Nálezy v MBAM
Napsal: 15 říj 2013 12:58
Prosím o radu k dalšímu kroku: provedl jsem scan mbar a MBAM (přikládám log, nevím zda můžu odstranit):
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org
Verze: v2013.10.15.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
BENESL :: M898 [administrátor]
Ochrana: Povolena
15.10.2013 13:05:28
MBAM-log-2013-10-15 (13-20-39).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 331720
Uplynulý čas: 10 minut, 51 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Nebyla provedena žádná instrukce.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Špatný: (http://search.conduit.com?SearchSource= ... =CT3298566) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
Nalezené složky: 6
C:\ProgramData\TheBflix (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\downloads (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy\9D539649FAE6435FB479758F5B19B104 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 17
C:\Users\benesl\Downloads\Express_Installer.exe (PUP.Optional.iBryte) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Local\Conduit\CT3072253\uTorrentControl2AutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SkywalkerSetup[2].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WSSetup[2].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WSSetup[5].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\HHW5ACX9\WSSetup[1].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\bhoclass.dl (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\ljbceobghndkodeejhkhhlbfkehapdpe.crx (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\profile.ini (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\runtime.dll (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy\9D539649FAE6435FB479758F5B19B104\PCSU_SL_3.1.2.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
(konec)
Pro úplnost přikládám ještě log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by BENESL at 2013-10-15 13:26:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 53 GB (35%) free of 152 GB
Total RAM: 1982 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:26:20, on 15.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Users\benesl\Downloads\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\BENESL.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3298566
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen] "C:\Windows\system32\Rundll32.exe" "C:\Program Files\Conduit\CT3298566\plugins\TBVerifier.dll",RunConduitFloatingPlugin fdkednngfjmpnljkolbapdednncafhen
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-876359995-2462572216-2444156064-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-876359995-2462572216-2444156064-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: EarthDesk.lnk = C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe
O4 - Global Startup: Microsoft Outlook 2010.lnk = ?
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Statistika součásti Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nkp.cz
O17 - HKLM\Software\..\Telephony: DomainName = nkp.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = nkp.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = nkp.cz
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: Kaspersky Lab Network Agent (klnagent) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3231.tmp
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_124a1a436c563c4c\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
--
End of file - 12899 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Product InstallerIdle.job
C:\Windows\tasks\TheBflixUpdaterTask{BEB734D7-953C-449B-92B5-018C485CAA3D}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 61&UM=2&q="
"quickprint@hp.com"=C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"=C:\Program Files\Web Assistant\Firefox
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\extensions\
{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\searchplugins\
askcom.xml
mixidj-v30-customized-web-search.xml
MyStart Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2013-05-02 241464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-24 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-24 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2013-05-02 696000]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2008-02-15 405504]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-02-03 3508624]
"HPUsageTrackingLEDM"=C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2012-04-18 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2013-09-16 295512]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-02-03 943504]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-03-14 21416]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2013-03-27 1098072]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-11-07 39408]
"ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen"=C:\Program Files\Conduit\CT3298566\plugins\TBVerifier.dll [1617-11-28 287008]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Users\benesl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EarthDesk.lnk - C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun_KL_notset"=1
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.dvsd"=pdvcodec.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-15 13:03:13 ----D---- C:\Users\benesl\AppData\Roaming\Malwarebytes
2013-10-15 13:02:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-10-15 13:02:34 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-10-15 12:25:30 ----D---- C:\ProgramData\Malwarebytes
2013-10-15 12:25:20 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 12:25:20 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2013-10-15 12:23:49 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-10-11 13:58:16 ----D---- C:\rsit
2013-10-11 13:58:16 ----D---- C:\Program Files\trend micro
2013-10-11 04:29:15 ----D---- C:\Windows\rescache
2013-10-11 03:16:52 ----SHD---- C:\Config.Msi
2013-10-11 03:14:05 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 03:14:05 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 03:14:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 03:14:04 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 03:14:03 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 03:14:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 03:14:01 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 03:13:59 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 03:13:58 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 03:13:55 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 00:46:41 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 00:46:40 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 00:46:40 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 00:46:40 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 00:46:37 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 00:46:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 00:46:36 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 00:46:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 00:46:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 00:46:28 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 00:46:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 00:46:28 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 00:46:28 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 00:46:26 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 00:46:21 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 00:46:15 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 00:45:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-11 00:45:23 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 02:37:22 ----D---- C:\Program Files\Mozilla Firefox
2013-10-07 14:20:20 ----D---- C:\ProgramData\Conduit
2013-10-07 13:54:37 ----D---- C:\Users\benesl\AppData\Roaming\Mirillis
2013-10-07 13:54:37 ----D---- C:\ProgramData\Mirillis
2013-10-07 13:51:17 ----D---- C:\Program Files\Mirillis
2013-10-04 12:41:39 ----A---- C:\Windows\system32\FAP51E5.tmp
2013-10-04 12:27:43 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-04 10:56:39 ----D---- C:\Program Files\Enigma Software Group
2013-10-04 10:54:34 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-09-27 12:53:18 ----D---- C:\Program Files\FDRLab
2013-09-20 08:46:49 ----D---- C:\Program Files\AntiTwin
2013-09-17 15:34:51 ----D---- C:\Program Files\DebugMode
2013-09-16 08:12:31 ----D---- C:\Program Files\RealNetworks
2013-09-16 08:12:30 ----D---- C:\ProgramData\RealNetworks
2013-09-16 08:11:14 ----D---- C:\Program Files\Common Files\xing shared
======List of files/folders modified in the last 1 month======
2013-10-15 13:26:20 ----D---- C:\Windows\Temp
2013-10-15 13:26:20 ----D---- C:\Windows\Prefetch
2013-10-15 13:15:22 ----D---- C:\Windows\system32\config
2013-10-15 13:04:42 ----D---- C:\Windows\system32\drivers
2013-10-15 13:02:34 ----RD---- C:\Program Files
2013-10-15 12:54:22 ----D---- C:\Windows\system32\Tasks
2013-10-15 12:54:17 ----D---- C:\Users\benesl\AppData\Roaming\Orbit
2013-10-15 12:52:52 ----D---- C:\ProgramData\Kaspersky Lab
2013-10-15 12:50:42 ----D---- C:\Windows
2013-10-15 12:50:16 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-15 12:50:13 ----D---- C:\Windows\addins
2013-10-15 12:50:13 ----D---- C:\ProgramData\TheBflix
2013-10-15 12:45:54 ----SHD---- C:\System Volume Information
2013-10-15 12:25:30 ----HD---- C:\ProgramData
2013-10-14 13:21:41 ----D---- C:\Windows\System32
2013-10-14 13:21:41 ----D---- C:\Windows\inf
2013-10-14 13:21:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-11 13:39:43 ----D---- C:\Windows\Panther
2013-10-11 13:39:43 ----D---- C:\Windows\debug
2013-10-11 13:07:54 ----D---- C:\Program Files\smartdl
2013-10-11 04:01:36 ----D---- C:\Windows\Microsoft.NET
2013-10-11 04:00:54 ----RSD---- C:\Windows\assembly
2013-10-11 03:53:59 ----D---- C:\Windows\winsxs
2013-10-11 03:52:14 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 03:49:24 ----D---- C:\Windows\system32\cs-CZ
2013-10-11 03:49:24 ----D---- C:\Program Files\Internet Explorer
2013-10-11 03:49:22 ----D---- C:\Windows\system32\DriverStore
2013-10-11 03:30:23 ----SHD---- C:\Windows\Installer
2013-10-11 03:30:16 ----D---- C:\ProgramData\Microsoft Help
2013-10-11 03:26:10 ----D---- C:\Windows\system32\MRT
2013-10-11 03:18:50 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 03:14:34 ----D---- C:\Windows\system32\catroot
2013-10-11 03:14:32 ----D---- C:\Windows\system32\catroot2
2013-10-09 11:05:15 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-07 14:19:54 ----D---- C:\Program Files\Conduit
2013-10-07 13:51:20 ----SD---- C:\Users\benesl\AppData\Roaming\Microsoft
2013-10-04 12:41:15 ----D---- C:\Program Files\CCleaner
2013-10-04 10:54:34 ----D---- C:\Program Files\Common Files
2013-09-24 12:46:55 ----D---- C:\Program Files\OpenApp
2013-09-19 13:42:46 ----D---- C:\downloads
2013-09-16 08:11:18 ----D---- C:\Program Files\Real
2013-09-16 08:11:10 ----D---- C:\ProgramData\Real
2013-09-16 08:11:05 ----A---- C:\Windows\system32\rmoc3260.dll
2013-09-16 08:10:52 ----A---- C:\Windows\system32\pndx5032.dll
2013-09-16 08:10:52 ----A---- C:\Windows\system32\pndx5016.dll
2013-09-16 08:10:48 ----A---- C:\Windows\system32\pncrt.dll
2013-09-16 08:10:36 ----A---- C:\Windows\system32\msvcr71.dll
2013-09-16 08:10:35 ----A---- C:\Windows\system32\msvcp71.dll
2013-09-16 08:03:23 ----D---- C:\Windows\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-11-14 43840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-11-12 126480]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-06-07 233560]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2011-06-07 22104]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-03-15 231760]
R2 aksfridge;Sentinel HASP Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2010-09-27 356864]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2009-12-09 588800]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys [2009-09-03 24848]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-10-15 40776]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2008-02-15 330752]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 9216]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2009-03-13 238208]
S3 akshhl;SafeNet Inc. Sentinel HASP Key; C:\Windows\system32\DRIVERS\akshhl.sys [2007-07-23 46336]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2009-06-22 16384]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-27 185688]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2010-09-27 4180576]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 247352]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 99896]
R2 klnagent;Kaspersky Lab Network Agent; C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe [2012-08-02 124632]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-03 1258856]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI3231.tmp [2012-05-21 163656]
R2 STacSV;SigmaTel Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_124a1a436c563c4c\STacSV.exe [2008-02-15 102400]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2009-12-07 1590216]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-07 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-07 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-15 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-01-16 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org
Verze: v2013.10.15.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
BENESL :: M898 [administrátor]
Ochrana: Povolena
15.10.2013 13:05:28
MBAM-log-2013-10-15 (13-20-39).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 331720
Uplynulý čas: 10 minut, 51 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} (PUP.Optional.RebateInformer.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Nebyla provedena žádná instrukce.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Špatný: (http://search.conduit.com?SearchSource= ... =CT3298566) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
Nalezené složky: 6
C:\ProgramData\TheBflix (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\downloads (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy\9D539649FAE6435FB479758F5B19B104 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 17
C:\Users\benesl\Downloads\Express_Installer.exe (PUP.Optional.iBryte) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Local\Conduit\CT3072253\uTorrentControl2AutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SkywalkerSetup[2].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WSSetup[2].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WSSetup[5].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\HHW5ACX9\WSSetup[1].exe (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\bhoclass.dl (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\ljbceobghndkodeejhkhhlbfkehapdpe.crx (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\profile.ini (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\runtime.dll (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Nebyla provedena žádná instrukce.
C:\Users\benesl\AppData\Roaming\OpenCandy\9D539649FAE6435FB479758F5B19B104\PCSU_SL_3.1.2.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
(konec)
Pro úplnost přikládám ještě log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by BENESL at 2013-10-15 13:26:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 53 GB (35%) free of 152 GB
Total RAM: 1982 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:26:20, on 15.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Users\benesl\Downloads\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\trend micro\BENESL.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3298566
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen] "C:\Windows\system32\Rundll32.exe" "C:\Program Files\Conduit\CT3298566\plugins\TBVerifier.dll",RunConduitFloatingPlugin fdkednngfjmpnljkolbapdednncafhen
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-876359995-2462572216-2444156064-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-876359995-2462572216-2444156064-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: EarthDesk.lnk = C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe
O4 - Global Startup: Microsoft Outlook 2010.lnk = ?
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Statistika součásti Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nkp.cz
O17 - HKLM\Software\..\Telephony: DomainName = nkp.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = nkp.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = nkp.cz
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: Kaspersky Lab Network Agent (klnagent) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI3231.tmp
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_124a1a436c563c4c\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
--
End of file - 12899 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Product InstallerIdle.job
C:\Windows\tasks\TheBflixUpdaterTask{BEB734D7-953C-449B-92B5-018C485CAA3D}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 61&UM=2&q="
"quickprint@hp.com"=C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"=C:\Program Files\Web Assistant\Firefox
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\extensions\
{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
C:\Users\benesl\AppData\Roaming\Mozilla\Firefox\Profiles\c2kvhy0v.default\searchplugins\
askcom.xml
mixidj-v30-customized-web-search.xml
MyStart Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2013-05-02 241464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-24 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-24 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2013-05-02 696000]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2008-02-15 405504]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-02-03 3508624]
"HPUsageTrackingLEDM"=C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2012-04-18 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2013-09-16 295512]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-02-03 943504]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-03-14 21416]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2013-03-27 1098072]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-11-07 39408]
"ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen"=C:\Program Files\Conduit\CT3298566\plugins\TBVerifier.dll [1617-11-28 287008]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Users\benesl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EarthDesk.lnk - C:\Program Files\XericDesign\EarthDesk\EarthDesk.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun_KL_notset"=1
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.dvsd"=pdvcodec.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-15 13:03:13 ----D---- C:\Users\benesl\AppData\Roaming\Malwarebytes
2013-10-15 13:02:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-10-15 13:02:34 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-10-15 12:25:30 ----D---- C:\ProgramData\Malwarebytes
2013-10-15 12:25:20 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 12:25:20 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2013-10-15 12:23:49 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2013-10-11 13:58:16 ----D---- C:\rsit
2013-10-11 13:58:16 ----D---- C:\Program Files\trend micro
2013-10-11 04:29:15 ----D---- C:\Windows\rescache
2013-10-11 03:16:52 ----SHD---- C:\Config.Msi
2013-10-11 03:14:05 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 03:14:05 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 03:14:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 03:14:04 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 03:14:03 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 03:14:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 03:14:02 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 03:14:01 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 03:13:59 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 03:13:58 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 03:13:55 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 00:46:41 ----A---- C:\Windows\system32\comctl32.dll
2013-10-11 00:46:40 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-11 00:46:40 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-11 00:46:40 ----A---- C:\Windows\system32\davclnt.dll
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-11 00:46:39 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-11 00:46:37 ----A---- C:\Windows\system32\mswsock.dll
2013-10-11 00:46:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-11 00:46:36 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-11 00:46:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-11 00:46:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-11 00:46:28 ----A---- C:\Windows\system32\tdh.dll
2013-10-11 00:46:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-11 00:46:28 ----A---- C:\Windows\system32\ntdll.dll
2013-10-11 00:46:28 ----A---- C:\Windows\system32\advapi32.dll
2013-10-11 00:46:26 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\lpk.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\fontsub.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\dciman32.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\atmlib.dll
2013-10-11 00:46:24 ----A---- C:\Windows\system32\atmfd.dll
2013-10-11 00:46:21 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-11 00:46:15 ----A---- C:\Windows\system32\win32k.sys
2013-10-11 00:45:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-11 00:45:23 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 02:37:22 ----D---- C:\Program Files\Mozilla Firefox
2013-10-07 14:20:20 ----D---- C:\ProgramData\Conduit
2013-10-07 13:54:37 ----D---- C:\Users\benesl\AppData\Roaming\Mirillis
2013-10-07 13:54:37 ----D---- C:\ProgramData\Mirillis
2013-10-07 13:51:17 ----D---- C:\Program Files\Mirillis
2013-10-04 12:41:39 ----A---- C:\Windows\system32\FAP51E5.tmp
2013-10-04 12:27:43 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-10-04 10:56:39 ----D---- C:\Program Files\Enigma Software Group
2013-10-04 10:54:34 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-09-27 12:53:18 ----D---- C:\Program Files\FDRLab
2013-09-20 08:46:49 ----D---- C:\Program Files\AntiTwin
2013-09-17 15:34:51 ----D---- C:\Program Files\DebugMode
2013-09-16 08:12:31 ----D---- C:\Program Files\RealNetworks
2013-09-16 08:12:30 ----D---- C:\ProgramData\RealNetworks
2013-09-16 08:11:14 ----D---- C:\Program Files\Common Files\xing shared
======List of files/folders modified in the last 1 month======
2013-10-15 13:26:20 ----D---- C:\Windows\Temp
2013-10-15 13:26:20 ----D---- C:\Windows\Prefetch
2013-10-15 13:15:22 ----D---- C:\Windows\system32\config
2013-10-15 13:04:42 ----D---- C:\Windows\system32\drivers
2013-10-15 13:02:34 ----RD---- C:\Program Files
2013-10-15 12:54:22 ----D---- C:\Windows\system32\Tasks
2013-10-15 12:54:17 ----D---- C:\Users\benesl\AppData\Roaming\Orbit
2013-10-15 12:52:52 ----D---- C:\ProgramData\Kaspersky Lab
2013-10-15 12:50:42 ----D---- C:\Windows
2013-10-15 12:50:16 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-15 12:50:13 ----D---- C:\Windows\addins
2013-10-15 12:50:13 ----D---- C:\ProgramData\TheBflix
2013-10-15 12:45:54 ----SHD---- C:\System Volume Information
2013-10-15 12:25:30 ----HD---- C:\ProgramData
2013-10-14 13:21:41 ----D---- C:\Windows\System32
2013-10-14 13:21:41 ----D---- C:\Windows\inf
2013-10-14 13:21:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-11 13:39:43 ----D---- C:\Windows\Panther
2013-10-11 13:39:43 ----D---- C:\Windows\debug
2013-10-11 13:07:54 ----D---- C:\Program Files\smartdl
2013-10-11 04:01:36 ----D---- C:\Windows\Microsoft.NET
2013-10-11 04:00:54 ----RSD---- C:\Windows\assembly
2013-10-11 03:53:59 ----D---- C:\Windows\winsxs
2013-10-11 03:52:14 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 03:49:24 ----D---- C:\Windows\system32\cs-CZ
2013-10-11 03:49:24 ----D---- C:\Program Files\Internet Explorer
2013-10-11 03:49:22 ----D---- C:\Windows\system32\DriverStore
2013-10-11 03:30:23 ----SHD---- C:\Windows\Installer
2013-10-11 03:30:16 ----D---- C:\ProgramData\Microsoft Help
2013-10-11 03:26:10 ----D---- C:\Windows\system32\MRT
2013-10-11 03:18:50 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 03:14:34 ----D---- C:\Windows\system32\catroot
2013-10-11 03:14:32 ----D---- C:\Windows\system32\catroot2
2013-10-09 11:05:15 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-07 14:19:54 ----D---- C:\Program Files\Conduit
2013-10-07 13:51:20 ----SD---- C:\Users\benesl\AppData\Roaming\Microsoft
2013-10-04 12:41:15 ----D---- C:\Program Files\CCleaner
2013-10-04 10:54:34 ----D---- C:\Program Files\Common Files
2013-09-24 12:46:55 ----D---- C:\Program Files\OpenApp
2013-09-19 13:42:46 ----D---- C:\downloads
2013-09-16 08:11:18 ----D---- C:\Program Files\Real
2013-09-16 08:11:10 ----D---- C:\ProgramData\Real
2013-09-16 08:11:05 ----A---- C:\Windows\system32\rmoc3260.dll
2013-09-16 08:10:52 ----A---- C:\Windows\system32\pndx5032.dll
2013-09-16 08:10:52 ----A---- C:\Windows\system32\pndx5016.dll
2013-09-16 08:10:48 ----A---- C:\Windows\system32\pncrt.dll
2013-09-16 08:10:36 ----A---- C:\Windows\system32\msvcr71.dll
2013-09-16 08:10:35 ----A---- C:\Windows\system32\msvcp71.dll
2013-09-16 08:03:23 ----D---- C:\Windows\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-11-14 43840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-11-12 126480]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-06-07 233560]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2011-06-07 22104]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-03-15 231760]
R2 aksfridge;Sentinel HASP Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2010-09-27 356864]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2009-12-09 588800]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys [2009-09-03 24848]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-10-15 40776]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2008-02-15 330752]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 9216]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2009-03-13 238208]
S3 akshhl;SafeNet Inc. Sentinel HASP Key; C:\Windows\system32\DRIVERS\akshhl.sys [2007-07-23 46336]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2009-06-22 16384]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-27 185688]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2010-09-27 4180576]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 247352]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 99896]
R2 klnagent;Kaspersky Lab Network Agent; C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe [2012-08-02 124632]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-03 1258856]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI3231.tmp [2012-05-21 163656]
R2 STacSV;SigmaTel Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_124a1a436c563c4c\STacSV.exe [2008-02-15 102400]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2009-12-07 1590216]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-07 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-07 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-15 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-01-16 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Jen se zeptam, jedna se o domaci PC nebo nejake pracovni\firemni 
