS\NeroDigital.ini
2016-01-27 16:26:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-01-27 00:41:19 ----D---- C:\WINDOWS\system32\CatRoot2
2016-01-18 01:42:21 ----D---- C:\Program Files\Dropbox
2016-01-18 01:42:17 ----SHD---- C:\WINDOWS\Installer
2016-01-12 11:17:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2016-01-08 23:05:31 ----D---- C:\Program Files\KeyWallet
2016-01-08 23:04:22 ----D---- C:\Program Files\Common Files
2016-01-06 01:20:49 ----D---- C:\WINDOWS\system32\Restore
2015-12-30 00:53:39 ----D---- C:\WINDOWS\system32\drivers\UMDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-09-08 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 risdptsk;risdptsk; C:\WINDOWS\System32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2006-04-21 12963]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 UsbFltr;WayTechUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2006-04-21 8429]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2015-06-18 20240]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2015-06-18 52368]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [2015-06-18 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 53904]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 47632]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-03 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-30 8064]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\System32\DRIVERS\w39n51.sys [2006-04-04 1429632]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\milosak\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2014-03-19 28312]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 wlluc48;Wireless LAN PC Card Driver; C:\WINDOWS\system32\DRIVERS\wlluc48.sys [2004-08-03 154624]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 mysql;mysql; C:\xampp\mysql\bin\mysqld.exe [2011-09-09 8158720]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 AppMgmtNtmsSvc;Správa aplikací AppMgmtNtmsSvc; đ%€|x srv []
S2 aspnet_stateTapiSrv;ASP.NET State Service aspnet_stateTapiSrv; đ%€|x srv []
S2 cisvcThemes;Indexing Service cisvcThemes; đ%€|x srv []
S2 cisvcThemesTapiSrv;Indexing Service cisvcThemes cisvcThemesTapiSrv; đ%€|x srv []
S2 cisvcThemesVSS;Indexing Service cisvcThemes cisvcThemesVSS; đ%€|x srv []
S2 Dnscachewinmgmt;Klient DNS Dnscachewinmgmt; đ%€|x srv []
S2 EventSystemRDSessMgr;Systém událostí modelu COM+ EventSystemRDSessMgr; đ%€|x srv []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MDM HotKey Poller;Machine Debug Manager MDM HotKey Poller; đ%€|x srv []
S2 MDMBrowser;Machine Debug Manager MDMBrowser; đ%€|x srv []
S2 MDMdmserver;Machine Debug Manager MDM HotKey Poller MDMdmserver; đ%€|x srv []
S2 NtLmSspSpooler;Zprostředkovatel zabezpečení NT LM NtLmSspSpooler; đ%€|x srv []
S2 PolicyAgentVSS;Služby IPSEC PolicyAgentVSS; đ%€|x srv []
S2 stisvcMSIServer;Načítání obrázků (WIA) stisvcMSIServer; đ%€|x srv []
S2 ThemesNetlogon;Motivy ThemesNetlogon; đ%€|x srv []
S2 TlntSvrNtLmSsp;Telnet TlntSvrNtLmSsp; đ%€|x srv []
S2 upnphostlanmanserver;Hostitel zařízení UPnP upnphostlanmanserver; đ%€|x srv []
S2 WmiApSrvTrkWks;Adaptér výkonu služby WMI WmiApSrvTrkWks; đ%€|x srv []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 FileZilla Server;FileZilla Server FTP server; c:\xampp\FileZillaFTP\FileZillaServer.exe [2011-06-07 630272]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-25 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 292808]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-27 146888]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by milosak at 2016-01-29 22:16:41
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (10%) free of 95 GB
Total RAM: 1023 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:08, on 29.1.2016
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\1Password 4\Agile1pAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Cobian Backup 11\Cobian.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\SlimStar 250\MagicKey.exe
C:\Program Files\SlimStar 250\OSD.EXE
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\mysql\bin\mysqld.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\totalcmd\TOTALCMD.EXE
c:\Documents and Settings\milosak\Dokumenty\webmaster\ZKUŠEBNÍ\RSIT.exe
C:\Program Files\trend micro\milosak.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/advanced_search?hl=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 88.86.104.16 www.littleschool.cz
O2 - BHO: 1Password - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S91.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [Agile1pAgent] C:\Program Files\1Password 4\Agile1pAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files\Cobian Backup 11\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - texty.ahk.lnk = C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
O4 - Global Startup: SlimStar 250.lnk = C:\Program Files\SlimStar 250\MagicKey.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra 'Tools' menuitem: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Správa aplikací AppMgmtNtmsSvc (AppMgmtNtmsSvc) - Unknown owner - C:\WINDOWS\
O23 - Service: ASP.NET State Service aspnet_stateTapiSrv (aspnet_stateTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Indexing Service cisvcThemes (cisvcThemes) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesTapiSrv (cisvcThemesTapiSrv) - Unknown owner - C:\WINDOWS\
O23 - Service: Indexing Service cisvcThemes cisvcThemesVSS (cisvcThemesVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: Klient DNS Dnscachewinmgmt (Dnscachewinmgmt) - Unknown owner - C:\WINDOWS\
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Systém událostí modelu COM+ EventSystemRDSessMgr (EventSystemRDSessMgr) - Unknown owner - C:\WINDOWS\
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\FileZillaFTP\FileZillaServer.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Machine Debug Manager MDM HotKey Poller (MDM HotKey Poller) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDMBrowser (MDMBrowser) - Unknown owner - C:\WINDOWS\
O23 - Service: Machine Debug Manager MDM HotKey Poller MDMdmserver (MDMdmserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Zprostředkovatel zabezpečení NT LM NtLmSspSpooler (NtLmSspSpooler) - Unknown owner - C:\WINDOWS\
O23 - Service: Služby IPSEC PolicyAgentVSS (PolicyAgentVSS) - Unknown owner - C:\WINDOWS\
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Načítání obrázků (WIA) stisvcMSIServer (stisvcMSIServer) - Unknown owner - C:\WINDOWS\
O23 - Service: Motivy ThemesNetlogon (ThemesNetlogon) - Unknown owner - C:\WINDOWS\
O23 - Service: Telnet TlntSvrNtLmSsp (TlntSvrNtLmSsp) - Unknown owner - C:\WINDOWS\
O23 - Service: Hostitel zařízení UPnP upnphostlanmanserver (upnphostlanmanserver) - Unknown owner - C:\WINDOWS\
O23 - Service: Adaptér výkonu služby WMI WmiApSrvTrkWks (WmiApSrvTrkWks) - Unknown owner - C:\WINDOWS\
--
End of file - 10530 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\extensions\
cs@dictionaries.addons.mozilla.org
C:\Documents and Settings\milosak\Data aplikací\Mozilla\Firefox\Profiles\qtxjjgg7.default-1406486667125\searchplugins\
firmycz.xml
google-images.xml
googlemaps.xml
googletranslate.xml
youtube.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}]
1Password - C:\PROGRA~1\1PASSW~1\x86\AGILE1~1.DLL [2015-12-30 2200848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-05 626528]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-07-28 110592]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-06 86016]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"WD Button Manager"=C:\WINDOWS\system32\WDBtnMgr.exe [2011-09-01 339968]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"EPSON Stylus DX4000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 2312824]
"Agile1pAgent"=C:\Program Files\1Password 4\Agile1pAgent.exe [2015-12-30 4879120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe /autostart []
"Cobian Backup 11"=C:\Program Files\Cobian Backup 11\Cobian.exe [2013-03-07 720896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\milosak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2006-02-02 1753088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^e-Backup 1.42 Scheduler.lnk]
C:\WINDOWS\Installer\{CA217BDD-D941-454C-AA7E-C3ADA1648FE3}\_3e121a49.exe /S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^milosak^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.OR~\program\QUICKS~1.EXE [2010-06-07 1195520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SlimStar 250.lnk - C:\Program Files\SlimStar 250\MagicKey.exe
C:\Documents and Settings\milosak\Nabídka Start\Programy\Po spuštění
Zástupce - texty.ahk.lnk - C:\Documents and Settings\milosak\Plocha\texty.ahk.ahk
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-11-02 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application"
"C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe"="C:\Program Files\ASUS\WL-500gP Wireless Router Utilities\Download.exe:*:Disabled:ASUS Download Master Utility"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\xampp\apache\bin\httpd.exe"="C:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.tscc"=tsccvid.dll
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave"=wdmaud.drv
"aux"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"wave2"=serwvdrv.dll
"VIDC.CSCD"=camcodec.dll
"vidc.XVID"=xvidvfw.dll
======List of files/folders created in the last 1 month======
2016-01-29 21:47:18 ----D---- C:\_OTM
2016-01-29 19:15:52 ----D---- C:\AdwCleaner
2016-01-26 23:59:09 ----D---- C:\Program Files\Mozilla Firefox
2016-01-12 11:17:40 ----A---- C:\WINDOWS\system32\ChilkatZip2.dll
2016-01-12 11:17:39 ----A---- C:\WINDOWS\system32\ChilkatCrypt2.dll
2016-01-12 11:17:16 ----D---- C:\Program Files\1Password 4
2016-01-08 23:04:22 ----SHD---- C:\Config.Msi
======List of files/folders modified in the last 1 month======
2016-01-29 22:16:48 ----D---- C:\Program Files\trend micro
2016-01-29 22:16:10 ----A---- C:\WINDOWS\WINCMD.INI
2016-01-29 22:14:02 ----D---- C:\WINDOWS\temp
2016-01-29 22:08:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-01-29 21:59:23 ----D---- C:\WINDOWS\system32
2016-01-29 21:59:23 ----D---- C:\WINDOWS
2016-01-29 21:47:25 ----SD---- C:\WINDOWS\Tasks
2016-01-29 21:47:25 ----D---- C:\Program Files\Google
2016-01-29 21:14:49 ----D---- C:\WINDOWS\Prefetch
2016-01-29 10:43:11 ----A---- C:\WINDOWS\wcx_ftp.ini
2016-01-29 10:28:56 ----D---- C:\Program Files
2016-01-29 09:55:13 ----AC---- C:\WINDOWS\NeroDigital.ini
2016-01-27 16:26:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-01-27 00:41:19 ----D---- C:\WINDOWS\system32\CatRoot2
2016-01-18 01:42:21 ----D---- C:\Program Files\Dropbox
2016-01-18 01:42:17 ----SHD---- C:\WINDOWS\Installer
2016-01-12 11:17:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2016-01-08 23:05:31 ----D---- C:\Program Files\KeyWallet
2016-01-08 23:04:22 ----D---- C:\Program Files\Common Files
2016-01-06 01:20:49 ----D---- C:\WINDOWS\system32\Restore
2015-12-30 00:53:39 ----D---- C:\WINDOWS\system32\drivers\UMDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-09-08 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 risdptsk;risdptsk; C:\WINDOWS\System32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2006-04-21 12963]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 UsbFltr;WayTechUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2006-04-21 8429]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2015-06-18 20240]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2007-11-02 2644480]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-06-12 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-06-12 63376]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [2015-06-18 52368]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [2015-06-18 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 53904]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 47632]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-06-12 79376]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-03 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-30 8064]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2006-04-19 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\System32\DRIVERS\w39n51.sys [2006-04-04 1429632]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\milosak\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2014-03-19 28312]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 wlluc48;Wireless LAN PC Card Driver; C:\WINDOWS\system32\DRIVERS\wlluc48.sys [2004-08-03 154624]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-02 495616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 mysql;mysql; C:\xampp\mysql\bin\mysqld.exe [2011-09-09 8158720]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 AppMgmtNtmsSvc;Správa aplikací AppMgmtNtmsSvc; đ%€|x srv []
S2 aspnet_stateTapiSrv;ASP.NET State Service aspnet_stateTapiSrv; đ%€|x srv []
S2 cisvcThemes;Indexing Service cisvcThemes; đ%€|x srv []
S2 cisvcThemesTapiSrv;Indexing Service cisvcThemes cisvcThemesTapiSrv; đ%€|x srv []
S2 cisvcThemesVSS;Indexing Service cisvcThemes cisvcThemesVSS; đ%€|x srv []
S2 Dnscachewinmgmt;Klient DNS Dnscachewinmgmt; đ%€|x srv []
S2 EventSystemRDSessMgr;Systém událostí modelu COM+ EventSystemRDSessMgr; đ%€|x srv []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MDM HotKey Poller;Machine Debug Manager MDM HotKey Poller; đ%€|x srv []
S2 MDMBrowser;Machine Debug Manager MDMBrowser; đ%€|x srv []
S2 MDMdmserver;Machine Debug Manager MDM HotKey Poller MDMdmserver; đ%€|x srv []
S2 NtLmSspSpooler;Zprostředkovatel zabezpečení NT LM NtLmSspSpooler; đ%€|x srv []
S2 PolicyAgentVSS;Služby IPSEC PolicyAgentVSS; đ%€|x srv []
S2 stisvcMSIServer;Načítání obrázků (WIA) stisvcMSIServer; đ%€|x srv []
S2 ThemesNetlogon;Motivy ThemesNetlogon; đ%€|x srv []
S2 TlntSvrNtLmSsp;Telnet TlntSvrNtLmSsp; đ%€|x srv []
S2 upnphostlanmanserver;Hostitel zařízení UPnP upnphostlanmanserver; đ%€|x srv []
S2 WmiApSrvTrkWks;Adaptér výkonu služby WMI WmiApSrvTrkWks; đ%€|x srv []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 FileZilla Server;FileZilla Server FTP server; c:\xampp\FileZillaFTP\FileZillaServer.exe [2011-06-07 630272]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-25 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 292808]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-27 146888]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: SoftonicDownloader
Dvouklikem na soubor C:\Program Files\trend micro\milosak.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: SoftonicDownloader
Mám to. Je to vše? Pokud ano o co šlo? A moc díky za Váš čas.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: SoftonicDownloader
Pokud je již Softonic pryč, je to vše. Šlo o toto: https://odstranitvirus.cz/softonic/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: SoftonicDownloader
Je to o.k. Ještě jednou díky za pomoc.
Rád bych se ještě zeptal na jednu věc. Před pár dny došlo k napadení několika mých webů přes FTP. Lze se nějakým způsobem dopátrat zda k tomu byl použit můj počítač? Na hostingu sice mají kromě mojí IP i cizí IP, ale nelze určit z jaké IP k útoku došlo.
Používám Total Commander. Heslo v něm ani v pc uložená nemám.
Předem každému díky za každou informaci.
Rád bych se ještě zeptal na jednu věc. Před pár dny došlo k napadení několika mých webů přes FTP. Lze se nějakým způsobem dopátrat zda k tomu byl použit můj počítač? Na hostingu sice mají kromě mojí IP i cizí IP, ale nelze určit z jaké IP k útoku došlo.
Používám Total Commander. Heslo v něm ani v pc uložená nemám.
Předem každému díky za každou informaci.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: SoftonicDownloader
To těžko poznáme. V každém případě ale muselo být prolomeno heslo. Hesla bych v každém případě změnil, i když nejsou v PC uložena,
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: SoftonicDownloader
Díky za reakci. Hesla jsem hned měnil.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: SoftonicDownloader
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?