Občas mi nenaskočí při startu OS Avast a Comodo Firewall, jinak jsem si jiných problémů nevšiml.
Logfile of random's system information tool 1.09 (written by random/random)
Run by freekarol at 2013-02-18 20:43:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 56 GB (9%) free of 590 GB
Total RAM: 3552 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:38, on 18.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe
C:\Users\Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastUI.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\File Management\searchers\Everything-1.2.1.371\Everything-1.2.1.371.exe
C:\Program Files\trend micro\freekarol.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: PXCIEaddin5 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\MY PROGRAM FILES\Security\Antivir\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ASuite] C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_149_Plugin.exe -update plugin
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [SandboxieControl] "C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe" (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [RESTART_STICKY_NOTES] C:\windows\system32\StikyNot.exe (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [Facebook Update] "C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: asuite.exe – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: AutorunsDisabled (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: Facebook Messenger.lnk = Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: procexp64 – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: Rizone Memory Booster.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: asuite.exe – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: AutorunsDisabled (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: Facebook Messenger.lnk = Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: procexp64 – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: Rizone Memory Booster.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe (User 'Karol')
O4 - Startup: Rizone Memory Booster.lnk = ?
O4 - Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe
O8 - Extra context menu item: Download current page with FreshWebSuction - file://C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\FreshWebmaster\FreshWebSuction\obiectx_all.htm
O8 - Extra context menu item: Download using FreshWebSuction - file://C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\FreshWebmaster\FreshWebSuction\obiectx.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MYPROG~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MYPROG~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s Mipony - file://C:\Program Files (x86)\MY PROGRAM FILES (x86)\Downloaders\MiPony\Browser\IEContext.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll C:\windows\SysWOW64\guard32.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Programs Manager Service (CPMService) - Unknown owner - C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
--
End of file - 15094 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe"
winlogon.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
atieclxx
C:\windows\system32\Hpservice.exe
"C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe"
C:\windows\system32\vcsFPService.exe
"C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 26716704
\??\C:\windows\system32\conhost.exe "-863816670814510787-768208675-872595195-513377295-6109123831344586769-648274618
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3876
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\windows\system32\StikyNot.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\sppsvc.exe
"C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe"
"C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Users\Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe"
"C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastUI.exe" /nogui
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe"
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe" /smin
"C:\Windows\System32\taskmgr.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\File Management\searchers\Everything-1.2.1.371\Everything-1.2.1.371.exe"
"C:\Users\freekarol\My Software\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2722712566-590643248-4265252878-1002Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2722712566-590643248-4265252878-1002UA.job
C:\windows\tasks\update-S-1-5-21-2722712566-590643248-4265252878-1001.job
C:\windows\tasks\update-sys.job
=========Mozilla firefox=========
ProfilePath - C:\Users\freekarol\AppData\Roaming\Mozilla\Firefox\Profiles\wh6tcftn.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\MY PROGRAM FILES (X86)\DOCS\FOXIT READER\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\MY PROGRAM FILES (x86)\Codecs\Real Alternative\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files (x86)\MY PROGRAM FILES (x86)\Codecs\Real Alternative\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\LSNPAPI]
"Description"=
"Path"=C:\Program Files (x86)\nplightshot\3.2.0.0\npLightshot.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\MY PROGRAM FILES\Security\Antivir\aswWebRepIE64.dll [2012-07-03 1387952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll [2012-05-14 987928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}]
PDFXChange 2012 - C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2012-05-07 418912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-02 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-02 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}]
WinToFlash Suggestor - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll [2012-05-25 281424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll [2012-05-14 863512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-16 2828072]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-05-10 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-05-10 379552]
"COMODO Internet Security"=C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-11 1128448]
"BCSSync"=C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\BCSSync.exe [2010-01-21 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe [2012-06-17 694032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_149_Plugin.exe [2013-02-10 699248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DjVu Printer Pilot virtual printer agent]
C:\Program Files\MY PROGRAM FILES\DjVu Printer Pilot\djvpagent.exe [2010-11-12 116736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-09 12277248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\windows\system32\Macromed\Flash\FlashUtil64_11_5_502_110_Plugin.exe -update plugin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Users\freekarol\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-21 169528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamgui.exe [2012-12-14 512360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManicTime]
C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\ManicTime\ManicTime.exe [2012-10-24 249688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\PROGRA~2\MYPROG~1\IMS~1\Yahoo\Messenger\YahooMessenger.exe -quiet []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-05-24 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\MSOSYNC.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-04-22 658424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KillSkypeHome.lnk]
C:\Users\freekarol\Downloads\KillSkypeHome.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~2\MYPROG~1\VIRTUA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MultiSkypeLauncher.lnk]
C:\PROGRA~2\MYPROG~1\IMS~1\MULTIS~1\MULTIS~1.EXE [2011-06-13 114176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\ONENOTEM.EXE [2010-01-21 243072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-05-14 318520]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]
"avast"=C:\Program Files\MY PROGRAM FILES\Security\Antivir\avastUI.exe [2012-07-03 4273976]
"ASuite"=C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe [2008-05-24 504320]
C:\Users\freekarol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rizone Memory Booster.lnk - C:\Users\Karol\Software\Portable Programs\32\Údržba\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe
taskmgr – zástupce.lnk - C:\Windows\System32\taskmgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll C:\windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-04-14 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-02-14 02:57:26 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-02-14 02:57:26 ----A---- C:\windows\system32\mshtmled.dll
2013-02-14 02:57:24 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-02-14 02:57:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-02-14 02:57:23 ----A---- C:\windows\system32\ieui.dll
2013-02-14 02:57:22 ----A---- C:\windows\SYSWOW64\url.dll
2013-02-14 02:57:22 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-02-14 02:57:22 ----A---- C:\windows\system32\ieUnatt.exe
2013-02-14 02:57:21 ----A---- C:\windows\system32\url.dll
2013-02-14 02:57:19 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-02-14 02:57:19 ----A---- C:\windows\system32\urlmon.dll
2013-02-14 02:57:17 ----A---- C:\windows\system32\jscript9.dll
2013-02-14 02:57:16 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-02-14 02:57:16 ----A---- C:\windows\system32\msfeeds.dll
2013-02-14 02:57:14 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-02-14 02:57:12 ----A---- C:\windows\system32\wininet.dll
2013-02-14 02:57:11 ----A---- C:\windows\system32\jsproxy.dll
2013-02-14 02:57:10 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-02-14 02:57:10 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-02-14 02:57:09 ----A---- C:\windows\system32\vbscript.dll
2013-02-14 02:57:08 ----A---- C:\windows\system32\jscript.dll
2013-02-14 02:57:08 ----A---- C:\windows\system32\iertutil.dll
2013-02-14 02:57:07 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-02-14 02:57:04 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-02-14 02:56:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-02-14 02:56:54 ----A---- C:\windows\system32\mshtml.dll
2013-02-14 02:56:52 ----A---- C:\windows\system32\ieframe.dll
2013-02-14 02:56:50 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-02-13 21:43:47 ----A---- C:\windows\system32\ntoskrnl.exe
2013-02-13 21:43:46 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-02-13 21:43:44 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-02-13 21:43:29 ----A---- C:\windows\system32\win32k.sys
2013-02-13 21:43:24 ----A---- C:\windows\system32\winsrv.dll
2013-02-13 21:43:23 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-02-13 21:43:23 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-02-13 21:43:22 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-02-13 21:43:21 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-02-13 21:43:10 ----A---- C:\windows\SYSWOW64\user.exe
2013-02-13 21:43:08 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-02-13 21:43:06 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 16:00:45 ----D---- C:\Program Files (x86)\WebReader
2013-02-13 15:55:33 ----D---- C:\Program Files (x86)\Desktop Google Reader
2013-02-13 15:51:13 ----D---- C:\Program Files (x86)\Readefine
2013-02-11 16:01:45 ----D---- C:\Users\freekarol\AppData\Roaming\SpeedProject
2013-02-11 16:01:37 ----D---- C:\Program Files\SpeedProject
2013-02-07 19:25:00 ----D---- C:\rsit
2013-02-06 13:43:38 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-05 21:43:49 ----D---- C:\Users\freekarol\AppData\Roaming\Ashampoo
2013-02-02 23:28:50 ----A---- C:\windows\SYSWOW64\javaws.exe
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\javaw.exe
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\java.exe
2013-02-02 23:27:29 ----D---- C:\Program Files (x86)\Java
2013-02-01 12:27:56 ----D---- C:\Users\freekarol\AppData\Roaming\Maxthon3
2013-01-29 20:33:56 ----D---- C:\Program Files (x86)\Anki
2013-01-29 19:41:46 ----D---- C:\Program Files\MediaInfo
2013-01-29 15:03:46 ----D---- C:\FFOutput
2013-01-29 15:02:22 ----D---- C:\Program Files (x86)\FreeTime
2013-01-29 14:47:40 ----D---- C:\Program Files\Avidemux 2.6
2013-01-20 11:55:01 ----D---- C:\Program Files (x86)\Portable
2013-01-19 14:36:01 ----D---- C:\ProgramData\vTFind
======List of files/folders modified in the last 1 month======
2013-02-18 20:43:35 ----D---- C:\Program Files\trend micro
2013-02-18 20:38:46 ----D---- C:\windows\temp
2013-02-18 20:37:04 ----D---- C:\Windows
2013-02-18 20:36:44 ----D---- C:\windows\system32\config
2013-02-18 20:31:36 ----D---- C:\windows\Prefetch
2013-02-18 20:26:30 ----D---- C:\windows\system32\catroot2
2013-02-14 23:17:29 ----D---- C:\ProgramData
2013-02-14 14:30:01 ----RSD---- C:\windows\assembly
2013-02-14 14:30:01 ----D---- C:\windows\Microsoft.NET
2013-02-14 03:20:19 ----D---- C:\windows\winsxs
2013-02-14 03:15:28 ----D---- C:\windows\SysWOW64
2013-02-14 03:15:28 ----D---- C:\windows\System32
2013-02-14 03:15:26 ----D---- C:\windows\AppPatch
2013-02-14 03:15:24 ----D---- C:\windows\SYSWOW64\migration
2013-02-14 03:15:24 ----D---- C:\windows\system32\drivers
2013-02-14 03:15:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-14 03:15:23 ----D---- C:\windows\system32\migration
2013-02-14 03:15:22 ----D---- C:\Program Files\Internet Explorer
2013-02-14 03:08:10 ----D---- C:\windows\debug
2013-02-14 03:08:06 ----A---- C:\windows\system32\MRT.exe
2013-02-14 03:07:57 ----SHD---- C:\windows\Installer
2013-02-14 03:07:57 ----D---- C:\Config.Msi
2013-02-14 03:07:54 ----D---- C:\ProgramData\Microsoft Help
2013-02-14 03:03:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-02-14 03:03:46 ----D---- C:\windows\inf
2013-02-14 03:00:24 ----D---- C:\windows\system32\catroot
2013-02-14 02:58:15 ----SHD---- C:\System Volume Information
2013-02-13 16:00:45 ----D---- C:\Program Files (x86)
2013-02-13 15:51:09 ----D---- C:\Users\freekarol\AppData\Roaming\Adobe
2013-02-12 19:32:31 ----D---- C:\windows\SYSWOW64\Adobe
2013-02-11 16:01:37 ----RD---- C:\Program Files
2013-02-10 10:22:36 ----D---- C:\windows\Tasks
2013-02-10 10:22:36 ----D---- C:\windows\system32\Tasks
2013-02-10 10:22:25 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-02-08 20:34:34 ----D---- C:\Program Files\Opera x64
2013-02-08 20:34:34 ----D---- C:\Program Files (x86)\Opera x64
2013-02-07 19:18:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-02 23:27:35 ----A---- C:\windows\SYSWOW64\npDeployJava1.dll
2013-02-02 23:27:35 ----A---- C:\windows\SYSWOW64\deployJava1.dll
2013-01-30 11:13:36 ----D---- C:\windows\Minidump
2013-01-30 11:10:04 ----RD---- C:\Program Files (x86)\Skype
2013-01-30 11:10:01 ----D---- C:\ProgramData\Skype
2013-01-30 11:07:08 ----D---- C:\Program Files\Common Files
2013-01-25 14:55:30 ----AD---- C:\ProgramData\TEMP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
R0 cumon;cumon; C:\windows\system32\drivers\cumon.sys [2011-09-05 205512]
R0 Evdd;evdd; C:\windows\system32\drivers\evdd.sys [2011-09-05 19568]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-05 30008]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-05-24 158280]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2012-07-03 54072]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-07-03 958400]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-07-03 355856]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-07-03 59728]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 ElRawDisk;ElRawDisk; \??\C:\windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASKUTIL64.SYS [2011-07-12 12368]
R1 VBoxDrv;VirtualBox Service; C:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-07-03 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-05 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-25 10207744]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-25 317952]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-22 2727424]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-10 29344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-03-08 174680]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieDrv.sys [2012-06-17 166576]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-04-04 2614520]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-05-11 523264]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 166232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 vmci;VMware VMCI Bus Driver; C:\windows\system32\DRIVERS\vmci.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-10 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-10 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-10 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-10 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-10 154272]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-10 281760]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-12-07 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\windows\system32\DRIVERS\vmnetadapter.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-25 204288]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-10 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-05-10 80032]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe [2012-07-03 44808]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 CPMService;COMODO Programs Manager Service; C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe [2011-09-05 116032]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-05-19 485712]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-22 103992]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-05-14 317496]
R2 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-05-22 818232]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-05 30520]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 SbieSvc;Sandboxie Service; C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe [2012-06-17 98576]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-11 301056]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-10 464440]
S3 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
S3 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-06 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S4 !SASCORE;SAS Core Service; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASCORE64.EXE [2012-07-11 140672]
S4 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-10 194032]
S4 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-03-18 132152]
S4 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-09 320512]
S4 MBAMService;MBAMService; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-05-24 1318912]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
S4 MsgPlusService;Messenger Plus! Service; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-07-25 119808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-04-22 1128952]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Users\Karol\AppData\Local\Facebook\Update
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2722712566-590643248-4265252878-1002Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2722712566-590643248-4265252878-1002UA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Provedeno, tady je ten log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by freekarol at 2013-02-20 10:59:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 114 GB (19%) free of 590 GB
Total RAM: 3552 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:59:45, on 20.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe
C:\Users\Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastUI.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\File Management\searchers\Everything-1.2.1.371\Everything-1.2.1.371.exe
C:\Program Files\trend micro\freekarol.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PXCIEaddin5 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\MY PROGRAM FILES\Security\Antivir\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ASuite] C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [SandboxieControl] "C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe" (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [Facebook Update] "C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: asuite.exe – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: AutorunsDisabled (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: Facebook Messenger.lnk = Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: procexp64 – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: Rizone Memory Booster.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: asuite.exe – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: AutorunsDisabled (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: Facebook Messenger.lnk = Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: procexp64 – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: Rizone Memory Booster.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe (User 'Karol')
O4 - Startup: Rizone Memory Booster.lnk = ?
O4 - Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe
O8 - Extra context menu item: Download current page with FreshWebSuction - file://C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\FreshWebmaster\FreshWebSuction\obiectx_all.htm
O8 - Extra context menu item: Download using FreshWebSuction - file://C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\FreshWebmaster\FreshWebSuction\obiectx.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MYPROG~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MYPROG~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s Mipony - file://C:\Program Files (x86)\MY PROGRAM FILES (x86)\Downloaders\MiPony\Browser\IEContext.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll C:\windows\SysWOW64\guard32.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Programs Manager Service (CPMService) - Unknown owner - C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
--
End of file - 14848 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
"C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe"
C:\windows\system32\vcsFPService.exe
"C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 30252256
\??\C:\windows\system32\conhost.exe "-142968200452073239-362503544-1470414881570346983-73063299-638096995-1203065619
C:\windows\System32\spoolsv.exe
taskeng.exe {15E99CC7-3D10-4CBD-B7E5-D98BDA5E5344}
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3488
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
"C:\windows\system32\Dwm.exe"
"taskhost.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Users\Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe"
"C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastUI.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe"
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe" /smin
"C:\Windows\System32\taskmgr.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\File Management\searchers\Everything-1.2.1.371\Everything-1.2.1.371.exe"
"C:\windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Users\freekarol\My Software\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\update-S-1-5-21-2722712566-590643248-4265252878-1001.job
C:\windows\tasks\update-sys.job
=========Mozilla firefox=========
ProfilePath - C:\Users\freekarol\AppData\Roaming\Mozilla\Firefox\Profiles\wh6tcftn.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.168 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\MY PROGRAM FILES (X86)\DOCS\FOXIT READER\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\MY PROGRAM FILES (x86)\Codecs\Real Alternative\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files (x86)\MY PROGRAM FILES (x86)\Codecs\Real Alternative\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\LSNPAPI]
"Description"=
"Path"=C:\Program Files (x86)\nplightshot\3.2.0.0\npLightshot.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.168 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\MY PROGRAM FILES\Security\Antivir\aswWebRepIE64.dll [2012-07-03 1387952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll [2012-05-14 987928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}]
PDFXChange 2012 - C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2012-05-07 418912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-02 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-02 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}]
WinToFlash Suggestor - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll [2012-05-25 281424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll [2012-05-14 863512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-16 2828072]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-05-10 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-05-10 379552]
"COMODO Internet Security"=C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-11 1128448]
"BCSSync"=C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\BCSSync.exe [2010-01-21 112512]
"AutoKMS"=C:\windows\AutoKMS.exe [2013-01-21 615936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe [2012-06-17 694032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DjVu Printer Pilot virtual printer agent]
C:\Program Files\MY PROGRAM FILES\DjVu Printer Pilot\djvpagent.exe [2010-11-12 116736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-09 12277248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\windows\system32\Macromed\Flash\FlashUtil64_11_5_502_110_Plugin.exe -update plugin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Users\freekarol\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-21 169528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamgui.exe [2012-12-14 512360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManicTime]
C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\ManicTime\ManicTime.exe [2012-10-24 249688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\PROGRA~2\MYPROG~1\IMS~1\Yahoo\Messenger\YahooMessenger.exe -quiet []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-05-24 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\MSOSYNC.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-04-22 658424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KillSkypeHome.lnk]
C:\Users\freekarol\Downloads\KillSkypeHome.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~2\MYPROG~1\VIRTUA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MultiSkypeLauncher.lnk]
C:\PROGRA~2\MYPROG~1\IMS~1\MULTIS~1\MULTIS~1.EXE [2011-06-13 114176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\ONENOTEM.EXE [2010-01-21 243072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-05-14 318520]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]
"avast"=C:\Program Files\MY PROGRAM FILES\Security\Antivir\avastUI.exe [2012-07-03 4273976]
"ASuite"=C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe [2008-05-24 504320]
C:\Users\freekarol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rizone Memory Booster.lnk - C:\Users\Karol\Software\Portable Programs\32\Údržba\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe
taskmgr – zástupce.lnk - C:\Windows\System32\taskmgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll C:\windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-04-14 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-02-20 10:42:48 ----D---- C:\_OTM
2013-02-19 23:21:38 ----D---- C:\Users\freekarol\AppData\Roaming\SPlayer
2013-02-19 22:01:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-14 02:57:26 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-02-14 02:57:26 ----A---- C:\windows\system32\mshtmled.dll
2013-02-14 02:57:24 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-02-14 02:57:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-02-14 02:57:23 ----A---- C:\windows\system32\ieui.dll
2013-02-14 02:57:22 ----A---- C:\windows\SYSWOW64\url.dll
2013-02-14 02:57:22 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-02-14 02:57:22 ----A---- C:\windows\system32\ieUnatt.exe
2013-02-14 02:57:21 ----A---- C:\windows\system32\url.dll
2013-02-14 02:57:19 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-02-14 02:57:19 ----A---- C:\windows\system32\urlmon.dll
2013-02-14 02:57:17 ----A---- C:\windows\system32\jscript9.dll
2013-02-14 02:57:16 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-02-14 02:57:16 ----A---- C:\windows\system32\msfeeds.dll
2013-02-14 02:57:14 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-02-14 02:57:12 ----A---- C:\windows\system32\wininet.dll
2013-02-14 02:57:11 ----A---- C:\windows\system32\jsproxy.dll
2013-02-14 02:57:10 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-02-14 02:57:10 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-02-14 02:57:09 ----A---- C:\windows\system32\vbscript.dll
2013-02-14 02:57:08 ----A---- C:\windows\system32\jscript.dll
2013-02-14 02:57:08 ----A---- C:\windows\system32\iertutil.dll
2013-02-14 02:57:07 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-02-14 02:57:04 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-02-14 02:56:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-02-14 02:56:54 ----A---- C:\windows\system32\mshtml.dll
2013-02-14 02:56:52 ----A---- C:\windows\system32\ieframe.dll
2013-02-14 02:56:50 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-02-13 21:43:47 ----A---- C:\windows\system32\ntoskrnl.exe
2013-02-13 21:43:46 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-02-13 21:43:44 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-02-13 21:43:29 ----A---- C:\windows\system32\win32k.sys
2013-02-13 21:43:24 ----A---- C:\windows\system32\winsrv.dll
2013-02-13 21:43:23 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-02-13 21:43:23 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-02-13 21:43:22 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-02-13 21:43:21 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-02-13 21:43:10 ----A---- C:\windows\SYSWOW64\user.exe
2013-02-13 21:43:08 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-02-13 21:43:06 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 16:00:45 ----D---- C:\Program Files (x86)\WebReader
2013-02-13 15:55:33 ----D---- C:\Program Files (x86)\Desktop Google Reader
2013-02-13 15:51:13 ----D---- C:\Program Files (x86)\Readefine
2013-02-11 16:01:45 ----D---- C:\Users\freekarol\AppData\Roaming\SpeedProject
2013-02-11 16:01:37 ----D---- C:\Program Files\SpeedProject
2013-02-07 19:25:00 ----D---- C:\rsit
2013-02-05 21:43:49 ----D---- C:\Users\freekarol\AppData\Roaming\Ashampoo
2013-02-02 23:28:50 ----A---- C:\windows\SYSWOW64\javaws.exe
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\javaw.exe
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\java.exe
2013-02-02 23:27:29 ----D---- C:\Program Files (x86)\Java
2013-02-01 12:27:56 ----D---- C:\Users\freekarol\AppData\Roaming\Maxthon3
2013-01-29 20:33:56 ----D---- C:\Program Files (x86)\Anki
2013-01-29 19:41:46 ----D---- C:\Program Files\MediaInfo
2013-01-29 15:03:46 ----D---- C:\FFOutput
2013-01-29 15:02:22 ----D---- C:\Program Files (x86)\FreeTime
2013-01-29 14:47:40 ----D---- C:\Program Files\Avidemux 2.6
2013-01-21 01:21:42 ----A---- C:\windows\AutoKMS.exe
======List of files/folders modified in the last 1 month======
2013-02-20 10:59:42 ----D---- C:\Program Files\trend micro
2013-02-20 10:58:23 ----D---- C:\windows\temp
2013-02-20 10:52:53 ----D---- C:\Windows
2013-02-20 10:52:39 ----D---- C:\windows\system32\config
2013-02-20 10:47:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-20 10:45:52 ----A---- C:\windows\Sandboxie.ini
2013-02-20 10:42:51 ----D---- C:\windows\Tasks
2013-02-20 10:38:50 ----D---- C:\windows\Prefetch
2013-02-19 22:01:47 ----D---- C:\Program Files (x86)
2013-02-19 09:23:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-02-19 09:22:42 ----D---- C:\ProgramData\Adobe
2013-02-18 20:26:30 ----D---- C:\windows\system32\catroot2
2013-02-14 23:17:29 ----D---- C:\ProgramData
2013-02-14 14:30:01 ----RSD---- C:\windows\assembly
2013-02-14 14:30:01 ----D---- C:\windows\Microsoft.NET
2013-02-14 03:20:19 ----D---- C:\windows\winsxs
2013-02-14 03:15:28 ----D---- C:\windows\SysWOW64
2013-02-14 03:15:28 ----D---- C:\windows\System32
2013-02-14 03:15:26 ----D---- C:\windows\AppPatch
2013-02-14 03:15:24 ----D---- C:\windows\SYSWOW64\migration
2013-02-14 03:15:24 ----D---- C:\windows\system32\drivers
2013-02-14 03:15:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-14 03:15:23 ----D---- C:\windows\system32\migration
2013-02-14 03:15:22 ----D---- C:\Program Files\Internet Explorer
2013-02-14 03:08:10 ----D---- C:\windows\debug
2013-02-14 03:08:06 ----A---- C:\windows\system32\MRT.exe
2013-02-14 03:07:57 ----SHD---- C:\windows\Installer
2013-02-14 03:07:57 ----D---- C:\Config.Msi
2013-02-14 03:07:54 ----D---- C:\ProgramData\Microsoft Help
2013-02-14 03:03:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-02-14 03:03:46 ----D---- C:\windows\inf
2013-02-14 03:00:24 ----D---- C:\windows\system32\catroot
2013-02-14 02:58:15 ----SHD---- C:\System Volume Information
2013-02-13 15:51:09 ----D---- C:\Users\freekarol\AppData\Roaming\Adobe
2013-02-12 19:32:31 ----D---- C:\windows\SYSWOW64\Adobe
2013-02-11 16:01:37 ----RD---- C:\Program Files
2013-02-10 10:22:36 ----D---- C:\windows\system32\Tasks
2013-02-08 20:34:34 ----D---- C:\Program Files\Opera x64
2013-02-08 20:34:34 ----D---- C:\Program Files (x86)\Opera x64
2013-02-02 23:27:35 ----A---- C:\windows\SYSWOW64\npDeployJava1.dll
2013-02-02 23:27:35 ----A---- C:\windows\SYSWOW64\deployJava1.dll
2013-01-30 11:13:36 ----D---- C:\windows\Minidump
2013-01-30 11:10:04 ----RD---- C:\Program Files (x86)\Skype
2013-01-30 11:10:01 ----D---- C:\ProgramData\Skype
2013-01-30 11:07:08 ----D---- C:\Program Files\Common Files
2013-01-25 14:55:30 ----AD---- C:\ProgramData\TEMP
2013-01-25 14:53:06 ----D---- C:\Program Files (x86)\Portable
2013-01-21 01:21:42 ----A---- C:\windows\AutoKMS.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
R0 cumon;cumon; C:\windows\system32\drivers\cumon.sys [2011-09-05 205512]
R0 Evdd;evdd; C:\windows\system32\drivers\evdd.sys [2011-09-05 19568]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-05 30008]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-05-24 158280]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2012-07-03 54072]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-07-03 958400]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-07-03 355856]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-07-03 59728]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 ElRawDisk;ElRawDisk; \??\C:\windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASKUTIL64.SYS [2011-07-12 12368]
R1 VBoxDrv;VirtualBox Service; C:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-07-03 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-05 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-25 10207744]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-25 317952]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-22 2727424]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-10 29344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-03-08 174680]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieDrv.sys [2012-06-17 166576]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-04-04 2614520]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-05-11 523264]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 166232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 vmci;VMware VMCI Bus Driver; C:\windows\system32\DRIVERS\vmci.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-10 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-10 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-10 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-10 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-10 154272]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-10 281760]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-12-07 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\windows\system32\DRIVERS\vmnetadapter.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-25 204288]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-10 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-05-10 80032]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe [2012-07-03 44808]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 CPMService;COMODO Programs Manager Service; C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe [2011-09-05 116032]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-05-19 485712]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-22 103992]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-05-14 317496]
R2 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-05-22 818232]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-05 30520]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 SbieSvc;Sandboxie Service; C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe [2012-06-17 98576]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-11 301056]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-10 464440]
S3 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
S3 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-19 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S4 !SASCORE;SAS Core Service; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASCORE64.EXE [2012-07-11 140672]
S4 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-10 194032]
S4 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-03-18 132152]
S4 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-09 320512]
S4 MBAMService;MBAMService; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-05-24 1318912]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
S4 MsgPlusService;Messenger Plus! Service; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-07-25 119808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-04-22 1128952]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by freekarol at 2013-02-20 10:59:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 114 GB (19%) free of 590 GB
Total RAM: 3552 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:59:45, on 20.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe
C:\Users\Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastUI.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\File Management\searchers\Everything-1.2.1.371\Everything-1.2.1.371.exe
C:\Program Files\trend micro\freekarol.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PXCIEaddin5 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\MY PROGRAM FILES\Security\Antivir\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ASuite] C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [SandboxieControl] "C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe" (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (User 'Karol')
O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [Facebook Update] "C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: asuite.exe – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: AutorunsDisabled (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: Facebook Messenger.lnk = Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: procexp64 – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: Rizone Memory Booster.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: asuite.exe – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: AutorunsDisabled (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: Facebook Messenger.lnk = Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: procexp64 – zástupce.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: Rizone Memory Booster.lnk = Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe (User 'Karol')
O4 - S-1-5-21-2722712566-590643248-4265252878-1002 User Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe (User 'Karol')
O4 - Startup: Rizone Memory Booster.lnk = ?
O4 - Startup: taskmgr – zástupce.lnk = C:\Windows\System32\taskmgr.exe
O8 - Extra context menu item: Download current page with FreshWebSuction - file://C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\FreshWebmaster\FreshWebSuction\obiectx_all.htm
O8 - Extra context menu item: Download using FreshWebSuction - file://C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\FreshWebmaster\FreshWebSuction\obiectx.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MYPROG~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MYPROG~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s Mipony - file://C:\Program Files (x86)\MY PROGRAM FILES (x86)\Downloaders\MiPony\Browser\IEContext.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll C:\windows\SysWOW64\guard32.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Programs Manager Service (CPMService) - Unknown owner - C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
--
End of file - 14848 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
"C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe"
C:\windows\system32\vcsFPService.exe
"C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 30252256
\??\C:\windows\system32\conhost.exe "-142968200452073239-362503544-1470414881570346983-73063299-638096995-1203065619
C:\windows\System32\spoolsv.exe
taskeng.exe {15E99CC7-3D10-4CBD-B7E5-D98BDA5E5344}
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3488
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
"C:\windows\system32\Dwm.exe"
"taskhost.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Users\Karol\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe"
"C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastUI.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Task Managers\ProcessExplorer\procexp64.exe"
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe" /smin
"C:\Windows\System32\taskmgr.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\File Management\searchers\Everything-1.2.1.371\Everything-1.2.1.371.exe"
"C:\windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Users\freekarol\My Software\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\update-S-1-5-21-2722712566-590643248-4265252878-1001.job
C:\windows\tasks\update-sys.job
=========Mozilla firefox=========
ProfilePath - C:\Users\freekarol\AppData\Roaming\Mozilla\Firefox\Profiles\wh6tcftn.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.168 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\MY PROGRAM FILES (X86)\DOCS\FOXIT READER\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\MY PROGRAM FILES (x86)\Codecs\Real Alternative\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files (x86)\MY PROGRAM FILES (x86)\Codecs\Real Alternative\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\LSNPAPI]
"Description"=
"Path"=C:\Program Files (x86)\nplightshot\3.2.0.0\npLightshot.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.168 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\MY PROGRAM FILES\Security\Antivir\aswWebRepIE64.dll [2012-07-03 1387952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll [2012-05-14 987928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}]
PDFXChange 2012 - C:\Program Files\MY PROGRAM FILES\Docs\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2012-05-07 418912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-02 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-02 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}]
WinToFlash Suggestor - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll [2012-05-25 281424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll [2012-05-14 863512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-16 2828072]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-05-10 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-05-10 379552]
"COMODO Internet Security"=C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-11 1128448]
"BCSSync"=C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\BCSSync.exe [2010-01-21 112512]
"AutoKMS"=C:\windows\AutoKMS.exe [2013-01-21 615936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieCtrl.exe [2012-06-17 694032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DjVu Printer Pilot virtual printer agent]
C:\Program Files\MY PROGRAM FILES\DjVu Printer Pilot\djvpagent.exe [2010-11-12 116736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-09 12277248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\windows\system32\Macromed\Flash\FlashUtil64_11_5_502_110_Plugin.exe -update plugin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Users\freekarol\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-21 169528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamgui.exe [2012-12-14 512360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManicTime]
C:\Sandbox\Karol\DefaultBox\drive\C\Program Files (x86)\ManicTime\ManicTime.exe [2012-10-24 249688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\PROGRA~2\MYPROG~1\IMS~1\Yahoo\Messenger\YahooMessenger.exe -quiet []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-05-24 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\MSOSYNC.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-04-22 658424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KillSkypeHome.lnk]
C:\Users\freekarol\Downloads\KillSkypeHome.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~2\MYPROG~1\VIRTUA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MultiSkypeLauncher.lnk]
C:\PROGRA~2\MYPROG~1\IMS~1\MULTIS~1\MULTIS~1.EXE [2011-06-13 114176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^freekarol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\ONENOTEM.EXE [2010-01-21 243072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-05-14 318520]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]
"avast"=C:\Program Files\MY PROGRAM FILES\Security\Antivir\avastUI.exe [2012-07-03 4273976]
"ASuite"=C:\Users\Karol\MY DATA\Archive\1.Extensions\Software\Portable Programs\32\Portable Starts\asuite1512\asuite.exe [2008-05-24 504320]
C:\Users\freekarol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rizone Memory Booster.lnk - C:\Users\Karol\Software\Portable Programs\32\Údržba\RAM\memBoost-1-7-9-1798\memBoost-1-7-9-1798\memBoost.exe
taskmgr – zástupce.lnk - C:\Windows\System32\taskmgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll C:\windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-04-14 249344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MYPROG~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-02-20 10:42:48 ----D---- C:\_OTM
2013-02-19 23:21:38 ----D---- C:\Users\freekarol\AppData\Roaming\SPlayer
2013-02-19 22:01:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-14 02:57:26 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-02-14 02:57:26 ----A---- C:\windows\system32\mshtmled.dll
2013-02-14 02:57:24 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-02-14 02:57:23 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-02-14 02:57:23 ----A---- C:\windows\system32\ieui.dll
2013-02-14 02:57:22 ----A---- C:\windows\SYSWOW64\url.dll
2013-02-14 02:57:22 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-02-14 02:57:22 ----A---- C:\windows\system32\ieUnatt.exe
2013-02-14 02:57:21 ----A---- C:\windows\system32\url.dll
2013-02-14 02:57:19 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-02-14 02:57:19 ----A---- C:\windows\system32\urlmon.dll
2013-02-14 02:57:17 ----A---- C:\windows\system32\jscript9.dll
2013-02-14 02:57:16 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-02-14 02:57:16 ----A---- C:\windows\system32\msfeeds.dll
2013-02-14 02:57:14 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-02-14 02:57:12 ----A---- C:\windows\system32\wininet.dll
2013-02-14 02:57:11 ----A---- C:\windows\system32\jsproxy.dll
2013-02-14 02:57:10 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-02-14 02:57:10 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-02-14 02:57:09 ----A---- C:\windows\system32\vbscript.dll
2013-02-14 02:57:08 ----A---- C:\windows\system32\jscript.dll
2013-02-14 02:57:08 ----A---- C:\windows\system32\iertutil.dll
2013-02-14 02:57:07 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-02-14 02:57:04 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-02-14 02:56:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-02-14 02:56:54 ----A---- C:\windows\system32\mshtml.dll
2013-02-14 02:56:52 ----A---- C:\windows\system32\ieframe.dll
2013-02-14 02:56:50 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-02-13 21:43:47 ----A---- C:\windows\system32\ntoskrnl.exe
2013-02-13 21:43:46 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-02-13 21:43:44 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-02-13 21:43:29 ----A---- C:\windows\system32\win32k.sys
2013-02-13 21:43:24 ----A---- C:\windows\system32\winsrv.dll
2013-02-13 21:43:23 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-02-13 21:43:23 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-02-13 21:43:22 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-02-13 21:43:21 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-02-13 21:43:10 ----A---- C:\windows\SYSWOW64\user.exe
2013-02-13 21:43:08 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-02-13 21:43:06 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 16:00:45 ----D---- C:\Program Files (x86)\WebReader
2013-02-13 15:55:33 ----D---- C:\Program Files (x86)\Desktop Google Reader
2013-02-13 15:51:13 ----D---- C:\Program Files (x86)\Readefine
2013-02-11 16:01:45 ----D---- C:\Users\freekarol\AppData\Roaming\SpeedProject
2013-02-11 16:01:37 ----D---- C:\Program Files\SpeedProject
2013-02-07 19:25:00 ----D---- C:\rsit
2013-02-05 21:43:49 ----D---- C:\Users\freekarol\AppData\Roaming\Ashampoo
2013-02-02 23:28:50 ----A---- C:\windows\SYSWOW64\javaws.exe
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\javaw.exe
2013-02-02 23:28:05 ----A---- C:\windows\SYSWOW64\java.exe
2013-02-02 23:27:29 ----D---- C:\Program Files (x86)\Java
2013-02-01 12:27:56 ----D---- C:\Users\freekarol\AppData\Roaming\Maxthon3
2013-01-29 20:33:56 ----D---- C:\Program Files (x86)\Anki
2013-01-29 19:41:46 ----D---- C:\Program Files\MediaInfo
2013-01-29 15:03:46 ----D---- C:\FFOutput
2013-01-29 15:02:22 ----D---- C:\Program Files (x86)\FreeTime
2013-01-29 14:47:40 ----D---- C:\Program Files\Avidemux 2.6
2013-01-21 01:21:42 ----A---- C:\windows\AutoKMS.exe
======List of files/folders modified in the last 1 month======
2013-02-20 10:59:42 ----D---- C:\Program Files\trend micro
2013-02-20 10:58:23 ----D---- C:\windows\temp
2013-02-20 10:52:53 ----D---- C:\Windows
2013-02-20 10:52:39 ----D---- C:\windows\system32\config
2013-02-20 10:47:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-20 10:45:52 ----A---- C:\windows\Sandboxie.ini
2013-02-20 10:42:51 ----D---- C:\windows\Tasks
2013-02-20 10:38:50 ----D---- C:\windows\Prefetch
2013-02-19 22:01:47 ----D---- C:\Program Files (x86)
2013-02-19 09:23:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-02-19 09:22:42 ----D---- C:\ProgramData\Adobe
2013-02-18 20:26:30 ----D---- C:\windows\system32\catroot2
2013-02-14 23:17:29 ----D---- C:\ProgramData
2013-02-14 14:30:01 ----RSD---- C:\windows\assembly
2013-02-14 14:30:01 ----D---- C:\windows\Microsoft.NET
2013-02-14 03:20:19 ----D---- C:\windows\winsxs
2013-02-14 03:15:28 ----D---- C:\windows\SysWOW64
2013-02-14 03:15:28 ----D---- C:\windows\System32
2013-02-14 03:15:26 ----D---- C:\windows\AppPatch
2013-02-14 03:15:24 ----D---- C:\windows\SYSWOW64\migration
2013-02-14 03:15:24 ----D---- C:\windows\system32\drivers
2013-02-14 03:15:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-14 03:15:23 ----D---- C:\windows\system32\migration
2013-02-14 03:15:22 ----D---- C:\Program Files\Internet Explorer
2013-02-14 03:08:10 ----D---- C:\windows\debug
2013-02-14 03:08:06 ----A---- C:\windows\system32\MRT.exe
2013-02-14 03:07:57 ----SHD---- C:\windows\Installer
2013-02-14 03:07:57 ----D---- C:\Config.Msi
2013-02-14 03:07:54 ----D---- C:\ProgramData\Microsoft Help
2013-02-14 03:03:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-02-14 03:03:46 ----D---- C:\windows\inf
2013-02-14 03:00:24 ----D---- C:\windows\system32\catroot
2013-02-14 02:58:15 ----SHD---- C:\System Volume Information
2013-02-13 15:51:09 ----D---- C:\Users\freekarol\AppData\Roaming\Adobe
2013-02-12 19:32:31 ----D---- C:\windows\SYSWOW64\Adobe
2013-02-11 16:01:37 ----RD---- C:\Program Files
2013-02-10 10:22:36 ----D---- C:\windows\system32\Tasks
2013-02-08 20:34:34 ----D---- C:\Program Files\Opera x64
2013-02-08 20:34:34 ----D---- C:\Program Files (x86)\Opera x64
2013-02-02 23:27:35 ----A---- C:\windows\SYSWOW64\npDeployJava1.dll
2013-02-02 23:27:35 ----A---- C:\windows\SYSWOW64\deployJava1.dll
2013-01-30 11:13:36 ----D---- C:\windows\Minidump
2013-01-30 11:10:04 ----RD---- C:\Program Files (x86)\Skype
2013-01-30 11:10:01 ----D---- C:\ProgramData\Skype
2013-01-30 11:07:08 ----D---- C:\Program Files\Common Files
2013-01-25 14:55:30 ----AD---- C:\ProgramData\TEMP
2013-01-25 14:53:06 ----D---- C:\Program Files (x86)\Portable
2013-01-21 01:21:42 ----A---- C:\windows\AutoKMS.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2011-04-15 40064]
R0 cumon;cumon; C:\windows\system32\drivers\cumon.sys [2011-09-05 205512]
R0 Evdd;evdd; C:\windows\system32\drivers\evdd.sys [2011-09-05 19568]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-05 30008]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-05-24 158280]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2012-07-03 54072]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-07-03 958400]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-07-03 355856]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-07-03 59728]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 ElRawDisk;ElRawDisk; \??\C:\windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R1 inspect;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASKUTIL64.SYS [2011-07-12 12368]
R1 VBoxDrv;VirtualBox Service; C:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-07-03 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-05 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-25 10207744]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-25 317952]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-22 2727424]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-10 29344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2011-05-14 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-03-08 174680]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-26 406632]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieDrv.sys [2012-06-17 166576]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-04-04 2614520]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2011-05-11 523264]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 166232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 vmci;VMware VMCI Bus Driver; C:\windows\system32\DRIVERS\vmci.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-10 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-10 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-10 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-10 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-10 154272]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-10 281760]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-12-07 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\windows\system32\DRIVERS\vmnetadapter.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-25 204288]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-10 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-05-10 80032]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\MY PROGRAM FILES\Security\Antivir\AvastSvc.exe [2012-07-03 44808]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\MY PROGRAM FILES\Security\Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 CPMService;COMODO Programs Manager Service; C:\Program Files\MY PROGRAM FILES\Uninstallers\Comodo Programs Manager\CPMService.exe [2011-09-05 116032]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-05-19 485712]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-03-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-22 103992]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-05-14 317496]
R2 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-05-22 818232]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-05 30520]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 SbieSvc;Sandboxie Service; C:\Program Files\MY PROGRAM FILES\Security\Sandbox\Sandboxie\SbieSvc.exe [2012-06-17 98576]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-11 301056]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-03-24 3161904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-10 464440]
S3 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]
S3 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-19 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S4 !SASCORE;SAS Core Service; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Spyware\SAS\SASCORE64.EXE [2012-07-11 140672]
S4 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-10 194032]
S4 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-03-18 132152]
S4 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-09 320512]
S4 MBAMService;MBAMService; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\MY PROGRAM FILES (x86)\Security\Antivir\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-05-24 1318912]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\MY PROGRAM FILES\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
S4 MsgPlusService;Messenger Plus! Service; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-07-25 119808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-04-22 1128952]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Dvouklikem na soubor C:\Program Files\trend micro\freekarol.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O4 - HKUS\S-1-5-21-2722712566-590643248-4265252878-1002\..\Run: [Facebook Update] "C:\Users\Karol\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'Karol')
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Vše úspěšně provedeno.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Notebook se o trochu zrychlil. Jen ještě dotaz, je normální, že po spuštění notebooku mi vytížení procesoru neklesne pod 30%? Poslední dobou mi totiž dost hučí ventilátor, ale jen když je notebook připojen do elektriky.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Start je jedno z nejvyšších potenciálních zatížení systému, neboť startuje nejen systém, ale vše, co startuje automaticky. Hodnotu 30% bych považoval za přijatelnou. NB také snižuje takt (tedy i spotřebu) při provozu na baterii. Takže, když ho budete napájet ze zdroje, pojede na vyšší takt, s větší spotřebou a tudíž i vyššími otáčkami větráku, aby nedošlo k přehřátí. Je ovšem možné i zanesení chladiče prachem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Odpojil jsem notebook od elektriky, vytáhl baterii a po tomhle mi notebook šel normálně, vytížení procesoru v průměru kolem 14%, teplota cpu 41%. A ted mi zase notebook hučí, využití procesoru kolem 30%, teplota cpu 60%. A vůbec netuším, co mi to dělá, když mi nejvíce ve správci úloh žere jen Opera.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Opera to pravděpodobně není, když vám to nedělalo po vytažení baterie. Od kdy se udává teplota v procentech. Jak mám rozumět tomuto:
Ty hodnoty nejsou nijak fatální. Omezuje vás to v něčem?
??teplota cpu 60%
Ty hodnoty nejsou nijak fatální. Omezuje vás to v něčem?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Tak zatím nic nezamrzá ani nepadá, jen ta hlučnost obtěžuje. Jak jsem tak pozoroval, tak jak na baterii, tak i na elektriku vše zpočátku jde, jak má, až po asi půl hodině se ventilátor rozjede více a tak už pak zůstane. Také se mi už při startu notebooku ventilátor na krátko nerozjede naplno, jak má ve zvyku. No a protože notebook nebyl čištěn asi tak 8 měsíců, tak mi asi tímto dává znamení, že je to už potřeba udělat. 
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Toto je u některých NB standardní.Také se mi už při startu notebooku ventilátor na krátko nerozjede naplno, jak má ve zvyku.
Zkuste vyčistit, nainstalujte Speedfan: http://www.stahuj.centrum.cz/utility_a_ ... /speedfan/ a vprůběhu chodu NB kontrolujte teplotu. Něměla by trvale překračovat 70°C.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?