Prosím o pomoc - keylogger v pc
Napsal: 31 črc 2013 01:00
Dobrý den, potřebuji pomoct! Vím jistě, že mám v pc nainstalovaný nějaký program na zaznamenávání klávesnice - přítel mě šmíroval a věděl, co kde píšu. Když jsem ve startu dala vyhledat keylogger, našlo mi to nějakou složku, ale když jsem na ni klikla, tak mi to napsalo, že bylo změněno umístění a složka ihned zmizela ! Teď už ji nemohu najít.. ale tu věc tam určitě pořád mám! Zkoušela jsem totiž sehnat program proti keyloggeru, ale jakmile jsem zadala ten název do prohlížeče, ihned mi to prohlížeč shodilo.. no a když jsem ten program přetáhla do pc z jiného pc, tak mi to ihned po spuštění instalace zase kleklo - něco to blokuje... Už jsem opravdu zoufalá a koukám, že by jste tu snad měli dokázat něco vyčíst z toho logu, tak prosím o jakoukoli radu 
Nejsem ale zrovna machr na pc, tak na mě musíte trochu pomalu:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Satellite at 2013-07-31 01:49:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 533 GB (75%) free of 715 GB
Total RAM: 3957 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:49:41, on 31.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files\trend micro\Satellite.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: uanuzjlvlipblq - Copyrighted © - c:\windows\SysWOW64\TQJVEB~1.EXE
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7274 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
c:\windows\SysWOW64\TQJVEB~1.EXE
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 35150576
\??\C:\Windows\system32\conhost.exe "163045534110512267542008084725-2045828057-893802114-222150429-1185422481662414564
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\Dwm.exe"
"c:\windows\fyktqnbwvx\tqjvebymhgi.exe"
"c:\windows\fyktqnbwvx\tqjvebymhgi.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-36822266-af6d-4a3d-9d68-3fd6e9a57642 -SystemEventPortName:HostProcess-adce5c3e-00c0-44d1-8533-1f4af1360da2 -IoCancelEventPortName:HostProcess-6d6653dd-f7e9-4b19-8d21-0e8d038b2ecf -NonStateChangingEventPortName:HostProcess-32e6403c-4baf-4497-9357-e0bf86816764 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:30285ee9-48e8-48e1-9f86-f159f1175b57 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"." "ydnquzjmqvfimrbeinxaej" "1208" "C:\Windows\System32\mstuncere64.dll"
\??\C:\Windows\system32\conhost.exe "-2120840506694112102016818935819010478795046471-799566416-134440944739859019
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=gpu-process --channel="5036.0.1522107730\1147856880" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0dec --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6669 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --enable-threaded-compositing --disable-html-notifications --channel="5036.2.1064744251\2078120104" /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --enable-threaded-compositing --disable-html-notifications --channel="5036.3.1247334931\353799230" /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --enable-threaded-compositing --disable-html-notifications --channel="5036.4.929794851\184594046" /prefetch:673131151
"C:\Program Files (x86)\Pidgin\pidgin.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --disable-html-notifications --channel="5036.5.1696961407\199838661" /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --lang=cs --channel="5036.6.990821515\5637105" /prefetch:-390060480
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --disable-html-notifications --channel="5036.18.1592204117\1887675915" /prefetch:673131151
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" -scan -tt_on
"taskhost.exe"
taskeng.exe {392AB787-7DC6-402D-B8BA-0BFE40699ABF}
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey ADA3C7E0-BE58-617D-3084-07EB979A2121 -Reinvoke
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Satellite\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-12 11775592]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-10 2186856]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 6330568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-07-31 01:30:50 ----A---- C:\autoexec.bat
2013-07-31 01:30:25 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2013-07-31 01:30:21 ----D---- C:\sh4ldr
2013-07-31 01:30:21 ----D---- C:\Program Files\Enigma Software Group
2013-07-31 01:29:43 ----D---- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-31 00:35:08 ----A---- C:\TDSSKiller.2.8.16.0_31.07.2013_00.35.08_log.txt
2013-07-31 00:33:46 ----D---- C:\rsit
2013-07-31 00:33:46 ----D---- C:\Program Files\trend micro
2013-07-30 09:38:04 ----D---- C:\Program Files (x86)\Winamp
2013-07-30 09:38:01 ----D---- C:\ProgramData\Last.fm
2013-07-30 09:37:16 ----D---- C:\Program Files (x86)\Last.fm
2013-07-28 13:29:12 ----AD---- C:\ProgramData\TEMP
2013-07-28 13:29:02 ----A---- C:\Windows\SYSWOW64\IJL_11.DLL
2013-07-28 13:22:23 ----D---- C:\Users\Satellite\AppData\Roaming\SysSoubory
2013-07-28 11:19:57 ----D---- C:\Program Files (x86)\DVDVideoSoft
2013-07-28 10:48:32 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-07-28 10:48:28 ----D---- C:\Users\Satellite\AppData\Roaming\DAEMON Tools Lite
2013-07-28 10:48:26 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-07-28 10:38:40 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-07-26 09:09:52 ----D---- C:\Program Files (x86)\ICQM
2013-07-11 00:32:47 ----D---- C:\Users\Satellite\AppData\Roaming\TuneUp Software
2013-07-11 00:32:35 ----D---- C:\ProgramData\TuneUp Software
2013-07-11 00:32:27 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-11 00:32:27 ----HD---- C:\ProgramData\Common Files
2013-07-10 23:19:46 ----D---- C:\ProgramData\Real
2013-07-10 23:19:39 ----D---- C:\Users\Satellite\AppData\Roaming\OpenCandy
2013-07-10 23:19:39 ----D---- C:\Users\Satellite\AppData\Roaming\DVDVideoSoft
2013-07-09 20:43:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-09 20:43:09 ----A---- C:\Windows\system32\ieui.dll
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-09 20:43:08 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\iesetup.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\iertutil.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\iernonce.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-09 20:43:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-09 20:43:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-09 20:43:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-09 20:43:07 ----A---- C:\Windows\system32\jscript.dll
2013-07-09 20:43:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-09 20:43:06 ----A---- C:\Windows\system32\jscript9.dll
2013-07-09 20:43:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-09 20:43:05 ----A---- C:\Windows\system32\urlmon.dll
2013-07-09 20:43:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-09 20:43:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-09 20:43:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-09 20:43:03 ----A---- C:\Windows\system32\wininet.dll
2013-07-09 20:43:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-09 20:43:01 ----A---- C:\Windows\system32\mshtml.dll
2013-07-09 20:43:01 ----A---- C:\Windows\system32\ieframe.dll
2013-07-09 20:42:59 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-09 20:28:34 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-09 20:28:34 ----A---- C:\Windows\system32\qedit.dll
2013-07-09 20:28:33 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-09 20:28:33 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-09 20:28:27 ----A---- C:\Windows\system32\win32k.sys
2013-07-09 20:28:19 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-09 20:28:19 ----A---- C:\Windows\system32\DWrite.dll
2013-07-02 13:16:01 ----D---- C:\ProgramData\McAfee
2013-07-02 13:15:32 ----D---- C:\Program Files (x86)\Adobe
2013-07-02 13:15:22 ----D---- C:\ProgramData\Adobe
======List of files/folders modified in the last 1 month======
2013-07-31 01:49:41 ----D---- C:\Windows\Temp
2013-07-31 01:48:16 ----D---- C:\Users\Satellite\AppData\Roaming\.purple
2013-07-31 01:30:29 ----SHD---- C:\Windows\Installer
2013-07-31 01:30:26 ----D---- C:\Windows\system32\Tasks
2013-07-31 01:30:26 ----D---- C:\Windows\system32\drivers
2013-07-31 01:30:22 ----SD---- C:\Users\Satellite\AppData\Roaming\Microsoft
2013-07-31 01:30:21 ----RD---- C:\Program Files
2013-07-31 01:30:11 ----D---- C:\Windows\Prefetch
2013-07-31 01:29:59 ----SHD---- C:\System Volume Information
2013-07-31 01:29:43 ----D---- C:\Windows
2013-07-31 01:29:40 ----D---- C:\Program Files (x86)\Common Files
2013-07-31 01:25:37 ----D---- C:\Windows\System32
2013-07-31 01:25:37 ----D---- C:\Windows\inf
2013-07-31 01:25:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-31 01:11:28 ----RD---- C:\Program Files (x86)
2013-07-31 01:06:44 ----SD---- C:\ProgramData\Microsoft
2013-07-31 00:55:23 ----D---- C:\Windows\Logs
2013-07-31 00:54:08 ----D---- C:\Z
2013-07-30 22:50:56 ----D---- C:\Windows\system32\config
2013-07-30 22:39:50 ----D---- C:\ProgramData\NVIDIA
2013-07-30 09:38:01 ----HD---- C:\ProgramData
2013-07-30 09:38:01 ----D---- C:\Program Files (x86)\Windows Media Player
2013-07-28 20:18:10 ----D---- C:\Users\Satellite\AppData\Roaming\uTorrent
2013-07-28 13:30:33 ----D---- C:\Windows\SysWOW64
2013-07-28 12:02:37 ----D---- C:\Users\Satellite\AppData\Roaming\vlc
2013-07-28 11:20:07 ----RSD---- C:\Windows\assembly
2013-07-28 10:59:42 ----D---- C:\ProgramData\Microsoft Help
2013-07-28 10:58:40 ----D---- C:\Windows\ShellNew
2013-07-28 10:58:37 ----A---- C:\Windows\win.ini
2013-07-28 10:48:33 ----D---- C:\Windows\system32\DriverStore
2013-07-28 10:48:33 ----D---- C:\Windows\system32\catroot
2013-07-23 10:00:03 ----D---- C:\Program Files (x86)\PokerStars
2013-07-21 13:29:19 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2013-07-21 13:29:19 ----A---- C:\Windows\system32\certsentry.dll
2013-07-21 13:29:12 ----D---- C:\Program Files (x86)\Comodo
2013-07-21 03:58:35 ----D---- C:\Windows\Panther
2013-07-21 03:58:35 ----D---- C:\Windows\debug
2013-07-11 18:45:09 ----D---- C:\Windows\system32\wdi
2013-07-11 01:06:45 ----D---- C:\Windows\Microsoft.NET
2013-07-09 23:02:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-09 21:52:47 ----D---- C:\Windows\winsxs
2013-07-09 21:51:48 ----D---- C:\Program Files\Windows Defender
2013-07-09 21:51:48 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-09 21:51:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-09 21:51:47 ----D---- C:\Program Files\Internet Explorer
2013-07-09 21:51:45 ----D---- C:\Program Files\Windows Journal
2013-07-09 20:44:09 ----A---- C:\Windows\system32\MRT.exe
2013-07-09 20:43:28 ----D---- C:\Windows\system32\catroot2
2013-07-02 13:16:33 ----D---- C:\Users\Satellite\AppData\Roaming\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-02-20 58416]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2013-01-03 652344]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2013-01-03 28216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 26968]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-28 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-20 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 59440]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 190232]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-05-24 2750464]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-13 2712680]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 292024]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2011-07-12 19904]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-03-21 1341664]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-01-16 993896]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-06-27 1025408]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-16 378984]
R2 uanuzjlvlipblq;uanuzjlvlipblq; c:\windows\SysWOW64\TQJVEB~1.EXE [2012-08-03 102400]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 198064]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-07-16 2095752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-09 257416]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-06-14 1255736]
-----------------EOF-----------------
Nejsem ale zrovna machr na pc, tak na mě musíte trochu pomalu:Logfile of random's system information tool 1.09 (written by random/random)
Run by Satellite at 2013-07-31 01:49:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 533 GB (75%) free of 715 GB
Total RAM: 3957 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:49:41, on 31.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files\trend micro\Satellite.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: uanuzjlvlipblq - Copyrighted © - c:\windows\SysWOW64\TQJVEB~1.EXE
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7274 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
c:\windows\SysWOW64\TQJVEB~1.EXE
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 35150576
\??\C:\Windows\system32\conhost.exe "163045534110512267542008084725-2045828057-893802114-222150429-1185422481662414564
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\Dwm.exe"
"c:\windows\fyktqnbwvx\tqjvebymhgi.exe"
"c:\windows\fyktqnbwvx\tqjvebymhgi.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-36822266-af6d-4a3d-9d68-3fd6e9a57642 -SystemEventPortName:HostProcess-adce5c3e-00c0-44d1-8533-1f4af1360da2 -IoCancelEventPortName:HostProcess-6d6653dd-f7e9-4b19-8d21-0e8d038b2ecf -NonStateChangingEventPortName:HostProcess-32e6403c-4baf-4497-9357-e0bf86816764 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:30285ee9-48e8-48e1-9f86-f159f1175b57 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"." "ydnquzjmqvfimrbeinxaej" "1208" "C:\Windows\System32\mstuncere64.dll"
\??\C:\Windows\system32\conhost.exe "-2120840506694112102016818935819010478795046471-799566416-134440944739859019
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=gpu-process --channel="5036.0.1522107730\1147856880" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0dec --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6669 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --enable-threaded-compositing --disable-html-notifications --channel="5036.2.1064744251\2078120104" /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --enable-threaded-compositing --disable-html-notifications --channel="5036.3.1247334931\353799230" /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --enable-threaded-compositing --disable-html-notifications --channel="5036.4.929794851\184594046" /prefetch:673131151
"C:\Program Files (x86)\Pidgin\pidgin.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --disable-html-notifications --channel="5036.5.1696961407\199838661" /prefetch:673131151
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --lang=cs --channel="5036.6.990821515\5637105" /prefetch:-390060480
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_89/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/ --enable-threaded-compositing --disable-html-notifications --channel="5036.18.1592204117\1887675915" /prefetch:673131151
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" -scan -tt_on
"taskhost.exe"
taskeng.exe {392AB787-7DC6-402D-B8BA-0BFE40699ABF}
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey ADA3C7E0-BE58-617D-3084-07EB979A2121 -Reinvoke
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Satellite\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-12 11775592]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-10 2186856]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 6330568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-07-31 01:30:50 ----A---- C:\autoexec.bat
2013-07-31 01:30:25 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2013-07-31 01:30:21 ----D---- C:\sh4ldr
2013-07-31 01:30:21 ----D---- C:\Program Files\Enigma Software Group
2013-07-31 01:29:43 ----D---- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-31 00:35:08 ----A---- C:\TDSSKiller.2.8.16.0_31.07.2013_00.35.08_log.txt
2013-07-31 00:33:46 ----D---- C:\rsit
2013-07-31 00:33:46 ----D---- C:\Program Files\trend micro
2013-07-30 09:38:04 ----D---- C:\Program Files (x86)\Winamp
2013-07-30 09:38:01 ----D---- C:\ProgramData\Last.fm
2013-07-30 09:37:16 ----D---- C:\Program Files (x86)\Last.fm
2013-07-28 13:29:12 ----AD---- C:\ProgramData\TEMP
2013-07-28 13:29:02 ----A---- C:\Windows\SYSWOW64\IJL_11.DLL
2013-07-28 13:22:23 ----D---- C:\Users\Satellite\AppData\Roaming\SysSoubory
2013-07-28 11:19:57 ----D---- C:\Program Files (x86)\DVDVideoSoft
2013-07-28 10:48:32 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-07-28 10:48:28 ----D---- C:\Users\Satellite\AppData\Roaming\DAEMON Tools Lite
2013-07-28 10:48:26 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-07-28 10:38:40 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-07-26 09:09:52 ----D---- C:\Program Files (x86)\ICQM
2013-07-11 00:32:47 ----D---- C:\Users\Satellite\AppData\Roaming\TuneUp Software
2013-07-11 00:32:35 ----D---- C:\ProgramData\TuneUp Software
2013-07-11 00:32:27 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-11 00:32:27 ----HD---- C:\ProgramData\Common Files
2013-07-10 23:19:46 ----D---- C:\ProgramData\Real
2013-07-10 23:19:39 ----D---- C:\Users\Satellite\AppData\Roaming\OpenCandy
2013-07-10 23:19:39 ----D---- C:\Users\Satellite\AppData\Roaming\DVDVideoSoft
2013-07-09 20:43:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-09 20:43:09 ----A---- C:\Windows\system32\ieui.dll
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-09 20:43:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-09 20:43:08 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\iesetup.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\iertutil.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\iernonce.dll
2013-07-09 20:43:08 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-09 20:43:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-09 20:43:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-09 20:43:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-09 20:43:07 ----A---- C:\Windows\system32\jscript.dll
2013-07-09 20:43:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-09 20:43:06 ----A---- C:\Windows\system32\jscript9.dll
2013-07-09 20:43:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-09 20:43:05 ----A---- C:\Windows\system32\urlmon.dll
2013-07-09 20:43:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-09 20:43:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-09 20:43:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-09 20:43:03 ----A---- C:\Windows\system32\wininet.dll
2013-07-09 20:43:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-09 20:43:01 ----A---- C:\Windows\system32\mshtml.dll
2013-07-09 20:43:01 ----A---- C:\Windows\system32\ieframe.dll
2013-07-09 20:42:59 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-09 20:28:34 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-09 20:28:34 ----A---- C:\Windows\system32\qedit.dll
2013-07-09 20:28:33 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-09 20:28:33 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-09 20:28:27 ----A---- C:\Windows\system32\win32k.sys
2013-07-09 20:28:19 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-09 20:28:19 ----A---- C:\Windows\system32\DWrite.dll
2013-07-02 13:16:01 ----D---- C:\ProgramData\McAfee
2013-07-02 13:15:32 ----D---- C:\Program Files (x86)\Adobe
2013-07-02 13:15:22 ----D---- C:\ProgramData\Adobe
======List of files/folders modified in the last 1 month======
2013-07-31 01:49:41 ----D---- C:\Windows\Temp
2013-07-31 01:48:16 ----D---- C:\Users\Satellite\AppData\Roaming\.purple
2013-07-31 01:30:29 ----SHD---- C:\Windows\Installer
2013-07-31 01:30:26 ----D---- C:\Windows\system32\Tasks
2013-07-31 01:30:26 ----D---- C:\Windows\system32\drivers
2013-07-31 01:30:22 ----SD---- C:\Users\Satellite\AppData\Roaming\Microsoft
2013-07-31 01:30:21 ----RD---- C:\Program Files
2013-07-31 01:30:11 ----D---- C:\Windows\Prefetch
2013-07-31 01:29:59 ----SHD---- C:\System Volume Information
2013-07-31 01:29:43 ----D---- C:\Windows
2013-07-31 01:29:40 ----D---- C:\Program Files (x86)\Common Files
2013-07-31 01:25:37 ----D---- C:\Windows\System32
2013-07-31 01:25:37 ----D---- C:\Windows\inf
2013-07-31 01:25:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-31 01:11:28 ----RD---- C:\Program Files (x86)
2013-07-31 01:06:44 ----SD---- C:\ProgramData\Microsoft
2013-07-31 00:55:23 ----D---- C:\Windows\Logs
2013-07-31 00:54:08 ----D---- C:\Z
2013-07-30 22:50:56 ----D---- C:\Windows\system32\config
2013-07-30 22:39:50 ----D---- C:\ProgramData\NVIDIA
2013-07-30 09:38:01 ----HD---- C:\ProgramData
2013-07-30 09:38:01 ----D---- C:\Program Files (x86)\Windows Media Player
2013-07-28 20:18:10 ----D---- C:\Users\Satellite\AppData\Roaming\uTorrent
2013-07-28 13:30:33 ----D---- C:\Windows\SysWOW64
2013-07-28 12:02:37 ----D---- C:\Users\Satellite\AppData\Roaming\vlc
2013-07-28 11:20:07 ----RSD---- C:\Windows\assembly
2013-07-28 10:59:42 ----D---- C:\ProgramData\Microsoft Help
2013-07-28 10:58:40 ----D---- C:\Windows\ShellNew
2013-07-28 10:58:37 ----A---- C:\Windows\win.ini
2013-07-28 10:48:33 ----D---- C:\Windows\system32\DriverStore
2013-07-28 10:48:33 ----D---- C:\Windows\system32\catroot
2013-07-23 10:00:03 ----D---- C:\Program Files (x86)\PokerStars
2013-07-21 13:29:19 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2013-07-21 13:29:19 ----A---- C:\Windows\system32\certsentry.dll
2013-07-21 13:29:12 ----D---- C:\Program Files (x86)\Comodo
2013-07-21 03:58:35 ----D---- C:\Windows\Panther
2013-07-21 03:58:35 ----D---- C:\Windows\debug
2013-07-11 18:45:09 ----D---- C:\Windows\system32\wdi
2013-07-11 01:06:45 ----D---- C:\Windows\Microsoft.NET
2013-07-09 23:02:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-09 21:52:47 ----D---- C:\Windows\winsxs
2013-07-09 21:51:48 ----D---- C:\Program Files\Windows Defender
2013-07-09 21:51:48 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-09 21:51:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-09 21:51:47 ----D---- C:\Program Files\Internet Explorer
2013-07-09 21:51:45 ----D---- C:\Program Files\Windows Journal
2013-07-09 20:44:09 ----A---- C:\Windows\system32\MRT.exe
2013-07-09 20:43:28 ----D---- C:\Windows\system32\catroot2
2013-07-02 13:16:33 ----D---- C:\Users\Satellite\AppData\Roaming\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-02-20 58416]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2013-01-03 652344]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2013-01-03 28216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 26968]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-28 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-20 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-01-10 59440]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-01-10 190232]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-05-24 2750464]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-13 2712680]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 292024]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2011-07-12 19904]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-03-21 1341664]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-01-16 993896]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-06-27 1025408]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-16 378984]
R2 uanuzjlvlipblq;uanuzjlvlipblq; c:\windows\SysWOW64\TQJVEB~1.EXE [2012-08-03 102400]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 198064]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-07-16 2095752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-09 257416]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-06-14 1255736]
-----------------EOF-----------------
Predpokladam, ze s pritelem je jiz konec 
Zase nekdy 
