vir z facebooku ověření, že se podařilo odstranit
Napsal: 30 led 2013 17:59
Dobrý den,
včera se mi bohužel povedlo omylem kliknout na odkaz ze zprávy, která mi přišla přes chat na facebooku
haaahahahaahahhhahhhhhaaaahahaaaahhaaahhhahahhaahhahah
www. mediafire. com/ ?qhibdm3taabw63a
úmyslně jsem do něj teď přidal mezery, aby nebyl platný a někdo na něj omylem neklikl. Do počítače se mi stáhl soubor, který vypadal jako spořič obrazovky. Vzhledem k tomu, že mi bylo jasné, že jde o vir tak jsem se ho pokusil smazat. Nešlo to, vyskočila hláška, že soubor je používán procesem xxxx. Našel jsem si proces, ukončil ho a poté smazal z počítače (i z koše samozřejmě).
Ta věcička fungovala tak, že po stažení do počítače se ta samá zpráva, která přišla mě začala odesílat všem mým kontaktům na facebooku. Po mém "zásahu" to odesílání přestalo. Myslím, že se mi asi povedlo to dostat pryč. Proscanoval jsem pak disk antivirem a už nic nenašel, ale vzhledem k tomu, že ten samý antivir mi pustil ten soubor do počítače chtěl bych požádat ještě vás, jestli byste mi mohli kouknout na log, který přikládám. Počítač se chová normálně. Přijde mi jen, že mám pomalejší internet, ale to s tím vůbec nemusí souviset a ani si nejsem jistý, že je to opravdu od té doby. Než, ale začnu prosit poskytovatele o nápravu, raději bych si zametl před vlastním prahem.
díky moc za pomoc.
log rsit:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Andrejka a Tomáš at 2013-01-30 17:41:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 106 GB (47%) free of 223 GB
Total RAM: 5886 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:41:22, on 30.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
Q:\140066.csy\Office14\EXCELC.EXE
Q:\140066.csy\Office14\EXCELC.EXE
Q:\140066.csy\Office14\OffSpon.EXE
C:\Windows\syswow64\svchost.exe
C:\Windows\SysWOW64\svchost.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Andrejka a Tomáš.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.babylon.com/?babsrc=HP_s ... 0045e9e0fb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Microsoft Windows Service] C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe
O4 - HKLM\..\Policies\Explorer\Run: [39631] C:\PROGRA~3\LOCALS~1\Temp\msqoqwm.com
O4 - HKCU\..\Policies\Explorer\Run: [City Interactive] C:\Users\Andrejka a Tomáš\AppData\Roaming\159ACF\159ACF.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Kooperativa - PDF Server.lnk = C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9768 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3269584
\??\C:\Windows\system32\conhost.exe "399177577243999716-17029871071617508330-823020812768435453661362635-1026217190
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2344
"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Andrejka a Tomáš
"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000698
\??\C:\Windows\system32\conhost.exe "826164932-2120194149-220080049-1303527013-1993330826-12809219291191244675-1490360029
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe" "Microsoft Word Starter 2010 9014006604050000" /n "C:\Users\Andrejka a Tomáš\Downloads\Návrh řešení ukládání rozpracovaných objednávek a .docx"
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe" /start IDLE_APP_EVENT_{90140011-0066-0405-0000-0000000FF1CE}
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k secsvcs
"Q:\140066.csy\Office14\EXCELC.EXE" /dde
"Q:\140066.csy\Office14\EXCELC.EXE" /Embedding
"Q:\140066.csy\Office14\OffSpon.EXE" -Embedding
C:\Windows\syswow64\svchost.exe
svchost.exe
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="8552.1.1577111263\1089491124" /prefetch:3
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8552.2.409371339\136233010" --supports-dual-gpus=false --skip-gpu-full-info-collection --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.723.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="8552.3.460155105\50926122" /prefetch:3
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="8552.4.1639351671\1723449351" /prefetch:3
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll" --lang=cs --channel="8552.5.1272119295\1570051536" /prefetch:4
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="8552.6.1802154985\1493231813" /prefetch:3
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="8552.7.2139030914\1013765104" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe92_ Global\UsGthrCtrlFltPipeMssGthrPipe92 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Andrejka a Tomáš\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3597021740-638433563-444320614-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3597021740-638433563-444320614-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3597021740-638433563-444320614-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3597021740-638433563-444320614-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-09 426736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-15 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-06-20 1519824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-15 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll [2010-02-16 2495488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-06-20 1519824]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - HyperCam Toolbar - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll [2010-02-16 2495488]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"39631"=C:\PROGRA~3\LOCALS~1\Temp\msqoqwm.com [2009-07-14 62976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Google Update"=C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-09 136176]
"Microsoft Windows Service"=C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe [2013-01-29 66560]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"City Interactive"=C:\Users\Andrejka a Tomáš\AppData\Roaming\159ACF\159ACF.exe [2010-11-20 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\"C:]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-06-20 1568976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-08-20 487562]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Andrejka a Tomáš\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-19 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-09 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launcher]
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2011-08-01 165184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet]
C:\Program Files\Dell\QuickSet\QuickSet.exe [2010-02-26 3177120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-23 10775072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-07 102400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-15 2095400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-11-09 296096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Andrejka a Tomáš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk]
C:\PROGRA~1\KOOPER~1\KoopPxBN\KOOPPD~1.EXE [2012-08-15 10300416]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-07-18 348664]
"TkBellExe"=c:\program files (x86)\real\realplayer\update\realsched.exe [2012-11-09 296096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"39631"=C:\PROGRA~3\LOCALS~1\Temp\msqoqwm.com [2009-07-14 62976]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Andrejka a Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Kooperativa - PDF Server.lnk - C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe"="C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe:*:Enabled:Microsoft Windows Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-01-30 17:41:17 ----D---- C:\rsit
2013-01-30 17:41:17 ----D---- C:\Program Files\trend micro
2013-01-29 18:31:53 ----D---- C:\ProgramData\Local Settings
2013-01-29 18:31:53 ----A---- C:\Users\Andrejka a Tomáš\AppData\Roaming\nMNtfaARw2l97e30p5ev.exe
2013-01-29 18:31:29 ----AH---- C:\Users\Andrejka a Tomáš\AppData\Roaming\winsvcns.sys
2013-01-23 21:45:24 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\Reallusion
2013-01-15 17:48:28 ----A---- C:\Windows\system32\mshtml.dll
2013-01-15 17:48:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-01-10 08:29:42 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-10 08:29:42 ----A---- C:\Windows\system32\win32spl.dll
2013-01-10 08:29:32 ----A---- C:\Windows\system32\msxml6.dll
2013-01-10 08:29:31 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-10 08:29:31 ----A---- C:\Windows\system32\msxml3.dll
2013-01-10 08:29:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-10 08:29:23 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-10 08:29:23 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-10 08:29:23 ----A---- C:\Windows\system32\Wpc.dll
2013-01-10 08:29:23 ----A---- C:\Windows\system32\gameux.dll
2013-01-10 08:29:13 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-10 08:29:13 ----A---- C:\Windows\system32\usp10.dll
2013-01-10 08:29:12 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-10 08:29:12 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-10 08:28:48 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-10 08:28:47 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-10 08:28:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-10 08:28:46 ----A---- C:\Windows\system32\wow64win.dll
2013-01-10 08:28:46 ----A---- C:\Windows\system32\kernel32.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:28:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-10 08:28:45 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\wow64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\winsrv.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\conhost.exe
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:28:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-10 08:28:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-10 08:28:43 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-10 08:28:28 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 08:28:27 ----A---- C:\Windows\system32\win32k.sys
2013-01-05 18:30:48 ----A---- C:\Windows\binkw32.dll
2013-01-05 17:44:59 ----D---- C:\Program Files\Infogrames Interactive
2013-01-05 17:32:57 ----D---- C:\Program Files (x86)\Firaxis
======List of files/folders modified in the last 1 months======
2013-01-30 17:41:20 ----D---- C:\Windows\Temp
2013-01-30 17:41:17 ----RD---- C:\Program Files
2013-01-30 17:41:10 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\Skype
2013-01-30 17:32:48 ----D---- C:\Windows\inf
2013-01-30 17:32:48 ----D---- C:\Windows\debug
2013-01-30 17:32:48 ----D---- C:\Windows
2013-01-30 17:23:04 ----D---- C:\Windows\system32\config
2013-01-30 17:20:12 ----D---- C:\Windows\System32
2013-01-30 17:20:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-29 20:16:33 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2013-01-29 19:40:41 ----SHD---- C:\System Volume Information
2013-01-29 18:34:31 ----SHD---- C:\Users\Andrejka a Tomáš\AppData\Roaming\159ACF
2013-01-29 18:31:53 ----HD---- C:\ProgramData
2013-01-29 17:42:05 ----D---- C:\Windows\Prefetch
2013-01-27 19:17:18 ----D---- C:\Windows\system32\Tasks
2013-01-24 12:20:00 ----D---- C:\Windows\Tasks
2013-01-23 21:45:24 ----D---- C:\ProgramData\Creative
2013-01-19 19:19:18 ----D---- C:\Windows\winsxs
2013-01-19 19:17:50 ----D---- C:\Windows\SysWOW64
2013-01-19 12:50:22 ----D---- C:\Windows\rescache
2013-01-16 17:36:04 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\SoftGrid Client
2013-01-15 19:53:26 ----D---- C:\Windows\Microsoft.NET
2013-01-15 19:52:49 ----RSD---- C:\Windows\assembly
2013-01-15 17:44:37 ----D---- C:\Windows\system32\catroot
2013-01-15 17:44:36 ----D---- C:\Windows\system32\catroot2
2013-01-14 22:11:42 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-01-14 22:11:41 ----D---- C:\Windows\system32\cs-CZ
2013-01-14 22:11:38 ----D---- C:\Windows\AppPatch
2013-01-12 09:55:16 ----SHD---- C:\Windows\Installer
2013-01-12 09:45:37 ----A---- C:\Windows\system32\MRT.exe
2013-01-05 18:34:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-05 17:32:57 ----RD---- C:\Program Files (x86)
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-07-18 132832]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-07-18 98848]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-06 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-06 195584]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-08 123408]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-03-23 3060800]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-23 2356000]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-15 319536]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-04 34872]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-08-02 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-08-02 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-08-02 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-08-02 33792]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-04-29 340520]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-04-29 102440]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-04-29 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-04-29 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-04-29 21544]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 QWARQNet;Qwarq Virtual Miniport; C:\Windows\system32\DRIVERS\QWARQNet.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\Windows\system32\DRIVERS\vwmfbus.sys [2009-11-11 127488]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfdiag.sys [2009-11-11 128512]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\Windows\system32\DRIVERS\vwmfmdfl.sys [2009-11-11 18944]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\Windows\system32\DRIVERS\vwmfmdm.sys [2009-11-11 161280]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfserd.sys [2009-11-11 128512]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-06 202752]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-07-18 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-07-18 465360]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-04-29 944928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-10 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
včera se mi bohužel povedlo omylem kliknout na odkaz ze zprávy, která mi přišla přes chat na facebooku
haaahahahaahahhhahhhhhaaaahahaaaahhaaahhhahahhaahhahah
www. mediafire. com/ ?qhibdm3taabw63a
úmyslně jsem do něj teď přidal mezery, aby nebyl platný a někdo na něj omylem neklikl. Do počítače se mi stáhl soubor, který vypadal jako spořič obrazovky. Vzhledem k tomu, že mi bylo jasné, že jde o vir tak jsem se ho pokusil smazat. Nešlo to, vyskočila hláška, že soubor je používán procesem xxxx. Našel jsem si proces, ukončil ho a poté smazal z počítače (i z koše samozřejmě).
Ta věcička fungovala tak, že po stažení do počítače se ta samá zpráva, která přišla mě začala odesílat všem mým kontaktům na facebooku. Po mém "zásahu" to odesílání přestalo. Myslím, že se mi asi povedlo to dostat pryč. Proscanoval jsem pak disk antivirem a už nic nenašel, ale vzhledem k tomu, že ten samý antivir mi pustil ten soubor do počítače chtěl bych požádat ještě vás, jestli byste mi mohli kouknout na log, který přikládám. Počítač se chová normálně. Přijde mi jen, že mám pomalejší internet, ale to s tím vůbec nemusí souviset a ani si nejsem jistý, že je to opravdu od té doby. Než, ale začnu prosit poskytovatele o nápravu, raději bych si zametl před vlastním prahem.
díky moc za pomoc.
log rsit:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Andrejka a Tomáš at 2013-01-30 17:41:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 106 GB (47%) free of 223 GB
Total RAM: 5886 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:41:22, on 30.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
Q:\140066.csy\Office14\EXCELC.EXE
Q:\140066.csy\Office14\EXCELC.EXE
Q:\140066.csy\Office14\OffSpon.EXE
C:\Windows\syswow64\svchost.exe
C:\Windows\SysWOW64\svchost.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Andrejka a Tomáš.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.babylon.com/?babsrc=HP_s ... 0045e9e0fb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Microsoft Windows Service] C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe
O4 - HKLM\..\Policies\Explorer\Run: [39631] C:\PROGRA~3\LOCALS~1\Temp\msqoqwm.com
O4 - HKCU\..\Policies\Explorer\Run: [City Interactive] C:\Users\Andrejka a Tomáš\AppData\Roaming\159ACF\159ACF.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Kooperativa - PDF Server.lnk = C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9768 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3269584
\??\C:\Windows\system32\conhost.exe "399177577243999716-17029871071617508330-823020812768435453661362635-1026217190
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2344
"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Andrejka a Tomáš
"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000698
\??\C:\Windows\system32\conhost.exe "826164932-2120194149-220080049-1303527013-1993330826-12809219291191244675-1490360029
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe" "Microsoft Word Starter 2010 9014006604050000" /n "C:\Users\Andrejka a Tomáš\Downloads\Návrh řešení ukládání rozpracovaných objednávek a .docx"
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe" /start IDLE_APP_EVENT_{90140011-0066-0405-0000-0000000FF1CE}
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k secsvcs
"Q:\140066.csy\Office14\EXCELC.EXE" /dde
"Q:\140066.csy\Office14\EXCELC.EXE" /Embedding
"Q:\140066.csy\Office14\OffSpon.EXE" -Embedding
C:\Windows\syswow64\svchost.exe
svchost.exe
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="8552.1.1577111263\1089491124" /prefetch:3
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8552.2.409371339\136233010" --supports-dual-gpus=false --skip-gpu-full-info-collection --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.723.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="8552.3.460155105\50926122" /prefetch:3
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="8552.4.1639351671\1723449351" /prefetch:3
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll" --lang=cs --channel="8552.5.1272119295\1570051536" /prefetch:4
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="8552.6.1802154985\1493231813" /prefetch:3
"C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/enabled/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_62/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="8552.7.2139030914\1013765104" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe92_ Global\UsGthrCtrlFltPipeMssGthrPipe92 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Andrejka a Tomáš\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3597021740-638433563-444320614-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3597021740-638433563-444320614-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3597021740-638433563-444320614-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3597021740-638433563-444320614-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-09 426736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-15 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-06-20 1519824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-15 157672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll [2010-02-16 2495488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-06-20 1519824]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - HyperCam Toolbar - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll [2010-02-16 2495488]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"39631"=C:\PROGRA~3\LOCALS~1\Temp\msqoqwm.com [2009-07-14 62976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Google Update"=C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-09 136176]
"Microsoft Windows Service"=C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe [2013-01-29 66560]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"City Interactive"=C:\Users\Andrejka a Tomáš\AppData\Roaming\159ACF\159ACF.exe [2010-11-20 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\"C:]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-06-20 1568976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-08-20 487562]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Andrejka a Tomáš\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-19 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-09 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launcher]
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2011-08-01 165184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet]
C:\Program Files\Dell\QuickSet\QuickSet.exe [2010-02-26 3177120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-23 10775072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-07 102400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-15 2095400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-11-09 296096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Andrejka a Tomáš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk]
C:\PROGRA~1\KOOPER~1\KoopPxBN\KOOPPD~1.EXE [2012-08-15 10300416]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-07-18 348664]
"TkBellExe"=c:\program files (x86)\real\realplayer\update\realsched.exe [2012-11-09 296096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"39631"=C:\PROGRA~3\LOCALS~1\Temp\msqoqwm.com [2009-07-14 62976]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Andrejka a Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Kooperativa - PDF Server.lnk - C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe"="C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe:*:Enabled:Microsoft Windows Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2013-01-30 17:41:17 ----D---- C:\rsit
2013-01-30 17:41:17 ----D---- C:\Program Files\trend micro
2013-01-29 18:31:53 ----D---- C:\ProgramData\Local Settings
2013-01-29 18:31:53 ----A---- C:\Users\Andrejka a Tomáš\AppData\Roaming\nMNtfaARw2l97e30p5ev.exe
2013-01-29 18:31:29 ----AH---- C:\Users\Andrejka a Tomáš\AppData\Roaming\winsvcns.sys
2013-01-23 21:45:24 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\Reallusion
2013-01-15 17:48:28 ----A---- C:\Windows\system32\mshtml.dll
2013-01-15 17:48:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-01-10 08:29:42 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-10 08:29:42 ----A---- C:\Windows\system32\win32spl.dll
2013-01-10 08:29:32 ----A---- C:\Windows\system32\msxml6.dll
2013-01-10 08:29:31 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-10 08:29:31 ----A---- C:\Windows\system32\msxml3.dll
2013-01-10 08:29:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-10 08:29:23 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-10 08:29:23 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-10 08:29:23 ----A---- C:\Windows\system32\Wpc.dll
2013-01-10 08:29:23 ----A---- C:\Windows\system32\gameux.dll
2013-01-10 08:29:13 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-10 08:29:13 ----A---- C:\Windows\system32\usp10.dll
2013-01-10 08:29:12 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-10 08:29:12 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-10 08:28:48 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-10 08:28:47 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-10 08:28:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-10 08:28:46 ----A---- C:\Windows\system32\wow64win.dll
2013-01-10 08:28:46 ----A---- C:\Windows\system32\kernel32.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:28:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-10 08:28:45 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\wow64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\winsrv.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\conhost.exe
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:28:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-10 08:28:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-10 08:28:43 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-10 08:28:28 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 08:28:27 ----A---- C:\Windows\system32\win32k.sys
2013-01-05 18:30:48 ----A---- C:\Windows\binkw32.dll
2013-01-05 17:44:59 ----D---- C:\Program Files\Infogrames Interactive
2013-01-05 17:32:57 ----D---- C:\Program Files (x86)\Firaxis
======List of files/folders modified in the last 1 months======
2013-01-30 17:41:20 ----D---- C:\Windows\Temp
2013-01-30 17:41:17 ----RD---- C:\Program Files
2013-01-30 17:41:10 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\Skype
2013-01-30 17:32:48 ----D---- C:\Windows\inf
2013-01-30 17:32:48 ----D---- C:\Windows\debug
2013-01-30 17:32:48 ----D---- C:\Windows
2013-01-30 17:23:04 ----D---- C:\Windows\system32\config
2013-01-30 17:20:12 ----D---- C:\Windows\System32
2013-01-30 17:20:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-29 20:16:33 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2013-01-29 19:40:41 ----SHD---- C:\System Volume Information
2013-01-29 18:34:31 ----SHD---- C:\Users\Andrejka a Tomáš\AppData\Roaming\159ACF
2013-01-29 18:31:53 ----HD---- C:\ProgramData
2013-01-29 17:42:05 ----D---- C:\Windows\Prefetch
2013-01-27 19:17:18 ----D---- C:\Windows\system32\Tasks
2013-01-24 12:20:00 ----D---- C:\Windows\Tasks
2013-01-23 21:45:24 ----D---- C:\ProgramData\Creative
2013-01-19 19:19:18 ----D---- C:\Windows\winsxs
2013-01-19 19:17:50 ----D---- C:\Windows\SysWOW64
2013-01-19 12:50:22 ----D---- C:\Windows\rescache
2013-01-16 17:36:04 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\SoftGrid Client
2013-01-15 19:53:26 ----D---- C:\Windows\Microsoft.NET
2013-01-15 19:52:49 ----RSD---- C:\Windows\assembly
2013-01-15 17:44:37 ----D---- C:\Windows\system32\catroot
2013-01-15 17:44:36 ----D---- C:\Windows\system32\catroot2
2013-01-14 22:11:42 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-01-14 22:11:41 ----D---- C:\Windows\system32\cs-CZ
2013-01-14 22:11:38 ----D---- C:\Windows\AppPatch
2013-01-12 09:55:16 ----SHD---- C:\Windows\Installer
2013-01-12 09:45:37 ----A---- C:\Windows\system32\MRT.exe
2013-01-05 18:34:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-05 17:32:57 ----RD---- C:\Program Files (x86)
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-07-18 132832]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-07-18 98848]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-06 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-06 195584]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-08 123408]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-03-23 3060800]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-23 2356000]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-15 319536]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-04 34872]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-08-02 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-08-02 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-08-02 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-08-02 33792]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-04-29 340520]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-04-29 102440]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-04-29 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-04-29 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-04-29 21544]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 QWARQNet;Qwarq Virtual Miniport; C:\Windows\system32\DRIVERS\QWARQNet.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\Windows\system32\DRIVERS\vwmfbus.sys [2009-11-11 127488]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfdiag.sys [2009-11-11 128512]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\Windows\system32\DRIVERS\vwmfmdfl.sys [2009-11-11 18944]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\Windows\system32\DRIVERS\vwmfmdm.sys [2009-11-11 161280]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfserd.sys [2009-11-11 128512]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-06 202752]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-07-18 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-07-18 465360]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-04-29 944928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-10 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Jeste tam neco mame 