Ahojte, za poslednú dobu sa mi strašne spomalil Notebook, teda predpokladám, že niečoho ho tam brzdí. Najväčšie spomalenie vidím pri bežnom surfovaní po nete, otváranie stránok, prehrávanie videí atď. ale i pri hrách nehovoriac o novších hrách ale i hry ako CS 1.6 mi sekajú (tie hry ma až tak netrápia). Posledný program, ktorý som nedávno inštaloval bol program ZoneAlarm, ale mám pocit, že to robilo už pred tým. Stalo sa mi, že mi prestal isť z ničoho nič aj zvuk a rozbehol sa až po reštarte. Prikladám log.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomík at 2013-09-11 10:20:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 110 GB (40%) free of 278 GB
Total RAM: 4010 MB (77% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {E06F3401-40CA-47A0-905C-A15E6BD2F2DD}
taskeng.exe {D4064C4D-1349-4F46-9365-D2171D51A808}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
"C:\Users\Tomík\AppData\Roaming\Search Protection\SearchProtection.exe" /autostart
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 5944
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe"
"C:\Users\Tomík\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default
prefs.js - "browser.startup.homepage" - "google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\extensions\
WebSiteRecommendation@weliketheweb.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\searchplugins\
yahoo.xml
zonealarm.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-08-14 6311296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22 302992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14 4533120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22 289168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-06-17 2721576]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq"=C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe [2013-06-16 28682088]
"SearchProtection"=C:\Users\Tomík\AppData\Roaming\Search Protection\SearchProtection.EXE [2013-05-22 740712]
"EPSON SX100 Series"=C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [2008-02-05 221696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-08-12 73832]
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Obrazovková spinka a spúšťač programu OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-09-11 10:20:42 ----D---- C:\rsit
2013-09-11 10:20:42 ----D---- C:\Program Files\trend micro
2013-09-08 11:50:23 ----D---- C:\Users\Tomík\AppData\Roaming\The Creative Assembly
2013-09-08 11:50:20 ----D---- C:\ProgramData\Steam
2013-09-07 09:54:59 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD
2013-09-07 09:54:51 ----D---- C:\Users\Tomík\AppData\Roaming\Check Point Software Technologies LTD
2013-09-07 09:54:47 ----D---- C:\Program Files (x86)\CheckPoint
2013-09-07 09:54:15 ----D---- C:\ProgramData\CheckPoint
2013-08-29 22:23:16 ----D---- C:\windows\SYSWOW64\SysInfo
2013-08-22 00:03:39 ----D---- C:\windows\SYSWOW64\directx
2013-08-21 23:54:00 ----D---- C:\windows\SYSWOW64\NV
2013-08-21 23:54:00 ----D---- C:\windows\system32\NV
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvvsvc.exe
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvcr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvc64.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvshext.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvmctray.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvcpl.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshextr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshext.dll
2013-08-21 23:51:26 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2013-08-21 23:51:26 ----A---- C:\windows\system32\OpenCL.dll
2013-08-21 23:51:13 ----D---- C:\ProgramData\NVIDIA Corporation
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvumdshim.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvinit.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvd3dum.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvapi.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvwgf2umx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvumdshimx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglv64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglshim64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvinitx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvIFR64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvFBC64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispgenco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvd3dumx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvapi64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2013-08-21 23:39:11 ----D---- C:\ProgramData\Orbit
2013-08-21 23:14:34 ----D---- C:\Program Files (x86)\Ubisoft
2013-08-20 17:14:39 ----A---- C:\windows\system32\bootdelete.exe
2013-08-20 12:20:16 ----D---- C:\Program Files\HitmanPro
2013-08-20 12:20:06 ----D---- C:\ProgramData\HitmanPro
2013-08-19 08:59:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-18 22:09:37 ----A---- C:\windows\SYSWOW64\gcapi_dll.dll
2013-08-18 22:09:12 ----D---- C:\Users\Tomík\AppData\Roaming\Foxit Software
2013-08-18 22:09:08 ----D---- C:\Program Files (x86)\Foxit Software
2013-08-16 10:15:34 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-08-16 10:15:33 ----A---- C:\windows\system32\ieui.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iernonce.dll
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-08-16 10:15:30 ----A---- C:\windows\system32\ie4uinit.exe
2013-08-16 10:15:29 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-08-16 10:15:29 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-08-16 10:15:29 ----A---- C:\windows\system32\iesysprep.dll
2013-08-16 10:15:28 ----A---- C:\windows\system32\iertutil.dll
2013-08-16 10:15:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-08-16 10:15:25 ----A---- C:\windows\system32\msfeeds.dll
2013-08-16 10:15:24 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-08-16 10:15:24 ----A---- C:\windows\system32\jscript.dll
2013-08-16 10:15:23 ----A---- C:\windows\system32\jscript9.dll
2013-08-16 10:15:22 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-08-16 10:15:21 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-08-16 10:15:20 ----A---- C:\windows\system32\urlmon.dll
2013-08-16 10:15:18 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-08-16 10:15:18 ----A---- C:\windows\system32\jsproxy.dll
2013-08-16 10:15:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-08-16 10:15:16 ----A---- C:\windows\system32\wininet.dll
2013-08-16 10:15:14 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-08-16 10:15:12 ----A---- C:\windows\system32\ieframe.dll
2013-08-16 10:15:10 ----A---- C:\windows\system32\mshtml.dll
2013-08-16 10:15:06 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-08-15 17:45:11 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-08-15 17:45:11 ----A---- C:\windows\system32\crypt32.dll
2013-08-15 17:45:10 ----A---- C:\windows\SYSWOW64\wintrust.dll
2013-08-15 17:45:10 ----A---- C:\windows\system32\wintrust.dll
2013-08-15 17:45:08 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2013-08-15 17:45:08 ----A---- C:\windows\system32\cryptsvc.dll
2013-08-15 17:45:05 ----A---- C:\windows\system32\cryptnet.dll
2013-08-15 17:45:04 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2013-08-15 17:44:57 ----A---- C:\windows\system32\tzres.dll
2013-08-15 17:44:56 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-08-15 17:44:52 ----A---- C:\windows\system32\WMVDECOD.DLL
2013-08-15 17:44:51 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2013-08-15 17:44:50 ----A---- C:\windows\system32\rpcrt4.dll
2013-08-15 17:44:49 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2013-08-15 17:44:45 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-08-15 17:44:43 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntoskrnl.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\SYSWOW64\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\system32\wow64.dll
2013-08-15 17:44:39 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-08-15 17:44:34 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-08-15 17:44:32 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-08-15 17:44:31 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-08-15 17:44:29 ----A---- C:\windows\SYSWOW64\user.exe
2013-08-15 17:44:28 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2013-08-15 17:44:27 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-08-13 09:19:45 ----A---- C:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Standalone
======List of files/folders modified in the last 1 month======
2013-09-11 10:20:42 ----RD---- C:\Program Files
2013-09-11 10:20:28 ----D---- C:\windows\Temp
2013-09-11 10:07:34 ----D---- C:\windows\SysWOW64
2013-09-11 10:07:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-09-11 00:07:27 ----D---- C:\windows\Prefetch
2013-09-10 15:56:58 ----D---- C:\windows\system32\config
2013-09-10 15:11:31 ----SHD---- C:\System Volume Information
2013-09-10 15:04:36 ----D---- C:\windows\System32
2013-09-10 15:04:36 ----D---- C:\windows\inf
2013-09-10 15:04:36 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-09-10 15:02:15 ----A---- C:\windows\SYSWOW64\log.txt
2013-09-10 15:01:11 ----RD---- C:\Program Files (x86)
2013-09-10 15:01:10 ----D---- C:\windows\system32\drivers
2013-09-08 21:55:29 ----D---- C:\Windows
2013-09-08 21:52:19 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-09-08 21:52:09 ----D---- C:\windows\Panther
2013-09-08 21:52:09 ----D---- C:\windows\Logs
2013-09-08 21:52:08 ----D---- C:\windows\debug
2013-09-08 21:09:01 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-09-08 11:50:20 ----HD---- C:\ProgramData
2013-09-07 19:38:10 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-09-07 09:55:57 ----D---- C:\windows\system32\DriverStore
2013-09-07 09:55:57 ----D---- C:\windows\system32\catroot
2013-09-07 09:55:48 ----SHD---- C:\windows\Installer
2013-08-23 12:07:18 ----RD---- C:\Program Files (x86)\Skype
2013-08-22 12:08:04 ----SD---- C:\Users\Tomík\AppData\Roaming\Microsoft
2013-08-21 23:53:56 ----D---- C:\ProgramData\NVIDIA
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-08-21 23:51:39 ----D---- C:\Program Files\NVIDIA Corporation
2013-08-21 23:51:05 ----D---- C:\windows\system32\catroot2
2013-08-21 23:13:16 ----RSD---- C:\windows\assembly
2013-08-21 22:43:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-19 20:27:17 ----D---- C:\Program Files (x86)\Google
2013-08-19 15:22:21 ----D---- C:\Users\Tomík\AppData\Roaming\vlc
2013-08-19 14:28:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 22:11:32 ----D---- C:\Program Files (x86)\AIMP3
2013-08-16 14:12:58 ----D---- C:\windows\rescache
2013-08-16 13:45:41 ----D---- C:\windows\Microsoft.NET
2013-08-16 10:24:36 ----D---- C:\windows\winsxs
2013-08-16 10:21:25 ----D---- C:\windows\SYSWOW64\sk-SK
2013-08-16 10:21:25 ----D---- C:\windows\system32\sk-SK
2013-08-16 10:21:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-16 10:21:24 ----D---- C:\Program Files\Internet Explorer
2013-08-16 10:21:23 ----D---- C:\windows\AppPatch
2013-08-16 10:09:12 ----D---- C:\windows\system32\MRT
2013-08-16 10:06:02 ----A---- C:\windows\system32\MRT.exe
2013-08-15 18:50:36 ----D---- C:\ProgramData\Skype
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Common Files
2013-08-12 11:05:27 ----D---- C:\windows\system32\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-16 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2013-06-13 451096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2011-06-17 186152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-08-12 2445304]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-06-18 54160]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-06-15 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalenie NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119530
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie NTB
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie NTB
# AdwCleaner v3.003 - Report created 11/09/2013 at 21:51:44
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tomík - TOMIK-PC
# Running from : C:\Users\Tomík\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Users\Tomík\AppData\Local\PackageAware
Folder Deleted : C:\Users\Tomík\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Tomík\AppData\Roaming\SimilarSites
File Deleted : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\searchplugins\zonealarm.xml
File Deleted : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (sk)
[ File : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\prefs.js ]
-\\ Google Chrome v29.0.1547.66
[ File : C:\Users\Tomík\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4180 octets] - [11/09/2013 21:50:42]
AdwCleaner[S0].txt - [4098 octets] - [11/09/2013 21:51:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4158 octets] ##########
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tomík - TOMIK-PC
# Running from : C:\Users\Tomík\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Users\Tomík\AppData\Local\PackageAware
Folder Deleted : C:\Users\Tomík\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Tomík\AppData\Roaming\SimilarSites
File Deleted : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\searchplugins\zonealarm.xml
File Deleted : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (sk)
[ File : C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\prefs.js ]
-\\ Google Chrome v29.0.1547.66
[ File : C:\Users\Tomík\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4180 octets] - [11/09/2013 21:50:42]
AdwCleaner[S0].txt - [4098 octets] - [11/09/2013 21:51:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4158 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119530
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie NTB
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie NTB
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomík at 2013-09-11 22:46:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 110 GB (40%) free of 278 GB
Total RAM: 4010 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:07, on 11. 9. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... tsId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [icq] C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [SearchProtection] "C:\Users\Tomík\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\windows\TEMP\E_SE442.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Obrazovková spinka a spúšťač programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
--
End of file - 13334 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
taskeng.exe {9A337A3E-A515-42F0-90E7-15AB99CE9096}
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
taskeng.exe {E567DE7C-F486-4DFA-BC2A-2C22765F5AC1}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4380
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe"
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Tomík\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default
prefs.js - "browser.startup.homepage" - "google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\extensions\
WebSiteRecommendation@weliketheweb.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\searchplugins\
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22 302992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22 289168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-06-17 2721576]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq"=C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe [2013-06-16 28682088]
"SearchProtection"=C:\Users\Tomík\AppData\Roaming\Search Protection\SearchProtection.EXE /autostart []
"EPSON SX100 Series"=C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [2008-02-05 221696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-08-12 73832]
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Obrazovková spinka a spúšťač programu OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-09-11 21:50:37 ----D---- C:\AdwCleaner
2013-09-11 10:20:42 ----D---- C:\rsit
2013-09-11 10:20:42 ----D---- C:\Program Files\trend micro
2013-09-08 11:50:23 ----D---- C:\Users\Tomík\AppData\Roaming\The Creative Assembly
2013-09-08 11:50:20 ----D---- C:\ProgramData\Steam
2013-09-07 09:54:59 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD
2013-09-07 09:54:51 ----D---- C:\Users\Tomík\AppData\Roaming\Check Point Software Technologies LTD
2013-09-07 09:54:47 ----D---- C:\Program Files (x86)\CheckPoint
2013-09-07 09:54:15 ----D---- C:\ProgramData\CheckPoint
2013-08-29 22:23:16 ----D---- C:\windows\SYSWOW64\SysInfo
2013-08-22 00:03:39 ----D---- C:\windows\SYSWOW64\directx
2013-08-21 23:54:00 ----D---- C:\windows\SYSWOW64\NV
2013-08-21 23:54:00 ----D---- C:\windows\system32\NV
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvvsvc.exe
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvcr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvc64.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvshext.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvmctray.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvcpl.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshextr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshext.dll
2013-08-21 23:51:26 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2013-08-21 23:51:26 ----A---- C:\windows\system32\OpenCL.dll
2013-08-21 23:51:13 ----D---- C:\ProgramData\NVIDIA Corporation
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvumdshim.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvinit.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvd3dum.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvapi.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvwgf2umx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvumdshimx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglv64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglshim64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvinitx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvIFR64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvFBC64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispgenco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvd3dumx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvapi64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2013-08-21 23:39:11 ----D---- C:\ProgramData\Orbit
2013-08-21 23:14:34 ----D---- C:\Program Files (x86)\Ubisoft
2013-08-20 17:14:39 ----A---- C:\windows\system32\bootdelete.exe
2013-08-20 12:20:16 ----D---- C:\Program Files\HitmanPro
2013-08-20 12:20:06 ----D---- C:\ProgramData\HitmanPro
2013-08-19 08:59:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-18 22:09:37 ----A---- C:\windows\SYSWOW64\gcapi_dll.dll
2013-08-18 22:09:12 ----D---- C:\Users\Tomík\AppData\Roaming\Foxit Software
2013-08-18 22:09:08 ----D---- C:\Program Files (x86)\Foxit Software
2013-08-16 10:15:34 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-08-16 10:15:33 ----A---- C:\windows\system32\ieui.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iernonce.dll
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-08-16 10:15:30 ----A---- C:\windows\system32\ie4uinit.exe
2013-08-16 10:15:29 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-08-16 10:15:29 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-08-16 10:15:29 ----A---- C:\windows\system32\iesysprep.dll
2013-08-16 10:15:28 ----A---- C:\windows\system32\iertutil.dll
2013-08-16 10:15:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-08-16 10:15:25 ----A---- C:\windows\system32\msfeeds.dll
2013-08-16 10:15:24 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-08-16 10:15:24 ----A---- C:\windows\system32\jscript.dll
2013-08-16 10:15:23 ----A---- C:\windows\system32\jscript9.dll
2013-08-16 10:15:22 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-08-16 10:15:21 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-08-16 10:15:20 ----A---- C:\windows\system32\urlmon.dll
2013-08-16 10:15:18 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-08-16 10:15:18 ----A---- C:\windows\system32\jsproxy.dll
2013-08-16 10:15:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-08-16 10:15:16 ----A---- C:\windows\system32\wininet.dll
2013-08-16 10:15:14 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-08-16 10:15:12 ----A---- C:\windows\system32\ieframe.dll
2013-08-16 10:15:10 ----A---- C:\windows\system32\mshtml.dll
2013-08-16 10:15:06 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-08-15 17:45:11 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-08-15 17:45:11 ----A---- C:\windows\system32\crypt32.dll
2013-08-15 17:45:10 ----A---- C:\windows\SYSWOW64\wintrust.dll
2013-08-15 17:45:10 ----A---- C:\windows\system32\wintrust.dll
2013-08-15 17:45:08 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2013-08-15 17:45:08 ----A---- C:\windows\system32\cryptsvc.dll
2013-08-15 17:45:05 ----A---- C:\windows\system32\cryptnet.dll
2013-08-15 17:45:04 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2013-08-15 17:44:57 ----A---- C:\windows\system32\tzres.dll
2013-08-15 17:44:56 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-08-15 17:44:52 ----A---- C:\windows\system32\WMVDECOD.DLL
2013-08-15 17:44:51 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2013-08-15 17:44:50 ----A---- C:\windows\system32\rpcrt4.dll
2013-08-15 17:44:49 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2013-08-15 17:44:45 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-08-15 17:44:43 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntoskrnl.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\SYSWOW64\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\system32\wow64.dll
2013-08-15 17:44:39 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-08-15 17:44:34 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-08-15 17:44:32 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-08-15 17:44:31 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-08-15 17:44:29 ----A---- C:\windows\SYSWOW64\user.exe
2013-08-15 17:44:28 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2013-08-15 17:44:27 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-08-13 09:19:45 ----A---- C:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Standalone
======List of files/folders modified in the last 1 month======
2013-09-11 22:15:30 ----D---- C:\windows\system32\config
2013-09-11 22:05:48 ----D---- C:\windows\Temp
2013-09-11 21:58:17 ----D---- C:\windows\System32
2013-09-11 21:58:17 ----D---- C:\windows\inf
2013-09-11 21:58:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-09-11 21:55:36 ----A---- C:\windows\SYSWOW64\log.txt
2013-09-11 21:51:45 ----RD---- C:\Program Files (x86)
2013-09-11 10:20:42 ----RD---- C:\Program Files
2013-09-11 10:07:34 ----D---- C:\windows\SysWOW64
2013-09-11 10:07:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-09-11 00:07:27 ----D---- C:\windows\Prefetch
2013-09-10 23:46:45 ----SHD---- C:\System Volume Information
2013-09-10 15:01:10 ----D---- C:\windows\system32\drivers
2013-09-08 21:55:29 ----D---- C:\Windows
2013-09-08 21:52:19 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-09-08 21:52:09 ----D---- C:\windows\Panther
2013-09-08 21:52:09 ----D---- C:\windows\Logs
2013-09-08 21:52:08 ----D---- C:\windows\debug
2013-09-08 21:09:01 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-09-08 11:50:20 ----HD---- C:\ProgramData
2013-09-07 19:38:10 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-09-07 09:55:57 ----D---- C:\windows\system32\DriverStore
2013-09-07 09:55:57 ----D---- C:\windows\system32\catroot
2013-09-07 09:55:48 ----SHD---- C:\windows\Installer
2013-08-23 12:07:18 ----RD---- C:\Program Files (x86)\Skype
2013-08-22 12:08:04 ----SD---- C:\Users\Tomík\AppData\Roaming\Microsoft
2013-08-21 23:53:56 ----D---- C:\ProgramData\NVIDIA
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-08-21 23:51:39 ----D---- C:\Program Files\NVIDIA Corporation
2013-08-21 23:51:05 ----D---- C:\windows\system32\catroot2
2013-08-21 23:13:16 ----RSD---- C:\windows\assembly
2013-08-21 22:43:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-19 20:27:17 ----D---- C:\Program Files (x86)\Google
2013-08-19 15:22:21 ----D---- C:\Users\Tomík\AppData\Roaming\vlc
2013-08-19 14:28:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 22:11:32 ----D---- C:\Program Files (x86)\AIMP3
2013-08-16 14:12:58 ----D---- C:\windows\rescache
2013-08-16 13:45:41 ----D---- C:\windows\Microsoft.NET
2013-08-16 10:24:36 ----D---- C:\windows\winsxs
2013-08-16 10:21:25 ----D---- C:\windows\SYSWOW64\sk-SK
2013-08-16 10:21:25 ----D---- C:\windows\system32\sk-SK
2013-08-16 10:21:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-16 10:21:24 ----D---- C:\Program Files\Internet Explorer
2013-08-16 10:21:23 ----D---- C:\windows\AppPatch
2013-08-16 10:09:12 ----D---- C:\windows\system32\MRT
2013-08-16 10:06:02 ----A---- C:\windows\system32\MRT.exe
2013-08-15 18:50:36 ----D---- C:\ProgramData\Skype
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Common Files
2013-08-12 11:05:27 ----D---- C:\windows\system32\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-16 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2013-06-13 451096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2011-06-17 186152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-08-12 2445304]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-06-18 54160]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-06-15 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Run by Tomík at 2013-09-11 22:46:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 110 GB (40%) free of 278 GB
Total RAM: 4010 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:07, on 11. 9. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... tsId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [icq] C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [SearchProtection] "C:\Users\Tomík\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\windows\TEMP\E_SE442.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Obrazovková spinka a spúšťač programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
--
End of file - 13334 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
taskeng.exe {9A337A3E-A515-42F0-90E7-15AB99CE9096}
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
taskeng.exe {E567DE7C-F486-4DFA-BC2A-2C22765F5AC1}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4380
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe"
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Tomík\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default
prefs.js - "browser.startup.homepage" - "google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\extensions\
WebSiteRecommendation@weliketheweb.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\searchplugins\
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22 302992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22 289168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-06-17 2721576]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq"=C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe [2013-06-16 28682088]
"SearchProtection"=C:\Users\Tomík\AppData\Roaming\Search Protection\SearchProtection.EXE /autostart []
"EPSON SX100 Series"=C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [2008-02-05 221696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-08-12 73832]
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Obrazovková spinka a spúšťač programu OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-09-11 21:50:37 ----D---- C:\AdwCleaner
2013-09-11 10:20:42 ----D---- C:\rsit
2013-09-11 10:20:42 ----D---- C:\Program Files\trend micro
2013-09-08 11:50:23 ----D---- C:\Users\Tomík\AppData\Roaming\The Creative Assembly
2013-09-08 11:50:20 ----D---- C:\ProgramData\Steam
2013-09-07 09:54:59 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD
2013-09-07 09:54:51 ----D---- C:\Users\Tomík\AppData\Roaming\Check Point Software Technologies LTD
2013-09-07 09:54:47 ----D---- C:\Program Files (x86)\CheckPoint
2013-09-07 09:54:15 ----D---- C:\ProgramData\CheckPoint
2013-08-29 22:23:16 ----D---- C:\windows\SYSWOW64\SysInfo
2013-08-22 00:03:39 ----D---- C:\windows\SYSWOW64\directx
2013-08-21 23:54:00 ----D---- C:\windows\SYSWOW64\NV
2013-08-21 23:54:00 ----D---- C:\windows\system32\NV
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvvsvc.exe
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvcr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvc64.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvshext.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvmctray.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvcpl.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshextr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshext.dll
2013-08-21 23:51:26 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2013-08-21 23:51:26 ----A---- C:\windows\system32\OpenCL.dll
2013-08-21 23:51:13 ----D---- C:\ProgramData\NVIDIA Corporation
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvumdshim.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvinit.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvd3dum.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvapi.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvwgf2umx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvumdshimx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglv64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglshim64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvinitx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvIFR64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvFBC64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispgenco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvd3dumx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvapi64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2013-08-21 23:39:11 ----D---- C:\ProgramData\Orbit
2013-08-21 23:14:34 ----D---- C:\Program Files (x86)\Ubisoft
2013-08-20 17:14:39 ----A---- C:\windows\system32\bootdelete.exe
2013-08-20 12:20:16 ----D---- C:\Program Files\HitmanPro
2013-08-20 12:20:06 ----D---- C:\ProgramData\HitmanPro
2013-08-19 08:59:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-18 22:09:37 ----A---- C:\windows\SYSWOW64\gcapi_dll.dll
2013-08-18 22:09:12 ----D---- C:\Users\Tomík\AppData\Roaming\Foxit Software
2013-08-18 22:09:08 ----D---- C:\Program Files (x86)\Foxit Software
2013-08-16 10:15:34 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-08-16 10:15:33 ----A---- C:\windows\system32\ieui.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iernonce.dll
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-08-16 10:15:30 ----A---- C:\windows\system32\ie4uinit.exe
2013-08-16 10:15:29 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-08-16 10:15:29 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-08-16 10:15:29 ----A---- C:\windows\system32\iesysprep.dll
2013-08-16 10:15:28 ----A---- C:\windows\system32\iertutil.dll
2013-08-16 10:15:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-08-16 10:15:25 ----A---- C:\windows\system32\msfeeds.dll
2013-08-16 10:15:24 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-08-16 10:15:24 ----A---- C:\windows\system32\jscript.dll
2013-08-16 10:15:23 ----A---- C:\windows\system32\jscript9.dll
2013-08-16 10:15:22 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-08-16 10:15:21 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-08-16 10:15:20 ----A---- C:\windows\system32\urlmon.dll
2013-08-16 10:15:18 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-08-16 10:15:18 ----A---- C:\windows\system32\jsproxy.dll
2013-08-16 10:15:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-08-16 10:15:16 ----A---- C:\windows\system32\wininet.dll
2013-08-16 10:15:14 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-08-16 10:15:12 ----A---- C:\windows\system32\ieframe.dll
2013-08-16 10:15:10 ----A---- C:\windows\system32\mshtml.dll
2013-08-16 10:15:06 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-08-15 17:45:11 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-08-15 17:45:11 ----A---- C:\windows\system32\crypt32.dll
2013-08-15 17:45:10 ----A---- C:\windows\SYSWOW64\wintrust.dll
2013-08-15 17:45:10 ----A---- C:\windows\system32\wintrust.dll
2013-08-15 17:45:08 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2013-08-15 17:45:08 ----A---- C:\windows\system32\cryptsvc.dll
2013-08-15 17:45:05 ----A---- C:\windows\system32\cryptnet.dll
2013-08-15 17:45:04 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2013-08-15 17:44:57 ----A---- C:\windows\system32\tzres.dll
2013-08-15 17:44:56 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-08-15 17:44:52 ----A---- C:\windows\system32\WMVDECOD.DLL
2013-08-15 17:44:51 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2013-08-15 17:44:50 ----A---- C:\windows\system32\rpcrt4.dll
2013-08-15 17:44:49 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2013-08-15 17:44:45 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-08-15 17:44:43 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntoskrnl.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\SYSWOW64\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\system32\wow64.dll
2013-08-15 17:44:39 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-08-15 17:44:34 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-08-15 17:44:32 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-08-15 17:44:31 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-08-15 17:44:29 ----A---- C:\windows\SYSWOW64\user.exe
2013-08-15 17:44:28 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2013-08-15 17:44:27 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-08-13 09:19:45 ----A---- C:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Standalone
======List of files/folders modified in the last 1 month======
2013-09-11 22:15:30 ----D---- C:\windows\system32\config
2013-09-11 22:05:48 ----D---- C:\windows\Temp
2013-09-11 21:58:17 ----D---- C:\windows\System32
2013-09-11 21:58:17 ----D---- C:\windows\inf
2013-09-11 21:58:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-09-11 21:55:36 ----A---- C:\windows\SYSWOW64\log.txt
2013-09-11 21:51:45 ----RD---- C:\Program Files (x86)
2013-09-11 10:20:42 ----RD---- C:\Program Files
2013-09-11 10:07:34 ----D---- C:\windows\SysWOW64
2013-09-11 10:07:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-09-11 00:07:27 ----D---- C:\windows\Prefetch
2013-09-10 23:46:45 ----SHD---- C:\System Volume Information
2013-09-10 15:01:10 ----D---- C:\windows\system32\drivers
2013-09-08 21:55:29 ----D---- C:\Windows
2013-09-08 21:52:19 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-09-08 21:52:09 ----D---- C:\windows\Panther
2013-09-08 21:52:09 ----D---- C:\windows\Logs
2013-09-08 21:52:08 ----D---- C:\windows\debug
2013-09-08 21:09:01 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-09-08 11:50:20 ----HD---- C:\ProgramData
2013-09-07 19:38:10 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-09-07 09:55:57 ----D---- C:\windows\system32\DriverStore
2013-09-07 09:55:57 ----D---- C:\windows\system32\catroot
2013-09-07 09:55:48 ----SHD---- C:\windows\Installer
2013-08-23 12:07:18 ----RD---- C:\Program Files (x86)\Skype
2013-08-22 12:08:04 ----SD---- C:\Users\Tomík\AppData\Roaming\Microsoft
2013-08-21 23:53:56 ----D---- C:\ProgramData\NVIDIA
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-08-21 23:51:39 ----D---- C:\Program Files\NVIDIA Corporation
2013-08-21 23:51:05 ----D---- C:\windows\system32\catroot2
2013-08-21 23:13:16 ----RSD---- C:\windows\assembly
2013-08-21 22:43:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-19 20:27:17 ----D---- C:\Program Files (x86)\Google
2013-08-19 15:22:21 ----D---- C:\Users\Tomík\AppData\Roaming\vlc
2013-08-19 14:28:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 22:11:32 ----D---- C:\Program Files (x86)\AIMP3
2013-08-16 14:12:58 ----D---- C:\windows\rescache
2013-08-16 13:45:41 ----D---- C:\windows\Microsoft.NET
2013-08-16 10:24:36 ----D---- C:\windows\winsxs
2013-08-16 10:21:25 ----D---- C:\windows\SYSWOW64\sk-SK
2013-08-16 10:21:25 ----D---- C:\windows\system32\sk-SK
2013-08-16 10:21:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-16 10:21:24 ----D---- C:\Program Files\Internet Explorer
2013-08-16 10:21:23 ----D---- C:\windows\AppPatch
2013-08-16 10:09:12 ----D---- C:\windows\system32\MRT
2013-08-16 10:06:02 ----A---- C:\windows\system32\MRT.exe
2013-08-15 18:50:36 ----D---- C:\ProgramData\Skype
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Common Files
2013-08-12 11:05:27 ----D---- C:\windows\system32\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-16 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2013-06-13 451096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2011-06-17 186152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-08-12 2445304]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-06-18 54160]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-06-15 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119530
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie NTB
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Users\Tomík\AppData\Roaming\Search Protection
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
:services
Skype C2C Service
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SearchProtection"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie NTB
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomík at 2013-09-12 17:29:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 110 GB (40%) free of 278 GB
Total RAM: 4010 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:29:48, on 12. 9. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... tsId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [icq] C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\windows\TEMP\E_SE442.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Obrazovková spinka a spúšťač programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
--
End of file - 13022 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
taskeng.exe {8199A234-DB73-4853-B73C-D0F6FA23C69E}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\sppsvc.exe
C:\windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
taskeng.exe {9A3F4A33-2CBC-4EDC-A24B-A33A6CB7C7D2}
taskeng.exe {21E8EA67-EB63-44D6-A07B-3F30E7B46EEC}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
"c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\windows\system32\igfxpers.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2632
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Tomík\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default
prefs.js - "browser.startup.homepage" - "google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\extensions\
WebSiteRecommendation@weliketheweb.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\searchplugins\
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22 302992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22 289168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-06-17 2721576]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq"=C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe [2013-06-16 28682088]
"EPSON SX100 Series"=C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [2008-02-05 221696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-08-12 73832]
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Obrazovková spinka a spúšťač programu OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-09-12 17:25:58 ----D---- C:\_OTM
2013-09-11 21:50:37 ----D---- C:\AdwCleaner
2013-09-11 10:20:42 ----D---- C:\rsit
2013-09-11 10:20:42 ----D---- C:\Program Files\trend micro
2013-09-08 11:50:23 ----D---- C:\Users\Tomík\AppData\Roaming\The Creative Assembly
2013-09-08 11:50:20 ----D---- C:\ProgramData\Steam
2013-09-07 09:54:59 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD
2013-09-07 09:54:51 ----D---- C:\Users\Tomík\AppData\Roaming\Check Point Software Technologies LTD
2013-09-07 09:54:47 ----D---- C:\Program Files (x86)\CheckPoint
2013-09-07 09:54:15 ----D---- C:\ProgramData\CheckPoint
2013-08-29 22:23:16 ----D---- C:\windows\SYSWOW64\SysInfo
2013-08-22 00:03:39 ----D---- C:\windows\SYSWOW64\directx
2013-08-21 23:54:00 ----D---- C:\windows\SYSWOW64\NV
2013-08-21 23:54:00 ----D---- C:\windows\system32\NV
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvvsvc.exe
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvcr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvc64.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvshext.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvmctray.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvcpl.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshextr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshext.dll
2013-08-21 23:51:26 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2013-08-21 23:51:26 ----A---- C:\windows\system32\OpenCL.dll
2013-08-21 23:51:13 ----D---- C:\ProgramData\NVIDIA Corporation
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvumdshim.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvinit.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvd3dum.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvapi.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvwgf2umx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvumdshimx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglv64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglshim64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvinitx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvIFR64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvFBC64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispgenco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvd3dumx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvapi64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2013-08-21 23:39:11 ----D---- C:\ProgramData\Orbit
2013-08-21 23:14:34 ----D---- C:\Program Files (x86)\Ubisoft
2013-08-20 17:14:39 ----A---- C:\windows\system32\bootdelete.exe
2013-08-20 12:20:16 ----D---- C:\Program Files\HitmanPro
2013-08-20 12:20:06 ----D---- C:\ProgramData\HitmanPro
2013-08-19 08:59:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-18 22:09:37 ----A---- C:\windows\SYSWOW64\gcapi_dll.dll
2013-08-18 22:09:12 ----D---- C:\Users\Tomík\AppData\Roaming\Foxit Software
2013-08-18 22:09:08 ----D---- C:\Program Files (x86)\Foxit Software
2013-08-16 10:15:34 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-08-16 10:15:33 ----A---- C:\windows\system32\ieui.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iernonce.dll
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-08-16 10:15:30 ----A---- C:\windows\system32\ie4uinit.exe
2013-08-16 10:15:29 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-08-16 10:15:29 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-08-16 10:15:29 ----A---- C:\windows\system32\iesysprep.dll
2013-08-16 10:15:28 ----A---- C:\windows\system32\iertutil.dll
2013-08-16 10:15:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-08-16 10:15:25 ----A---- C:\windows\system32\msfeeds.dll
2013-08-16 10:15:24 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-08-16 10:15:24 ----A---- C:\windows\system32\jscript.dll
2013-08-16 10:15:23 ----A---- C:\windows\system32\jscript9.dll
2013-08-16 10:15:22 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-08-16 10:15:21 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-08-16 10:15:20 ----A---- C:\windows\system32\urlmon.dll
2013-08-16 10:15:18 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-08-16 10:15:18 ----A---- C:\windows\system32\jsproxy.dll
2013-08-16 10:15:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-08-16 10:15:16 ----A---- C:\windows\system32\wininet.dll
2013-08-16 10:15:14 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-08-16 10:15:12 ----A---- C:\windows\system32\ieframe.dll
2013-08-16 10:15:10 ----A---- C:\windows\system32\mshtml.dll
2013-08-16 10:15:06 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-08-15 17:45:11 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-08-15 17:45:11 ----A---- C:\windows\system32\crypt32.dll
2013-08-15 17:45:10 ----A---- C:\windows\SYSWOW64\wintrust.dll
2013-08-15 17:45:10 ----A---- C:\windows\system32\wintrust.dll
2013-08-15 17:45:08 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2013-08-15 17:45:08 ----A---- C:\windows\system32\cryptsvc.dll
2013-08-15 17:45:05 ----A---- C:\windows\system32\cryptnet.dll
2013-08-15 17:45:04 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2013-08-15 17:44:57 ----A---- C:\windows\system32\tzres.dll
2013-08-15 17:44:56 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-08-15 17:44:52 ----A---- C:\windows\system32\WMVDECOD.DLL
2013-08-15 17:44:51 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2013-08-15 17:44:50 ----A---- C:\windows\system32\rpcrt4.dll
2013-08-15 17:44:49 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2013-08-15 17:44:45 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-08-15 17:44:43 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntoskrnl.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\SYSWOW64\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\system32\wow64.dll
2013-08-15 17:44:39 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-08-15 17:44:34 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-08-15 17:44:32 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-08-15 17:44:31 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-08-15 17:44:29 ----A---- C:\windows\SYSWOW64\user.exe
2013-08-15 17:44:28 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2013-08-15 17:44:27 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-08-13 09:19:45 ----A---- C:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Standalone
======List of files/folders modified in the last 1 month======
2013-09-12 17:29:35 ----A---- C:\windows\SYSWOW64\log.txt
2013-09-12 17:28:10 ----D---- C:\windows\Temp
2013-09-12 17:27:37 ----D---- C:\windows\system32\config
2013-09-12 17:26:20 ----D---- C:\Windows
2013-09-12 17:26:01 ----D---- C:\windows\Tasks
2013-09-11 21:58:17 ----D---- C:\windows\System32
2013-09-11 21:58:17 ----D---- C:\windows\inf
2013-09-11 21:58:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-09-11 21:51:45 ----RD---- C:\Program Files (x86)
2013-09-11 10:20:42 ----RD---- C:\Program Files
2013-09-11 10:07:34 ----D---- C:\windows\SysWOW64
2013-09-11 10:07:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-09-11 00:07:27 ----D---- C:\windows\Prefetch
2013-09-10 23:46:45 ----SHD---- C:\System Volume Information
2013-09-10 15:01:10 ----D---- C:\windows\system32\drivers
2013-09-08 21:52:19 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-09-08 21:52:09 ----D---- C:\windows\Panther
2013-09-08 21:52:09 ----D---- C:\windows\Logs
2013-09-08 21:52:08 ----D---- C:\windows\debug
2013-09-08 21:09:01 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-09-08 11:50:20 ----HD---- C:\ProgramData
2013-09-07 19:38:10 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-09-07 09:55:57 ----D---- C:\windows\system32\DriverStore
2013-09-07 09:55:57 ----D---- C:\windows\system32\catroot
2013-09-07 09:55:48 ----SHD---- C:\windows\Installer
2013-08-23 12:07:18 ----RD---- C:\Program Files (x86)\Skype
2013-08-22 12:08:04 ----SD---- C:\Users\Tomík\AppData\Roaming\Microsoft
2013-08-21 23:53:56 ----D---- C:\ProgramData\NVIDIA
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-08-21 23:51:39 ----D---- C:\Program Files\NVIDIA Corporation
2013-08-21 23:51:05 ----D---- C:\windows\system32\catroot2
2013-08-21 23:13:16 ----RSD---- C:\windows\assembly
2013-08-21 22:43:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-19 20:27:17 ----D---- C:\Program Files (x86)\Google
2013-08-19 15:22:21 ----D---- C:\Users\Tomík\AppData\Roaming\vlc
2013-08-19 14:28:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 22:11:32 ----D---- C:\Program Files (x86)\AIMP3
2013-08-16 14:12:58 ----D---- C:\windows\rescache
2013-08-16 13:45:41 ----D---- C:\windows\Microsoft.NET
2013-08-16 10:24:36 ----D---- C:\windows\winsxs
2013-08-16 10:21:25 ----D---- C:\windows\SYSWOW64\sk-SK
2013-08-16 10:21:25 ----D---- C:\windows\system32\sk-SK
2013-08-16 10:21:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-16 10:21:24 ----D---- C:\Program Files\Internet Explorer
2013-08-16 10:21:23 ----D---- C:\windows\AppPatch
2013-08-16 10:09:12 ----D---- C:\windows\system32\MRT
2013-08-16 10:06:02 ----A---- C:\windows\system32\MRT.exe
2013-08-15 18:50:36 ----D---- C:\ProgramData\Skype
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-16 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2013-06-13 451096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2011-06-17 186152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-08-12 2445304]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-06-18 54160]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-06-15 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Run by Tomík at 2013-09-12 17:29:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 110 GB (40%) free of 278 GB
Total RAM: 4010 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:29:48, on 12. 9. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... tsId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [icq] C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\windows\TEMP\E_SE442.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Obrazovková spinka a spúšťač programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
--
End of file - 13022 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
taskeng.exe {8199A234-DB73-4853-B73C-D0F6FA23C69E}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\sppsvc.exe
C:\windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
taskeng.exe {9A3F4A33-2CBC-4EDC-A24B-A33A6CB7C7D2}
taskeng.exe {21E8EA67-EB63-44D6-A07B-3F30E7B46EEC}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
"c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\windows\system32\igfxpers.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2632
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Tomík\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default
prefs.js - "browser.startup.homepage" - "google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\extensions\
WebSiteRecommendation@weliketheweb.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\Profiles\ccjp4cf5.default\searchplugins\
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22 302992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22 289168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-06-17 2721576]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq"=C:\Users\Tomík\AppData\Roaming\ICQM\icq.exe [2013-06-16 28682088]
"EPSON SX100 Series"=C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [2008-02-05 221696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-08-12 73832]
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Obrazovková spinka a spúšťač programu OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-09-12 17:25:58 ----D---- C:\_OTM
2013-09-11 21:50:37 ----D---- C:\AdwCleaner
2013-09-11 10:20:42 ----D---- C:\rsit
2013-09-11 10:20:42 ----D---- C:\Program Files\trend micro
2013-09-08 11:50:23 ----D---- C:\Users\Tomík\AppData\Roaming\The Creative Assembly
2013-09-08 11:50:20 ----D---- C:\ProgramData\Steam
2013-09-07 09:54:59 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD
2013-09-07 09:54:51 ----D---- C:\Users\Tomík\AppData\Roaming\Check Point Software Technologies LTD
2013-09-07 09:54:47 ----D---- C:\Program Files (x86)\CheckPoint
2013-09-07 09:54:15 ----D---- C:\ProgramData\CheckPoint
2013-08-29 22:23:16 ----D---- C:\windows\SYSWOW64\SysInfo
2013-08-22 00:03:39 ----D---- C:\windows\SYSWOW64\directx
2013-08-21 23:54:00 ----D---- C:\windows\SYSWOW64\NV
2013-08-21 23:54:00 ----D---- C:\windows\system32\NV
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvvsvc.exe
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvcr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvsvc64.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvshext.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvmctray.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nvcpl.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshextr.dll
2013-08-21 23:51:48 ----A---- C:\windows\system32\nv3dappshext.dll
2013-08-21 23:51:26 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2013-08-21 23:51:26 ----A---- C:\windows\system32\OpenCL.dll
2013-08-21 23:51:13 ----D---- C:\ProgramData\NVIDIA Corporation
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvumdshim.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvinit.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvd3dum.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\SYSWOW64\nvapi.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvwgf2umx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvumdshimx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvopencl.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglv64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvoglshim64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvinitx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvIFR64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\NvFBC64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispgenco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvdispco6432049.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvd3dumx.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvid.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuvenc.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcuda.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvcompiler.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\nvapi64.dll
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2013-08-21 23:45:33 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2013-08-21 23:39:11 ----D---- C:\ProgramData\Orbit
2013-08-21 23:14:34 ----D---- C:\Program Files (x86)\Ubisoft
2013-08-20 17:14:39 ----A---- C:\windows\system32\bootdelete.exe
2013-08-20 12:20:16 ----D---- C:\Program Files\HitmanPro
2013-08-20 12:20:06 ----D---- C:\ProgramData\HitmanPro
2013-08-19 08:59:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-18 22:09:37 ----A---- C:\windows\SYSWOW64\gcapi_dll.dll
2013-08-18 22:09:12 ----D---- C:\Users\Tomík\AppData\Roaming\Foxit Software
2013-08-18 22:09:08 ----D---- C:\Program Files (x86)\Foxit Software
2013-08-16 10:15:34 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-08-16 10:15:33 ----A---- C:\windows\system32\ieui.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iesetup.dll
2013-08-16 10:15:31 ----A---- C:\windows\system32\iernonce.dll
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-16 10:15:30 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-08-16 10:15:30 ----A---- C:\windows\system32\ie4uinit.exe
2013-08-16 10:15:29 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-08-16 10:15:29 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-08-16 10:15:29 ----A---- C:\windows\system32\iesysprep.dll
2013-08-16 10:15:28 ----A---- C:\windows\system32\iertutil.dll
2013-08-16 10:15:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-08-16 10:15:25 ----A---- C:\windows\system32\msfeeds.dll
2013-08-16 10:15:24 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-08-16 10:15:24 ----A---- C:\windows\system32\jscript.dll
2013-08-16 10:15:23 ----A---- C:\windows\system32\jscript9.dll
2013-08-16 10:15:22 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-08-16 10:15:21 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-08-16 10:15:20 ----A---- C:\windows\system32\urlmon.dll
2013-08-16 10:15:18 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-08-16 10:15:18 ----A---- C:\windows\system32\jsproxy.dll
2013-08-16 10:15:17 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-08-16 10:15:16 ----A---- C:\windows\system32\wininet.dll
2013-08-16 10:15:14 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-08-16 10:15:12 ----A---- C:\windows\system32\ieframe.dll
2013-08-16 10:15:10 ----A---- C:\windows\system32\mshtml.dll
2013-08-16 10:15:06 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-08-15 17:45:11 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-08-15 17:45:11 ----A---- C:\windows\system32\crypt32.dll
2013-08-15 17:45:10 ----A---- C:\windows\SYSWOW64\wintrust.dll
2013-08-15 17:45:10 ----A---- C:\windows\system32\wintrust.dll
2013-08-15 17:45:08 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2013-08-15 17:45:08 ----A---- C:\windows\system32\cryptsvc.dll
2013-08-15 17:45:05 ----A---- C:\windows\system32\cryptnet.dll
2013-08-15 17:45:04 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2013-08-15 17:44:57 ----A---- C:\windows\system32\tzres.dll
2013-08-15 17:44:56 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-08-15 17:44:52 ----A---- C:\windows\system32\WMVDECOD.DLL
2013-08-15 17:44:51 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2013-08-15 17:44:50 ----A---- C:\windows\system32\rpcrt4.dll
2013-08-15 17:44:49 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2013-08-15 17:44:45 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-08-15 17:44:43 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntoskrnl.exe
2013-08-15 17:44:42 ----A---- C:\windows\system32\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\SYSWOW64\ntdll.dll
2013-08-15 17:44:41 ----A---- C:\windows\system32\wow64.dll
2013-08-15 17:44:39 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2013-08-15 17:44:34 ----A---- C:\windows\SYSWOW64\wow32.dll
2013-08-15 17:44:32 ----A---- C:\windows\SYSWOW64\setup16.exe
2013-08-15 17:44:31 ----A---- C:\windows\SYSWOW64\instnm.exe
2013-08-15 17:44:29 ----A---- C:\windows\SYSWOW64\user.exe
2013-08-15 17:44:28 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2013-08-15 17:44:27 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-08-13 09:19:45 ----A---- C:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Standalone
======List of files/folders modified in the last 1 month======
2013-09-12 17:29:35 ----A---- C:\windows\SYSWOW64\log.txt
2013-09-12 17:28:10 ----D---- C:\windows\Temp
2013-09-12 17:27:37 ----D---- C:\windows\system32\config
2013-09-12 17:26:20 ----D---- C:\Windows
2013-09-12 17:26:01 ----D---- C:\windows\Tasks
2013-09-11 21:58:17 ----D---- C:\windows\System32
2013-09-11 21:58:17 ----D---- C:\windows\inf
2013-09-11 21:58:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-09-11 21:51:45 ----RD---- C:\Program Files (x86)
2013-09-11 10:20:42 ----RD---- C:\Program Files
2013-09-11 10:07:34 ----D---- C:\windows\SysWOW64
2013-09-11 10:07:33 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-09-11 00:07:27 ----D---- C:\windows\Prefetch
2013-09-10 23:46:45 ----SHD---- C:\System Volume Information
2013-09-10 15:01:10 ----D---- C:\windows\system32\drivers
2013-09-08 21:52:19 ----D---- C:\Users\Tomík\AppData\Roaming\DAEMON Tools Lite
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\uTorrent
2013-09-08 21:52:18 ----D---- C:\Users\Tomík\AppData\Roaming\AIMP3
2013-09-08 21:52:09 ----D---- C:\windows\Panther
2013-09-08 21:52:09 ----D---- C:\windows\Logs
2013-09-08 21:52:08 ----D---- C:\windows\debug
2013-09-08 21:09:01 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2013-09-08 11:50:20 ----HD---- C:\ProgramData
2013-09-07 19:38:10 ----D---- C:\Users\Tomík\AppData\Roaming\Mp3tag
2013-09-07 09:55:57 ----D---- C:\windows\system32\DriverStore
2013-09-07 09:55:57 ----D---- C:\windows\system32\catroot
2013-09-07 09:55:48 ----SHD---- C:\windows\Installer
2013-08-23 12:07:18 ----RD---- C:\Program Files (x86)\Skype
2013-08-22 12:08:04 ----SD---- C:\Users\Tomík\AppData\Roaming\Microsoft
2013-08-21 23:53:56 ----D---- C:\ProgramData\NVIDIA
2013-08-21 23:52:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-08-21 23:51:39 ----D---- C:\Program Files\NVIDIA Corporation
2013-08-21 23:51:05 ----D---- C:\windows\system32\catroot2
2013-08-21 23:13:16 ----RSD---- C:\windows\assembly
2013-08-21 22:43:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-19 20:27:17 ----D---- C:\Program Files (x86)\Google
2013-08-19 15:22:21 ----D---- C:\Users\Tomík\AppData\Roaming\vlc
2013-08-19 14:28:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 22:11:32 ----D---- C:\Program Files (x86)\AIMP3
2013-08-16 14:12:58 ----D---- C:\windows\rescache
2013-08-16 13:45:41 ----D---- C:\windows\Microsoft.NET
2013-08-16 10:24:36 ----D---- C:\windows\winsxs
2013-08-16 10:21:25 ----D---- C:\windows\SYSWOW64\sk-SK
2013-08-16 10:21:25 ----D---- C:\windows\system32\sk-SK
2013-08-16 10:21:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-16 10:21:24 ----D---- C:\Program Files\Internet Explorer
2013-08-16 10:21:23 ----D---- C:\windows\AppPatch
2013-08-16 10:09:12 ----D---- C:\windows\system32\MRT
2013-08-16 10:06:02 ----A---- C:\windows\system32\MRT.exe
2013-08-15 18:50:36 ----D---- C:\ProgramData\Skype
2013-08-13 09:18:02 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-16 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2013-06-13 451096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2011-06-17 186152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-08-12 2445304]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-06-18 54160]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-14 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-06-15 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119530
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie NTB
Log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie NTB
áno, ďakujem je to lepšie, ale neviem stále sa mi zdá že to je dosť zabrzdené...
-
Rudy
- Site Admin
- Příspěvky: 119530
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie NTB
Zkuste defargmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalenie NTB
Ďakujem pekne!! Pomohlo! 
-
Rudy
- Site Admin
- Příspěvky: 119530
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalenie NTB
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?