Zde: Logfile of random's system information tool 1.09 (written by random/random)
Run by tomas at 2012-10-20 16:32:21
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 148 GB (62%) free of 238 GB
Total RAM: 3067 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:32:27, on 20.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\FreeCommander\FreeCommander.exe
C:\Program Files\trend micro\tomas.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files (x86)\jZip\WebmailPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\tomas\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TiVme Agent] C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe srec
O4 - HKCU\..\Run: [HydraVisionMDEngine] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe"
O4 - HKCU\..\Run: [Grid] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN23Q5442805PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series (Síť).lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C689184F-63B0-4B9E-8841-BF7D0C16B8C0}: NameServer = 172.16.0.100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\22639~1.201\{16cdf~1\brwmngr.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12138 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {72DBAE89-5976-45CD-A85A-17530D4A405A}
"taskhost.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\AESTSr64.exe
"C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe" srec
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"
Grid64.exe -h:65866 -t:0 "Připojit k &mřížce" "O&dpojit od mřížky" "Úpravy mřížky…"
HydraMD64.exe -h:131416
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN23Q5442805PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN23Q5442805PJ;CONNECTION=NW;MONITOR=1;
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\FreeCommander\FreeCommander.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
taskeng.exe {8FB2C876-F56E-4D3B-B927-766567D9C766}
"C:\Users\tomas\Downloads\RSITx64.exe"
"C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3991514850-1806479997-932184697-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3991514850-1806479997-932184697-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HP Photo Creations Communicator.job
=========Mozilla firefox=========
ProfilePath - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\8oxx9jqp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "
http://seznam.cz"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "
http://www.google.com/search?btnI=I%27m ... e=UTF-8&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
search.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\8oxx9jqp.default\extensions\
jid0-Pm0nbsggUvL00CBoW6YwCaqv8bk@jetpack
trash
{bac96ae2-1515-4b15-906f-f13a9f682c83}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\8oxx9jqp.default\searchplugins\
bProtect.xml
firmycz.xml
ixquick-http.xml
ixquick-https.xml
mapycz.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-08-21 1501776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-09-22 253584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{647FD14A-C4F1-46F4-8FC3-0B40F54226F7}]
jZip Webmail plugin - C:\Program Files (x86)\jZip\WebmailPlugin.dll [2008-07-02 591296]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-08-28 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-08-21 1227224]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\tomas\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-09-22 192144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-08-21 1501776]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-09-22 253584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-08-21 1227224]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-09-22 192144]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-03-16 462848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-09-11 39408]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe [2010-01-25 114688]
"HydraVisionMDEngine"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe [2012-05-08 569344]
"Grid"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [2012-05-08 405504]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-10-05 4764032]
"HP Deskjet 3050A J611 series (NET)"=C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2011-06-08 2676584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-08-21 4282728]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-03-24 49208]
""= []
[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []
C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series (Síť).lnk - C:\Windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-10-20 16:32:21 ----D---- C:\rsit
2012-10-20 16:32:21 ----D---- C:\Program Files\trend micro
2012-10-20 16:22:46 ----A---- C:\AdwCleaner[S1].txt
2012-10-20 15:26:34 ----A---- C:\AdwCleaner[R2].txt
2012-10-20 15:19:58 ----A---- C:\AdwCleaner[R1].txt
2012-10-12 16:12:18 ----D---- C:\Users\tomas\AppData\Roaming\Visan
2012-10-12 16:12:07 ----D---- C:\ProgramData\Visan
2012-10-12 15:33:54 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-10-12 15:33:37 ----D---- C:\Program Files (x86)\Microsoft
2012-10-12 15:33:20 ----D---- C:\ProgramData\HP Photo Creations
2012-10-12 15:33:20 ----D---- C:\Program Files (x86)\HP Photo Creations
2012-10-12 15:32:56 ----D---- C:\Users\tomas\AppData\Roaming\HpUpdate
2012-10-12 15:32:37 ----N---- C:\Windows\system32\HPDiscoPMa011.dll
2012-10-12 15:32:16 ----D---- C:\ProgramData\HP
2012-10-12 15:32:10 ----D---- C:\Program Files (x86)\HP
2012-10-12 15:31:41 ----D---- C:\Program Files\HP
2012-10-12 15:31:31 ----A---- C:\ProgramData\Ament.ini
2012-10-10 13:39:00 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-10 13:38:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-10 13:38:56 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-10 13:38:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-10 13:38:47 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-10 13:38:47 ----A---- C:\Windows\system32\kernel32.dll
2012-10-10 13:38:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-10 13:38:46 ----A---- C:\Windows\system32\winsrv.dll
2012-10-10 13:38:46 ----A---- C:\Windows\system32\conhost.exe
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 13:38:45 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 13:38:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-10 13:38:45 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-10 13:38:45 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-10 13:38:45 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-10 13:38:45 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-10 13:38:45 ----A---- C:\Windows\system32\wow64win.dll
2012-10-10 13:38:45 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-10 13:38:45 ----A---- C:\Windows\system32\wow64.dll
2012-10-10 13:38:45 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 13:38:44 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 13:38:43 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 13:38:43 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-10 13:38:33 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-10 13:38:33 ----A---- C:\Windows\system32\wintrust.dll
2012-10-10 13:38:25 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-10 13:38:25 ----A---- C:\Windows\system32\tzres.dll
2012-10-10 13:38:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-10 13:38:17 ----A---- C:\Windows\system32\kerberos.dll
2012-10-10 13:38:11 ----A---- C:\Windows\system32\crypt32.dll
2012-10-10 13:38:10 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-10 13:38:10 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-10 13:38:10 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-10 13:38:10 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-10 13:38:09 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-09 18:07:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-10-07 16:38:48 ----D---- C:\Users\tomas\AppData\Roaming\SUPERAntiSpyware.com
2012-10-07 16:38:24 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-10-07 16:38:24 ----D---- C:\Program Files\SUPERAntiSpyware
2012-09-26 16:10:05 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-22 19:43:56 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-22 19:43:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-22 19:43:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-09-22 19:43:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-22 19:43:53 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-22 19:43:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-22 19:43:53 ----A---- C:\Windows\system32\url.dll
2012-09-22 19:43:53 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-22 19:43:53 ----A---- C:\Windows\system32\ieui.dll
2012-09-22 19:43:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-22 19:43:52 ----A---- C:\Windows\system32\urlmon.dll
2012-09-22 19:43:51 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-22 19:43:51 ----A---- C:\Windows\system32\jscript9.dll
2012-09-22 19:43:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-22 19:43:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-09-22 19:43:50 ----A---- C:\Windows\system32\wininet.dll
2012-09-22 19:43:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-22 19:43:48 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-22 19:43:48 ----A---- C:\Windows\system32\vbscript.dll
2012-09-22 19:43:48 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-22 19:43:47 ----A---- C:\Windows\system32\jscript.dll
2012-09-22 19:43:47 ----A---- C:\Windows\system32\iertutil.dll
2012-09-22 19:43:46 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-22 19:43:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-22 19:43:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-22 19:43:43 ----A---- C:\Windows\system32\mshtml.dll
2012-09-22 19:43:41 ----A---- C:\Windows\system32\ieframe.dll
2012-09-22 19:43:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
======List of files/folders modified in the last 1 month======
2012-10-20 16:32:27 ----D---- C:\Windows\Prefetch
2012-10-20 16:32:24 ----D---- C:\Windows\Temp
2012-10-20 16:32:21 ----RD---- C:\Program Files
2012-10-20 16:29:04 ----D---- C:\Windows\System32
2012-10-20 16:29:04 ----D---- C:\Windows\inf
2012-10-20 16:29:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-20 16:27:36 ----D---- C:\Windows\system32\config
2012-10-20 16:24:34 ----D---- C:\Windows
2012-10-20 16:24:33 ----HD---- C:\ProgramData
2012-10-20 10:53:54 ----D---- C:\Windows\system32\Tasks
2012-10-19 16:29:52 ----D---- C:\Program Files\World of Warcraft
2012-10-19 15:44:30 ----D---- C:\Users\tomas\AppData\Roaming\uTorrent
2012-10-18 12:53:28 ----SHD---- C:\System Volume Information
2012-10-15 15:06:25 ----SHD---- C:\Windows\Installer
2012-10-14 14:14:52 ----D---- C:\Users\tomas\AppData\Roaming\Skype
2012-10-14 10:41:10 ----RD---- C:\Program Files (x86)
2012-10-14 10:40:09 ----SD---- C:\ProgramData\Microsoft
2012-10-14 10:37:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-13 09:59:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-12 16:12:10 ----D---- C:\Windows\Tasks
2012-10-12 15:37:40 ----D---- C:\Windows\system32\drivers
2012-10-12 15:32:35 ----D---- C:\Windows\system32\catroot
2012-10-12 15:32:34 ----D---- C:\Windows\system32\DriverStore
2012-10-12 15:32:10 ----D---- C:\Windows\twain_32
2012-10-11 14:01:39 ----D---- C:\Windows\rescache
2012-10-11 10:58:19 ----D---- C:\Windows\winsxs
2012-10-11 10:56:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-10-11 10:56:39 ----D---- C:\Windows\SysWOW64
2012-10-11 10:56:38 ----D---- C:\Windows\system32\cs-CZ
2012-10-11 10:56:38 ----D---- C:\Windows\AppPatch
2012-10-10 19:27:51 ----D---- C:\Windows\debug
2012-10-10 19:27:48 ----A---- C:\Windows\system32\MRT.exe
2012-10-10 19:27:40 ----D---- C:\ProgramData\Microsoft Help
2012-10-10 19:26:31 ----D---- C:\Program Files (x86)\Microsoft Works
2012-10-10 18:44:12 ----D---- C:\Users\tomas\AppData\Roaming\Winamp
2012-10-10 16:49:20 ----D---- C:\Program Files\CCleaner
2012-10-10 13:37:49 ----D---- C:\Windows\system32\catroot2
2012-10-09 18:07:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-10-07 16:37:02 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-10-07 16:37:02 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-09-23 09:09:25 ----D---- C:\Windows\SYSWOW64\migration
2012-09-23 09:09:25 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-23 09:09:24 ----D---- C:\Windows\system32\migration
2012-09-23 09:09:24 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 34472]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-08 2769400]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-03-16 477696]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 166232]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 36352]
S1 archlp;archlp; SysWOW64\drivers\archlp.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-09-03 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-09-03 27760]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\AESTSr64.exe [2009-03-16 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-08-21 44808]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2011-12-09 190336]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\STacSV64.exe [2009-03-16 268288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-11 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-11 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-14 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-11 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
