Prosim o kontrola logu - zasekavajici se pocitac
Napsal: 12 črc 2012 18:55
Dobry den, rad bych opet poprosil o kontrolu logu. Pocitac se mi totiz obcas na chvili zasekava (pri prehravani videa, ci startu nejake aplikace). Mam podezreni, ze mi pomalu zacina odchazet procesor. Takze bych mel rad jistotu, pac tise doufam, ze se treba pletu a je to jen softwarem:))
Dekuju Pupupaj
Log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by pupupaj at 2012-07-12 18:53:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 44 GB (44%) free of 100 GB
Total RAM: 3951 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:28, on 12.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\trend micro\pupupaj.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VisualSVN Server (VisualSVNServer) - Apache Software Foundation - C:\Program Files (x86)\VisualSVN Server\bin\VisualSVNServer.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8828 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\alg.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
taskeng.exe {FDFFEDF3-0387-49EF-98F0-C34F79808630}
"D:\Download\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\pupupaj\AppData\Roaming\Mozilla\Firefox\Profiles\tsr0h9yx.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-11 347424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-11 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-09-08 489472]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1744152]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-03 17417392]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 68376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-10 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-07-11 21:57:55 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 21:50:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-11 21:50:42 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-11 21:50:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-11 21:50:41 ----A---- C:\Windows\SYSWOW64\url.dll
2012-07-11 21:50:41 ----A---- C:\Windows\system32\urlmon.dll
2012-07-11 21:50:41 ----A---- C:\Windows\system32\url.dll
2012-07-11 21:50:41 ----A---- C:\Windows\system32\iertutil.dll
2012-07-11 21:50:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-07-11 21:50:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-11 21:50:40 ----A---- C:\Windows\system32\ieui.dll
2012-07-11 21:50:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-07-11 21:50:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-11 21:50:39 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-11 21:50:38 ----A---- C:\Windows\system32\wininet.dll
2012-07-11 21:50:38 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-11 21:50:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-11 21:50:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-07-11 21:50:37 ----A---- C:\Windows\system32\jscript9.dll
2012-07-11 21:50:37 ----A---- C:\Windows\system32\jscript.dll
2012-07-11 21:50:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-11 21:50:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-11 21:50:34 ----A---- C:\Windows\system32\mshtml.dll
2012-07-11 21:50:33 ----A---- C:\Windows\system32\ieframe.dll
2012-07-11 21:50:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 11:54:21 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 11:54:20 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-11 11:54:20 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 11:54:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-07-11 11:54:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-11 11:54:19 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 11:54:18 ----A---- C:\Windows\system32\shell32.dll
2012-07-11 11:54:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-07-11 11:54:13 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 11:54:13 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 11:54:12 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-07-11 11:54:12 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-11 11:54:12 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 11:54:12 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 11:54:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 11:54:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-07-11 11:54:11 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-07-11 11:54:09 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-07-11 11:54:07 ----A---- C:\Windows\system32\cdosys.dll
2012-07-06 10:14:56 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-07-06 10:14:56 ----A---- C:\Windows\system32\qdvd.dll
2012-07-05 12:13:45 ----D---- C:\Program Files (x86)\Oracle
2012-07-05 12:13:24 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-07-05 12:13:24 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-06-23 10:43:46 ----A---- C:\Windows\system32\wups2.dll
2012-06-23 10:43:46 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-23 10:43:45 ----A---- C:\Windows\system32\wucltux.dll
2012-06-23 10:43:45 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-23 10:43:39 ----A---- C:\Windows\system32\wups.dll
2012-06-23 10:43:39 ----A---- C:\Windows\system32\wudriver.dll
2012-06-23 10:43:39 ----A---- C:\Windows\system32\wuapi.dll
2012-06-23 10:43:25 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-23 10:43:25 ----A---- C:\Windows\system32\wuapp.exe
2012-06-20 09:42:44 ----A---- C:\Windows\system32\drivers\athrx.sys
2012-06-18 19:40:01 ----D---- C:\ProgramData\Mozilla
2012-06-18 19:40:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-18 18:54:41 ----SHD---- C:\$RECYCLE.BIN
2012-06-17 21:25:21 ----D---- C:\Windows\temp
2012-06-17 21:24:34 ----A---- C:\ComboFix.txt
2012-06-17 21:11:28 ----D---- C:\ComboFix
2012-06-17 21:03:03 ----D---- C:\Program Files (x86)\FinalWire
2012-06-16 18:10:56 ----D---- C:\ProgramData\Battle.net
2012-06-13 18:07:01 ----D---- C:\Program Files\iPod
2012-06-13 18:07:00 ----D---- C:\Program Files\iTunes
2012-06-13 18:07:00 ----D---- C:\Program Files (x86)\iTunes
2012-06-13 18:01:12 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-13 18:01:11 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-13 18:01:11 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-13 18:01:08 ----A---- C:\Windows\system32\profsvc.dll
2012-06-13 18:01:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-13 18:01:06 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-13 18:01:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-13 18:00:58 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-13 18:00:57 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-13 18:00:57 ----A---- C:\Windows\system32\msi.dll
2012-06-13 18:00:51 ----A---- C:\Windows\system32\crypt32.dll
2012-06-13 18:00:50 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-13 18:00:50 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-13 18:00:50 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-13 18:00:50 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-13 18:00:50 ----A---- C:\Windows\system32\cryptnet.dll
======List of files/folders modified in the last 1 month======
2012-07-12 18:53:28 ----D---- C:\Windows\Prefetch
2012-07-12 18:53:26 ----D---- C:\Program Files\trend micro
2012-07-12 18:45:31 ----D---- C:\Users\pupupaj\AppData\Roaming\Skype
2012-07-12 18:20:43 ----SHD---- C:\Windows\Installer
2012-07-12 18:09:36 ----D---- C:\Windows\SysWOW64
2012-07-12 18:09:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-12 18:08:09 ----D---- C:\Windows\Minidump
2012-07-12 18:08:03 ----D---- C:\Windows
2012-07-12 10:39:16 ----D---- C:\Windows\system32\config
2012-07-12 10:18:34 ----D---- C:\Windows\winsxs
2012-07-11 22:38:47 ----D---- C:\Windows\System32
2012-07-11 22:38:46 ----D---- C:\Windows\SYSWOW64\migration
2012-07-11 22:38:46 ----D---- C:\Windows\system32\migration
2012-07-11 22:38:46 ----D---- C:\Windows\system32\drivers
2012-07-11 22:38:46 ----D---- C:\Program Files\Internet Explorer
2012-07-11 22:38:46 ----D---- C:\Program Files (x86)\Internet Explorer
2012-07-11 22:37:27 ----SHD---- C:\System Volume Information
2012-07-11 21:58:06 ----D---- C:\Windows\system32\catroot
2012-07-11 21:56:34 ----D---- C:\ProgramData\Microsoft Help
2012-07-11 21:51:44 ----A---- C:\Windows\system32\MRT.exe
2012-07-11 21:50:54 ----D---- C:\Windows\system32\catroot2
2012-07-10 09:03:01 ----D---- C:\Windows\inf
2012-07-10 09:03:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-09 19:52:55 ----D---- C:\ProgramData\Skype
2012-07-09 11:03:55 ----SD---- C:\Users\pupupaj\AppData\Roaming\Microsoft
2012-07-06 10:17:18 ----D---- C:\Windows\system32\DriverStore
2012-07-06 10:17:07 ----RSD---- C:\Windows\assembly
2012-07-06 10:16:50 ----A---- C:\Windows\win.ini
2012-07-05 14:02:28 ----D---- C:\Windows\system32\Tasks
2012-07-05 14:02:24 ----D---- C:\Program Files\CCleaner
2012-07-05 13:50:32 ----D---- C:\Windows\ShellNew
2012-07-05 12:18:05 ----D---- C:\Program Files (x86)\Common Files
2012-07-05 12:13:45 ----RD---- C:\Program Files (x86)
2012-07-05 12:13:09 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-07-05 12:13:09 ----A---- C:\Windows\SYSWOW64\java.exe
2012-07-05 12:13:07 ----D---- C:\Program Files (x86)\Java
2012-06-24 14:55:21 ----D---- C:\Windows\rescache
2012-06-23 20:14:35 ----D---- C:\Users\pupupaj\AppData\Roaming\Apple Computer
2012-06-23 19:20:19 ----D---- C:\Windows\system32\cs-CZ
2012-06-18 19:40:03 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-06-18 19:40:01 ----D---- C:\ProgramData
2012-06-18 18:54:06 ----D---- C:\Windows\system32\drivers\etc
2012-06-17 21:25:22 ----D---- C:\Qoobox
2012-06-17 21:20:51 ----A---- C:\Windows\system.ini
2012-06-17 21:17:59 ----D---- C:\Windows\Tasks
2012-06-17 21:16:15 ----D---- C:\Windows\SYSWOW64\drivers
2012-06-17 21:16:15 ----D---- C:\Windows\AppPatch
2012-06-17 21:16:13 ----D---- C:\Program Files\Common Files
2012-06-16 20:18:52 ----D---- C:\Program Files (x86)\VP Suite 5.2
2012-06-16 10:14:19 ----D---- C:\Windows\ERDNT
2012-06-13 22:53:39 ----D---- C:\Windows\Microsoft.NET
2012-06-13 19:07:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-13 18:07:01 ----RD---- C:\Program Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2011-10-13 31344]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-05 264192]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-06-20 3678720]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-09-08 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 ALSysIO;ALSysIO; \??\C:\Users\pupupaj\AppData\Local\Temp\ALSysIO64.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-04-22 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 XICTAMDM;CELOT-W USB MODEM Driver; C:\Windows\system32\DRIVERS\XICTAMDM.sys [2010-07-17 185176]
S3 XICTANmea;CELOT-W NMEA Device Driver(WDM); C:\Windows\system32\DRIVERS\XICTANmea.sys [2010-07-17 185176]
S3 XICTAVSP;CELOT-W DM Interface Driver(WDM); C:\Windows\system32\DRIVERS\XICTAVSP.sys [2010-07-17 185176]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-09-08 271360]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-02-25 69632]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2011-10-14 994360]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S3 VisualSVNServer;VisualSVN Server; C:\Program Files (x86)\VisualSVN Server\bin\VisualSVNServer.exe [2011-10-24 24424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-29 1255736]
-----------------EOF-----------------
Dekuju Pupupaj
Log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by pupupaj at 2012-07-12 18:53:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 44 GB (44%) free of 100 GB
Total RAM: 3951 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:28, on 12.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\trend micro\pupupaj.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VisualSVN Server (VisualSVNServer) - Apache Software Foundation - C:\Program Files (x86)\VisualSVN Server\bin\VisualSVNServer.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8828 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\alg.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
taskeng.exe {FDFFEDF3-0387-49EF-98F0-C34F79808630}
"D:\Download\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\pupupaj\AppData\Roaming\Mozilla\Firefox\Profiles\tsr0h9yx.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-11 347424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-11 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-09-08 489472]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1744152]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-03 17417392]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 68376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-10 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-07-11 21:57:55 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 21:50:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-11 21:50:42 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-11 21:50:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-11 21:50:41 ----A---- C:\Windows\SYSWOW64\url.dll
2012-07-11 21:50:41 ----A---- C:\Windows\system32\urlmon.dll
2012-07-11 21:50:41 ----A---- C:\Windows\system32\url.dll
2012-07-11 21:50:41 ----A---- C:\Windows\system32\iertutil.dll
2012-07-11 21:50:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-07-11 21:50:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-11 21:50:40 ----A---- C:\Windows\system32\ieui.dll
2012-07-11 21:50:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-07-11 21:50:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-11 21:50:39 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-11 21:50:38 ----A---- C:\Windows\system32\wininet.dll
2012-07-11 21:50:38 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-11 21:50:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-11 21:50:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-07-11 21:50:37 ----A---- C:\Windows\system32\jscript9.dll
2012-07-11 21:50:37 ----A---- C:\Windows\system32\jscript.dll
2012-07-11 21:50:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-11 21:50:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-11 21:50:34 ----A---- C:\Windows\system32\mshtml.dll
2012-07-11 21:50:33 ----A---- C:\Windows\system32\ieframe.dll
2012-07-11 21:50:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 11:54:21 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 11:54:20 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-11 11:54:20 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 11:54:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-07-11 11:54:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-11 11:54:19 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 11:54:18 ----A---- C:\Windows\system32\shell32.dll
2012-07-11 11:54:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-07-11 11:54:13 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 11:54:13 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 11:54:12 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-07-11 11:54:12 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-11 11:54:12 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 11:54:12 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 11:54:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 11:54:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-07-11 11:54:11 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-07-11 11:54:09 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-07-11 11:54:07 ----A---- C:\Windows\system32\cdosys.dll
2012-07-06 10:14:56 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-07-06 10:14:56 ----A---- C:\Windows\system32\qdvd.dll
2012-07-05 12:13:45 ----D---- C:\Program Files (x86)\Oracle
2012-07-05 12:13:24 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-07-05 12:13:24 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-06-23 10:43:46 ----A---- C:\Windows\system32\wups2.dll
2012-06-23 10:43:46 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-23 10:43:45 ----A---- C:\Windows\system32\wucltux.dll
2012-06-23 10:43:45 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-23 10:43:39 ----A---- C:\Windows\system32\wups.dll
2012-06-23 10:43:39 ----A---- C:\Windows\system32\wudriver.dll
2012-06-23 10:43:39 ----A---- C:\Windows\system32\wuapi.dll
2012-06-23 10:43:25 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-23 10:43:25 ----A---- C:\Windows\system32\wuapp.exe
2012-06-20 09:42:44 ----A---- C:\Windows\system32\drivers\athrx.sys
2012-06-18 19:40:01 ----D---- C:\ProgramData\Mozilla
2012-06-18 19:40:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-18 18:54:41 ----SHD---- C:\$RECYCLE.BIN
2012-06-17 21:25:21 ----D---- C:\Windows\temp
2012-06-17 21:24:34 ----A---- C:\ComboFix.txt
2012-06-17 21:11:28 ----D---- C:\ComboFix
2012-06-17 21:03:03 ----D---- C:\Program Files (x86)\FinalWire
2012-06-16 18:10:56 ----D---- C:\ProgramData\Battle.net
2012-06-13 18:07:01 ----D---- C:\Program Files\iPod
2012-06-13 18:07:00 ----D---- C:\Program Files\iTunes
2012-06-13 18:07:00 ----D---- C:\Program Files (x86)\iTunes
2012-06-13 18:01:12 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-13 18:01:11 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-13 18:01:11 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-13 18:01:08 ----A---- C:\Windows\system32\profsvc.dll
2012-06-13 18:01:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-13 18:01:06 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-13 18:01:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-13 18:00:58 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-13 18:00:57 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-13 18:00:57 ----A---- C:\Windows\system32\msi.dll
2012-06-13 18:00:51 ----A---- C:\Windows\system32\crypt32.dll
2012-06-13 18:00:50 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-13 18:00:50 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-13 18:00:50 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-13 18:00:50 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-13 18:00:50 ----A---- C:\Windows\system32\cryptnet.dll
======List of files/folders modified in the last 1 month======
2012-07-12 18:53:28 ----D---- C:\Windows\Prefetch
2012-07-12 18:53:26 ----D---- C:\Program Files\trend micro
2012-07-12 18:45:31 ----D---- C:\Users\pupupaj\AppData\Roaming\Skype
2012-07-12 18:20:43 ----SHD---- C:\Windows\Installer
2012-07-12 18:09:36 ----D---- C:\Windows\SysWOW64
2012-07-12 18:09:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-12 18:08:09 ----D---- C:\Windows\Minidump
2012-07-12 18:08:03 ----D---- C:\Windows
2012-07-12 10:39:16 ----D---- C:\Windows\system32\config
2012-07-12 10:18:34 ----D---- C:\Windows\winsxs
2012-07-11 22:38:47 ----D---- C:\Windows\System32
2012-07-11 22:38:46 ----D---- C:\Windows\SYSWOW64\migration
2012-07-11 22:38:46 ----D---- C:\Windows\system32\migration
2012-07-11 22:38:46 ----D---- C:\Windows\system32\drivers
2012-07-11 22:38:46 ----D---- C:\Program Files\Internet Explorer
2012-07-11 22:38:46 ----D---- C:\Program Files (x86)\Internet Explorer
2012-07-11 22:37:27 ----SHD---- C:\System Volume Information
2012-07-11 21:58:06 ----D---- C:\Windows\system32\catroot
2012-07-11 21:56:34 ----D---- C:\ProgramData\Microsoft Help
2012-07-11 21:51:44 ----A---- C:\Windows\system32\MRT.exe
2012-07-11 21:50:54 ----D---- C:\Windows\system32\catroot2
2012-07-10 09:03:01 ----D---- C:\Windows\inf
2012-07-10 09:03:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-09 19:52:55 ----D---- C:\ProgramData\Skype
2012-07-09 11:03:55 ----SD---- C:\Users\pupupaj\AppData\Roaming\Microsoft
2012-07-06 10:17:18 ----D---- C:\Windows\system32\DriverStore
2012-07-06 10:17:07 ----RSD---- C:\Windows\assembly
2012-07-06 10:16:50 ----A---- C:\Windows\win.ini
2012-07-05 14:02:28 ----D---- C:\Windows\system32\Tasks
2012-07-05 14:02:24 ----D---- C:\Program Files\CCleaner
2012-07-05 13:50:32 ----D---- C:\Windows\ShellNew
2012-07-05 12:18:05 ----D---- C:\Program Files (x86)\Common Files
2012-07-05 12:13:45 ----RD---- C:\Program Files (x86)
2012-07-05 12:13:09 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-07-05 12:13:09 ----A---- C:\Windows\SYSWOW64\java.exe
2012-07-05 12:13:07 ----D---- C:\Program Files (x86)\Java
2012-06-24 14:55:21 ----D---- C:\Windows\rescache
2012-06-23 20:14:35 ----D---- C:\Users\pupupaj\AppData\Roaming\Apple Computer
2012-06-23 19:20:19 ----D---- C:\Windows\system32\cs-CZ
2012-06-18 19:40:03 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-06-18 19:40:01 ----D---- C:\ProgramData
2012-06-18 18:54:06 ----D---- C:\Windows\system32\drivers\etc
2012-06-17 21:25:22 ----D---- C:\Qoobox
2012-06-17 21:20:51 ----A---- C:\Windows\system.ini
2012-06-17 21:17:59 ----D---- C:\Windows\Tasks
2012-06-17 21:16:15 ----D---- C:\Windows\SYSWOW64\drivers
2012-06-17 21:16:15 ----D---- C:\Windows\AppPatch
2012-06-17 21:16:13 ----D---- C:\Program Files\Common Files
2012-06-16 20:18:52 ----D---- C:\Program Files (x86)\VP Suite 5.2
2012-06-16 10:14:19 ----D---- C:\Windows\ERDNT
2012-06-13 22:53:39 ----D---- C:\Windows\Microsoft.NET
2012-06-13 19:07:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-13 18:07:01 ----RD---- C:\Program Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2011-10-13 31344]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-05 264192]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-06-20 3678720]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-09-08 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 ALSysIO;ALSysIO; \??\C:\Users\pupupaj\AppData\Local\Temp\ALSysIO64.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-04-22 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 XICTAMDM;CELOT-W USB MODEM Driver; C:\Windows\system32\DRIVERS\XICTAMDM.sys [2010-07-17 185176]
S3 XICTANmea;CELOT-W NMEA Device Driver(WDM); C:\Windows\system32\DRIVERS\XICTANmea.sys [2010-07-17 185176]
S3 XICTAVSP;CELOT-W DM Interface Driver(WDM); C:\Windows\system32\DRIVERS\XICTAVSP.sys [2010-07-17 185176]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-09-08 271360]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-02-25 69632]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2011-10-14 994360]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S3 VisualSVNServer;VisualSVN Server; C:\Program Files (x86)\VisualSVN Server\bin\VisualSVNServer.exe [2011-10-24 24424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-29 1255736]
-----------------EOF-----------------
jako admin