...a nakonec zpráva z RSIT a díky moc za pomoc:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Siri at 2012-12-02 19:37:17
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 250 GB (83%) free of 300 GB
Total RAM: 3839 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:37:41, on 2.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Seznam.cz\bin\postak.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Miranda IM\miranda32.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Siri.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.conduit.com/?SearchSource ... =ct3135048
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\bin\core.4.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" -d
O4 - HKLM\..\Run: [SMART Board Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
O4 - HKLM\..\Run: [SMART Ink] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Miranda.lnk = C:\Program Files (x86)\Miranda IM\miranda32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SMART Helper Service (SMARTHelperService) - SMART Technologies - C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11799 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=3975a17e-9620-4b31-9b56-e0102c33b14c /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\625f111c-ed92-4b06-9335-65127479673d-1c8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
/QuitInfo:0000000000000488;0000000000000490; /AddRef;
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {2EEA66D4-32DB-4854-8AE1-7CBEAA2AE12C}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
C:\Windows\system32\rundll32.exe "C:\Windows\SysWOW64\kanji_2X.dll",YFELCZMB
"taskhost.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe"
/QuitInfo:0000000000000560;0000000000000564; /AddRef;
/QuitInfo:0000000000000558;000000000000056C;
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
/loadhooks /Parent:000000000000086C
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
WLIDSvcM.exe 2348
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Miranda IM\miranda32.exe"
"C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" -d
"C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-327b4300-051c-4e9d-a8fa-a1f9d8238e8d -SystemEventPortName:HostProcess-7f187868-688b-4b9e-986d-155e1be68097 -IoCancelEventPortName:HostProcess-97d49bcd-f90b-4d1b-9946-97c19a8e4066 -NonStateChangingEventPortName:HostProcess-94b8305b-02de-4d06-81c0-9ced9d976ca2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:41204313-fc74-4905-bb85-ad7a676192b4 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\wbengine.exe"
C:\Windows\System32\vds.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"taskhost.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Siri\Desktop\Stažené soubory\Antiviry\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Jtps.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Siri\AppData\Roaming\Mozilla\Firefox\Profiles\7glothun.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "
http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8, {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0, {D6D05E6F-D5C1-4e03-8E33-73F92B05E262}:10.2,
cs@dictionaries.addons.mozilla.org:1.0.2, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "
http://search.babylon.com/?affID=111304 ... 586df1c&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Siri\AppData\Roaming\Mozilla\Firefox\Profiles\7glothun.default\extensions\
cs@dictionaries.addons.mozilla.org
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Siri\AppData\Roaming\Mozilla\Firefox\Profiles\7glothun.default\searchplugins\
conduit.xml
firmycz.xml
mapycz.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
SMART Notebook Download Utility - C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll [2012-03-28 323440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
SMART Notebook Download Utility - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll [2012-03-28 237424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files (x86)\Seznam.cz\bin\core.4.dll [2012-01-10 1151520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 2114376]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-07-27 35768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-04-03 1234216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\qttask.exe [2006-09-01 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sweex WC031V3 snapshot button monitor.lnk]
C:\PROGRA~2\Sweex\WC031V3\VMonitor.exe [2008-08-29 143360]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SMART Board Service"=C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [2012-03-21 2186096]
"SMART Board Tools"=C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe [2012-03-09 10132336]
"SMART Ink"=C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [2012-05-31 94616]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-11-06 3143800]
C:\Users\Siri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Miranda.lnk - C:\Program Files (x86)\Miranda IM\miranda32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-12-02 19:37:19 ----D---- C:\Program Files\trend micro
2012-12-02 19:37:17 ----D---- C:\rsit
2012-11-30 21:07:10 ----D---- C:\Users\Siri\AppData\Roaming\Malwarebytes
2012-11-30 21:06:49 ----D---- C:\ProgramData\Malwarebytes
2012-11-30 21:06:49 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-11-30 21:06:48 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-27 15:34:27 ----D---- C:\Users\Siri\AppData\Roaming\AVG2013
2012-11-27 15:33:39 ----D---- C:\Users\Siri\AppData\Roaming\TuneUp Software
2012-11-27 15:33:04 ----HD---- C:\$AVG
2012-11-27 15:33:04 ----D---- C:\ProgramData\AVG2013
2012-11-27 15:32:48 ----D---- C:\Program Files (x86)\AVG
2012-11-27 15:29:42 ----D---- C:\ProgramData\MFAData
2012-11-16 16:42:12 ----A---- C:\Windows\ntbtlog.txt
2012-11-15 22:17:29 ----D---- C:\Program Files\Enigma Software Group
2012-11-15 22:16:54 ----D---- C:\Windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-11-15 21:46:55 ----A---- C:\scu.dat
2012-11-15 20:56:29 ----A---- C:\Windows\wininit.ini
2012-11-15 20:42:36 ----D---- C:\ProgramData\DVD Shrink
2012-11-15 20:42:34 ----D---- C:\Program Files (x86)\DVD Shrink
2012-11-15 20:35:58 ----D---- C:\Program Files (x86)\7-Zip
2012-11-15 20:35:57 ----A---- C:\Windows\unins000.exe
2012-11-15 20:35:57 ----A---- C:\Windows\unins000.dat
2012-11-15 20:35:45 ----D---- C:\Users\Siri\AppData\Roaming\2YourFace
2012-11-15 20:35:35 ----D---- C:\ProgramData\Tarma Installer
2012-11-15 17:32:57 ----D---- C:\Program Files (x86)\Linos Software
2012-11-15 17:32:33 ----D---- C:\Windows\Downloaded Installations
2012-11-15 17:20:23 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-15 17:20:23 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-15 17:20:23 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-15 17:15:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-15 17:15:39 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-15 17:15:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-15 17:15:37 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-15 17:15:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-15 17:15:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-15 17:15:37 ----A---- C:\Windows\system32\url.dll
2012-11-15 17:15:37 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-15 17:15:37 ----A---- C:\Windows\system32\ieui.dll
2012-11-15 17:15:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-15 17:15:36 ----A---- C:\Windows\system32\urlmon.dll
2012-11-15 17:15:36 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-15 17:15:36 ----A---- C:\Windows\system32\jscript9.dll
2012-11-15 17:15:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-15 17:15:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-15 17:15:35 ----A---- C:\Windows\system32\wininet.dll
2012-11-15 17:15:35 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-15 17:15:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-15 17:15:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-15 17:15:34 ----A---- C:\Windows\system32\vbscript.dll
2012-11-15 17:15:34 ----A---- C:\Windows\system32\jscript.dll
2012-11-15 17:15:34 ----A---- C:\Windows\system32\iertutil.dll
2012-11-15 17:15:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-15 17:15:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-15 17:15:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-15 17:15:31 ----A---- C:\Windows\system32\mshtml.dll
2012-11-15 17:15:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-15 17:15:30 ----A---- C:\Windows\system32\ieframe.dll
2012-11-15 17:12:58 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-15 17:12:58 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-15 17:12:58 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-15 17:12:57 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-15 17:12:57 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-15 17:12:57 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-15 17:12:57 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-15 17:11:10 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-15 17:11:09 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-15 17:11:09 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-15 17:11:09 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-15 17:11:09 ----A---- C:\Windows\system32\ncsi.dll
2012-11-15 17:11:09 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-15 17:11:08 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-15 17:11:08 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-15 17:11:08 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-15 17:11:08 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-15 17:11:08 ----A---- C:\Windows\system32\netevent.dll
2012-11-15 17:11:08 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-15 17:10:58 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-15 17:10:58 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-15 17:10:58 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-15 17:10:58 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-15 17:10:38 ----A---- C:\Windows\system32\win32k.sys
2012-11-15 17:10:02 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-15 17:10:02 ----A---- C:\Windows\system32\synceng.dll
======List of files/folders modified in the last 1 month======
2012-12-02 19:37:37 ----D---- C:\Windows\Prefetch
2012-12-02 19:37:19 ----RD---- C:\Program Files
2012-12-02 19:33:11 ----D---- C:\Windows\system32\Tasks
2012-12-02 19:21:24 ----D---- C:\Windows\system32\config
2012-12-02 19:00:19 ----SHD---- C:\System Volume Information
2012-12-02 18:50:43 ----D---- C:\Windows\System32
2012-12-02 18:50:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-02 18:49:52 ----D---- C:\Windows\Temp
2012-12-02 18:49:32 ----D---- C:\ProgramData\CanonIJPLM
2012-12-02 18:08:45 ----D---- C:\Users\Siri\AppData\Roaming\Skype
2012-12-02 17:08:41 ----D---- C:\Windows\SysWOW64
2012-12-01 10:02:19 ----SHD---- C:\Windows\Installer
2012-12-01 10:01:46 ----D---- C:\Windows\system32\drivers
2012-12-01 09:57:11 ----RD---- C:\Program Files (x86)
2012-12-01 09:54:19 ----D---- C:\ProgramData\Norton
2012-12-01 09:54:17 ----D---- C:\Windows\Tasks
2012-12-01 09:54:17 ----D---- C:\ProgramData\Symantec
2012-11-30 21:06:49 ----HD---- C:\ProgramData
2012-11-30 20:29:18 ----D---- C:\Windows\rescache
2012-11-30 17:52:02 ----D---- C:\Windows\winsxs
2012-11-30 17:51:59 ----D---- C:\Windows\AppPatch
2012-11-30 17:49:45 ----D---- C:\Windows\system32\catroot
2012-11-30 17:49:44 ----D---- C:\Windows\system32\catroot2
2012-11-27 15:53:52 ----SD---- C:\ProgramData\Microsoft
2012-11-26 16:23:28 ----D---- C:\Windows\Minidump
2012-11-26 16:23:12 ----D---- C:\Windows
2012-11-15 22:17:39 ----D---- C:\Windows\inf
2012-11-15 22:16:48 ----D---- C:\Program Files (x86)\Common Files
2012-11-15 20:42:03 ----D---- C:\Windows\system32\drivers\etc
2012-11-15 20:41:16 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-11-15 20:40:15 ----D---- C:\Windows\Logs
2012-11-15 20:40:15 ----D---- C:\Windows\debug
2012-11-15 17:58:54 ----D---- C:\Windows\Microsoft.NET
2012-11-15 17:58:53 ----RSD---- C:\Windows\assembly
2012-11-15 17:36:22 ----D---- C:\Windows\SYSWOW64\migration
2012-11-15 17:36:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-11-15 17:36:22 ----D---- C:\Windows\system32\wbem
2012-11-15 17:36:22 ----D---- C:\Windows\system32\migration
2012-11-15 17:36:22 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-15 17:36:22 ----D---- C:\Windows\system32\cs-CZ
2012-11-15 17:36:22 ----D---- C:\Windows\PolicyDefinitions
2012-11-15 17:36:22 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-15 17:36:21 ----RSD---- C:\Windows\Fonts
2012-11-15 17:36:21 ----D---- C:\Program Files\Internet Explorer
2012-11-15 17:29:26 ----SHD---- C:\$Recycle.Bin
2012-11-15 17:24:13 ----D---- C:\ProgramData\Microsoft Help
2012-11-15 17:14:34 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 17:14:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-15 17:12:15 ----A---- C:\Windows\win.ini
2012-11-03 12:06:33 ----D---- C:\Users\Siri\AppData\Roaming\.minecraft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2006-07-24 52664]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-01-01 34472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-02-11 6368256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-02-11 188416]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2010-04-23 123840]
R3 appliandMP;appliandMP; C:\Windows\system32\DRIVERS\appliand.sys [2011-06-26 33888]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 PciSPorts;High-Speed PCI Serial Port; C:\Windows\system32\DRIVERS\PciSPorts.sys [2008-12-19 122880]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SMARTMouseFilterx64;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2012-03-21 13168]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2012-03-21 16368]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC; C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys [2012-03-21 24944]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 36352]
R3 VMUVC;Vimicro Camera Service VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [2009-07-20 199168]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\Windows\system32\drivers\vvftUVC.sys [2008-07-01 303616]
S3 appliand;Applian Network Service; C:\Windows\system32\DRIVERS\appliand.sys [2011-06-26 33888]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2007-09-17 29184]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-02-11 202752]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SMARTHelperService;SMART Helper Service; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [2012-03-21 580976]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-02 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-07-17 1044816]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-02 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-28 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-13 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Tema jsem oddelil od puvodniho at se nam to neplete
A u toho Combofixu to asi platí dvojnásob....