Tak pěkně Vás zdravím, mám problém, podívejte se prosím na to.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Cody at 2014-04-13 12:30:56
Microsoft Windows 7 Home Premium
System drive C: has 223 GB (94%) free of 238 GB
Total RAM: 1913 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:03, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\PROGRA~2\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\McAfee\MPF\MC\MpfAlert.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11395 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
"taskhost.exe"
"rundll32.exe" "C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll" saHooker_Initialize_and_Wait
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe"
"C:\Program Files (x86)\McAfee\MSK\MskSrver.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRA~2\McAfee.com\Agent\mcagent.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
taskeng.exe {AF4A25F7-571E-449B-811A-255694D5056A}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4420 CREDAT:71937
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3412 CREDAT:71937
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3412 CREDAT:268547
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\ProgramData\Google\Google Toolbar\Update\gtb1546.tmp.exe" /au /sid:S-1-5-21-1169751212-3718422233-1856728263-1000 /auchild
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe"
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7EN0FUWU\RSITx64[1].exe"
"C:\Program Files (x86)\McAfee\MPF\MC\MpfAlert.exe" -Embedding
wmiadap.exe /F /T /R
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - C:\Program Files (x86)\McAfee\MSK\mskapbho64.dll [2009-04-09 337424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-05-13 60224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll [2009-09-21 750064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-09-21 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2009-09-21 318960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll [2009-04-09 246800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll [2009-05-13 62784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2009-09-21 433648]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-21 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-21 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-21 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-09-21 346736]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-21 256112]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-03 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-08-06 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-06 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-06 35160]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-05 497504]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-29 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-03 1481568]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-04 711000]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-07-30 134032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-08-12 6203296]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-21 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-17 1294136]
"mcagent_exe"=C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe [2009-05-01 645328]
C:\Users\Cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 12:30:56 ----D---- C:\rsit
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 12:18:53 ----A---- C:\Windows\ntbtlog.txt
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 12:31:03 ----D---- C:\Windows\Prefetch
2014-04-13 12:31:01 ----D---- C:\Windows\Temp
2014-04-13 12:30:56 ----RD---- C:\Program Files
2014-04-13 12:28:03 ----D---- C:\Windows\system32\Tasks
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 12:26:30 ----D---- C:\Program Files (x86)\McAfee
2014-04-13 12:23:24 ----D---- C:\Windows\System32
2014-04-13 12:23:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 12:23:23 ----D---- C:\Windows\inf
2014-04-13 12:18:53 ----D---- C:\Windows
2014-04-13 11:16:30 ----SD---- C:\ProgramData\Microsoft
2014-04-13 02:20:21 ----D---- C:\ProgramData\McAfee
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:18:01 ----D---- C:\Windows\rescache
2014-04-13 02:17:27 ----HD---- C:\ProgramData
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:16:37 ----D---- C:\Windows\debug
2014-04-13 02:16:30 ----D---- C:\Windows\system32\catroot2
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:47 ----D---- C:\Windows\Panther
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:08:50 ----D---- C:\Windows\system32\config
2014-04-13 02:06:31 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:26 ----D---- C:\Windows\system32\drivers
2014-04-13 02:06:26 ----D---- C:\Windows\system32\catroot
2014-04-13 02:06:23 ----D---- C:\Windows\SysWOW64
2014-04-13 02:06:18 ----D---- C:\Windows\Logs
2014-04-13 02:06:15 ----SHD---- C:\Windows\Installer
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 02:02:44 ----D---- C:\Windows\winsxs
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
2014-04-13 01:52:01 ----RD---- C:\Program Files (x86)
2014-04-13 01:48:21 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-05-13 307400]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-04-09 176144]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-05-13 49480]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-05-13 102600]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-05-13 40904]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 mcmscsvc;McAfee Services; C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2009-05-01 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe [2009-04-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-04-09 359952]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [2009-05-08 893112]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [2009-04-09 26640]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [2009-05-08 606736]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-05-13 153920]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-21 182768]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-05-08 696848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2009-09-21 332272]
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
problém
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém
Zdravím!
Nadpis "Problém" a log RSIT mi celkem nic neřekne o tom, jaký ten problém je. Chcete- li PC vyčistit, spusťte nejprve tuto utilitu:
Nadpis "Problém" a log RSIT mi celkem nic neřekne o tom, jaký ten problém je. Chcete- li PC vyčistit, spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém
Ten Problém se děje tak, že mi tuhne PC a kurzor si dělá co chce, plus samovolné spouštění, přesouvání... měl jsem spuštěné live cd od kaspersky, ale to mi našlo jen win32 trojan/hosts2.gen, který jsem smazal a teď mám s rychlým formátem jak to tak mají ty notebooky, nainstalováno tovarní nastavení. No a MWAV mi nenašel nic.
# AdwCleaner v3.007 - Report created 13/04/2014 at 16:10:32
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Cody - CODY-TOSH
# Running from : C:\Users\Cody\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : Partner Service
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\ProgramData\Partner
File Deleted : C:\Users\Public\Desktop\eBay.lnk
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16385
*************************
AdwCleaner[R0].txt - [2557 octets] - [13/04/2014 15:57:10]
AdwCleaner[S0].txt - [2518 octets] - [13/04/2014 16:10:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2578 octets] ##########
Logfile of random's system information tool 1.09 (written by random/random)
Run by Cody at 2014-04-13 16:23:04
Microsoft Windows 7 Home Premium
System drive C: has 223 GB (94%) free of 238 GB
Total RAM: 1913 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:11, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\PROGRA~2\McAfee.com\Agent\mcagent.exe
C:\PROGRA~2\COMMON~1\mcafee\msc\mcuicnt.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11165 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
"rundll32.exe" "C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll" saHooker_Initialize_and_Wait
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe"
"C:\Program Files (x86)\McAfee\MSK\MskSrver.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxext.exe -Embedding
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
taskeng.exe {A6486938-7FF4-4713-8EC0-501EC8128743}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\PROGRA~2\McAfee.com\Agent\mcagent.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\McAfee\MSC\mcactwiz.dll" oobe starttype=1
"c:\PROGRA~2\mcafee\msc\mcoemmgr.exe" -Embedding
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:316 CREDAT:71937
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:316 CREDAT:71938
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1169751212-3718422233-1856728263-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1169751212-3718422233-1856728263-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AF4ENGG4\RSITx64[1].exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - C:\Program Files (x86)\McAfee\MSK\mskapbho64.dll [2009-04-09 337424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-05-13 60224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-13 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-04-13 346576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll [2009-04-09 246800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll [2009-05-13 62784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-13 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2014-04-13 1001936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-13 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-13 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-03 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-08-06 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-06 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-06 35160]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-05 497504]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-29 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-03 1481568]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-04 711000]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-07-30 134032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-08-12 6203296]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-21 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-17 1294136]
"mcagent_exe"=C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe [2009-05-01 645328]
"TrojanScanner"=C:\Program Files (x86)\Trojan Remover\Trjscan.exe [2014-04-13 1661856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 15:56:59 ----D---- C:\AdwCleaner
2014-04-13 12:48:20 ----D---- C:\ProgramData\Kaspersky Lab
2014-04-13 12:39:03 ----D---- C:\Users\Cody\AppData\Roaming\Simply Super Software
2014-04-13 12:38:48 ----D---- C:\ProgramData\Simply Super Software
2014-04-13 12:38:48 ----D---- C:\Program Files (x86)\Trojan Remover
2014-04-13 12:30:56 ----D---- C:\rsit
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 12:18:53 ----A---- C:\Windows\ntbtlog.txt
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 16:23:11 ----D---- C:\Windows\Temp
2014-04-13 16:17:07 ----D---- C:\Windows\System32
2014-04-13 16:17:07 ----D---- C:\Windows\inf
2014-04-13 16:17:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 16:12:19 ----HD---- C:\ProgramData
2014-04-13 16:11:20 ----D---- C:\Windows\system32\wdi
2014-04-13 15:31:41 ----D---- C:\Windows\Prefetch
2014-04-13 15:28:30 ----D---- C:\Windows\system32\drivers
2014-04-13 13:03:23 ----SHD---- C:\Windows\Installer
2014-04-13 12:55:53 ----RD---- C:\Program Files (x86)
2014-04-13 12:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-13 12:50:09 ----D---- C:\Windows\Tasks
2014-04-13 12:50:09 ----D---- C:\Windows\system32\Tasks
2014-04-13 12:50:03 ----D---- C:\Program Files (x86)\Google
2014-04-13 12:30:56 ----RD---- C:\Program Files
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 12:26:30 ----D---- C:\Program Files (x86)\McAfee
2014-04-13 12:18:53 ----D---- C:\Windows
2014-04-13 11:16:30 ----SD---- C:\ProgramData\Microsoft
2014-04-13 02:20:21 ----D---- C:\ProgramData\McAfee
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:18:01 ----D---- C:\Windows\rescache
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:16:37 ----D---- C:\Windows\debug
2014-04-13 02:16:30 ----D---- C:\Windows\system32\catroot2
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:47 ----D---- C:\Windows\Panther
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:08:50 ----D---- C:\Windows\system32\config
2014-04-13 02:06:31 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:26 ----D---- C:\Windows\system32\catroot
2014-04-13 02:06:23 ----D---- C:\Windows\SysWOW64
2014-04-13 02:06:18 ----D---- C:\Windows\Logs
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 02:02:44 ----D---- C:\Windows\winsxs
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
2014-04-13 01:48:21 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-05-13 307400]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-04-09 176144]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-05-13 49480]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-05-13 102600]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-05-13 40904]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 mcmscsvc;McAfee Services; C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2009-05-01 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe [2009-04-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-04-09 359952]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [2009-05-08 893112]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [2009-04-09 26640]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [2009-05-08 606736]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-05-13 153920]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-05-08 696848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
# AdwCleaner v3.007 - Report created 13/04/2014 at 16:10:32
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Cody - CODY-TOSH
# Running from : C:\Users\Cody\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : Partner Service
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\ProgramData\Partner
File Deleted : C:\Users\Public\Desktop\eBay.lnk
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16385
*************************
AdwCleaner[R0].txt - [2557 octets] - [13/04/2014 15:57:10]
AdwCleaner[S0].txt - [2518 octets] - [13/04/2014 16:10:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2578 octets] ##########
Logfile of random's system information tool 1.09 (written by random/random)
Run by Cody at 2014-04-13 16:23:04
Microsoft Windows 7 Home Premium
System drive C: has 223 GB (94%) free of 238 GB
Total RAM: 1913 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:11, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\PROGRA~2\McAfee.com\Agent\mcagent.exe
C:\PROGRA~2\COMMON~1\mcafee\msc\mcuicnt.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11165 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
"rundll32.exe" "C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll" saHooker_Initialize_and_Wait
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe"
"C:\Program Files (x86)\McAfee\MSK\MskSrver.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe"
"C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxext.exe -Embedding
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
taskeng.exe {A6486938-7FF4-4713-8EC0-501EC8128743}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\PROGRA~2\McAfee.com\Agent\mcagent.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\McAfee\MSC\mcactwiz.dll" oobe starttype=1
"c:\PROGRA~2\mcafee\msc\mcoemmgr.exe" -Embedding
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:316 CREDAT:71937
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:316 CREDAT:71938
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1169751212-3718422233-1856728263-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1169751212-3718422233-1856728263-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AF4ENGG4\RSITx64[1].exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - C:\Program Files (x86)\McAfee\MSK\mskapbho64.dll [2009-04-09 337424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-05-13 60224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-13 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-04-13 346576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - C:\Program Files (x86)\McAfee\MSK\MskAPBho.dll [2009-04-09 246800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll [2009-05-13 62784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-13 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2014-04-13 1001936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2009-01-29 194576]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-13 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-13 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-03 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-08-06 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-06 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-06 35160]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-05 497504]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-29 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-03 1481568]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-04 711000]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-07-30 134032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-08-12 6203296]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-21 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-17 1294136]
"mcagent_exe"=C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe [2009-05-01 645328]
"TrojanScanner"=C:\Program Files (x86)\Trojan Remover\Trjscan.exe [2014-04-13 1661856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 15:56:59 ----D---- C:\AdwCleaner
2014-04-13 12:48:20 ----D---- C:\ProgramData\Kaspersky Lab
2014-04-13 12:39:03 ----D---- C:\Users\Cody\AppData\Roaming\Simply Super Software
2014-04-13 12:38:48 ----D---- C:\ProgramData\Simply Super Software
2014-04-13 12:38:48 ----D---- C:\Program Files (x86)\Trojan Remover
2014-04-13 12:30:56 ----D---- C:\rsit
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 12:18:53 ----A---- C:\Windows\ntbtlog.txt
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 16:23:11 ----D---- C:\Windows\Temp
2014-04-13 16:17:07 ----D---- C:\Windows\System32
2014-04-13 16:17:07 ----D---- C:\Windows\inf
2014-04-13 16:17:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 16:12:19 ----HD---- C:\ProgramData
2014-04-13 16:11:20 ----D---- C:\Windows\system32\wdi
2014-04-13 15:31:41 ----D---- C:\Windows\Prefetch
2014-04-13 15:28:30 ----D---- C:\Windows\system32\drivers
2014-04-13 13:03:23 ----SHD---- C:\Windows\Installer
2014-04-13 12:55:53 ----RD---- C:\Program Files (x86)
2014-04-13 12:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-13 12:50:09 ----D---- C:\Windows\Tasks
2014-04-13 12:50:09 ----D---- C:\Windows\system32\Tasks
2014-04-13 12:50:03 ----D---- C:\Program Files (x86)\Google
2014-04-13 12:30:56 ----RD---- C:\Program Files
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 12:26:30 ----D---- C:\Program Files (x86)\McAfee
2014-04-13 12:18:53 ----D---- C:\Windows
2014-04-13 11:16:30 ----SD---- C:\ProgramData\Microsoft
2014-04-13 02:20:21 ----D---- C:\ProgramData\McAfee
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:18:01 ----D---- C:\Windows\rescache
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:16:37 ----D---- C:\Windows\debug
2014-04-13 02:16:30 ----D---- C:\Windows\system32\catroot2
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:47 ----D---- C:\Windows\Panther
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:08:50 ----D---- C:\Windows\system32\config
2014-04-13 02:06:31 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:26 ----D---- C:\Windows\system32\catroot
2014-04-13 02:06:23 ----D---- C:\Windows\SysWOW64
2014-04-13 02:06:18 ----D---- C:\Windows\Logs
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 02:02:44 ----D---- C:\Windows\winsxs
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
2014-04-13 01:48:21 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-05-13 307400]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-04-09 176144]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-05-13 49480]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-05-13 102600]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-05-13 40904]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 mcmscsvc;McAfee Services; C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2009-05-01 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe [2009-04-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-04-09 359952]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [2009-05-08 893112]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [2009-04-09 26640]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [2009-05-08 606736]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-05-13 153920]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-05-08 696848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Doporučuji odinstalovat TrojanScanner.
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Google\GoogleToolbarNotifier
C:\Program Files (x86)\Google\Google Toolbar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Doporučuji odinstalovat TrojanScanner.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém
Logfile of random's system information tool 1.09 (written by random/random)
Run by Cody at 2014-04-13 18:53:07
Microsoft Windows 7 Home Premium
System drive C: has 216 GB (90%) free of 238 GB
Total RAM: 1913 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:12, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Cody\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10239 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
taskeng.exe {ABBA2D81-9138-4C55-ABE3-2A5F68F7ED1B}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000068c
taskeng.exe {D5A600AF-E841-413B-8100-153E7FD3E9CE}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\04132014_184638.log
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Users\Cody\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3512.0.1920847094\1006726099" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.1883 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3512.2.2090620894\184026258" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3512.4.558366832\696064074" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
wmiadap.exe /F /T /R
"C:\Users\Cody\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-04-13 346576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
{41564952-412D-5637-4300-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-13 1758160]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 18:46:38 ----D---- C:\_OTM
2014-04-13 18:00:58 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-04-13 18:00:58 ----A---- C:\Windows\system32\cabview.dll
2014-04-13 18:00:57 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-04-13 18:00:57 ----A---- C:\Windows\system32\rdpcore.dll
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-04-13 17:57:26 ----A---- C:\Windows\system32\ff_vfw.dll
2014-04-13 17:57:20 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2014-04-13 17:57:20 ----A---- C:\Windows\system32\lagarith.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\x264vfw64.dll
2014-04-13 17:57:18 ----A---- C:\Windows\SYSWOW64\unrar.dll
2014-04-13 17:57:18 ----A---- C:\Windows\system32\unrar64.dll
2014-04-13 17:57:13 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-04-13 17:57:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wups2.dll
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wuauclt.exe
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wucltux.dll
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wuaueng.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wups.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wudriver.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wuapi.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuapp.exe
2014-04-13 17:51:52 ----D---- C:\Program Files (x86)\VNT
2014-04-13 17:51:48 ----D---- C:\ProgramData\AskPartnerNetwork
2014-04-13 17:51:48 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2014-04-13 17:51:23 ----D---- C:\ProgramData\APN
2014-04-13 17:51:22 ----D---- C:\Users\Cody\AppData\Roaming\Avira
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2014-04-13 17:49:21 ----D---- C:\Program Files (x86)\Avira
2014-04-13 17:40:34 ----D---- C:\Users\Cody\AppData\Roaming\Nero
2014-04-13 17:36:28 ----D---- C:\Program Files (x86)\Nero
2014-04-13 17:36:21 ----D---- C:\ProgramData\Nero
2014-04-13 17:28:52 ----D---- C:\Program Files\Intel
2014-04-13 17:28:08 ----D---- C:\ProgramData\Package Cache
2014-04-13 17:19:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-04-13 17:19:22 ----D---- C:\Users\Cody\AppData\Roaming\WinBatch
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\system32\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\dfshim.dll
2014-04-13 17:13:03 ----D---- C:\ProgramData\Avira
2014-04-13 17:13:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-04-13 17:12:43 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-04-13 17:12:26 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-04-13 17:12:07 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-04-13 17:11:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.ini
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.exe
2014-04-13 16:55:22 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-13 16:54:54 ----D---- C:\Windows\PCHEALTH
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2014-04-13 16:54:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-13 16:52:32 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-13 16:52:04 ----D---- C:\Program Files\Microsoft Office
2014-04-13 16:51:30 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-04-13 16:50:58 ----RHD---- C:\MSOCache
2014-04-13 16:45:06 ----N---- C:\Windows\system32\MpSigStub.exe
2014-04-13 16:44:34 ----D---- C:\ProgramData\DriverGenius
2014-04-13 16:40:46 ----D---- C:\ProgramData\Ashampoo
2014-04-13 16:40:43 ----A---- C:\Windows\system32\DfSdkBt.exe
2014-04-13 16:40:35 ----D---- C:\Program Files (x86)\Ashampoo
2014-04-13 15:56:59 ----D---- C:\AdwCleaner
2014-04-13 12:48:20 ----D---- C:\ProgramData\Kaspersky Lab
2014-04-13 12:38:48 ----D---- C:\ProgramData\Simply Super Software
2014-04-13 12:30:56 ----D---- C:\rsit
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 18:53:12 ----D---- C:\Windows\Temp
2014-04-13 18:52:59 ----D---- C:\Windows\System32
2014-04-13 18:52:59 ----D---- C:\Windows\inf
2014-04-13 18:52:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 18:48:47 ----D---- C:\Windows
2014-04-13 18:47:02 ----D---- C:\Windows\system32\config
2014-04-13 18:46:39 ----D---- C:\Windows\Tasks
2014-04-13 18:46:39 ----D---- C:\Program Files (x86)\Google
2014-04-13 18:26:07 ----D---- C:\Windows\system32\catroot2
2014-04-13 18:24:39 ----RD---- C:\Program Files (x86)
2014-04-13 18:23:15 ----D---- C:\Windows\Microsoft.NET
2014-04-13 18:22:48 ----RSD---- C:\Windows\assembly
2014-04-13 18:05:00 ----D---- C:\Windows\winsxs
2014-04-13 18:02:42 ----D---- C:\Windows\system32\catroot
2014-04-13 18:02:32 ----D---- C:\Windows\SysWOW64
2014-04-13 18:02:32 ----D---- C:\Windows\system32\drivers
2014-04-13 18:02:32 ----D---- C:\Windows\system32\cs-CZ
2014-04-13 17:52:16 ----SHD---- C:\Windows\Installer
2014-04-13 17:51:48 ----HD---- C:\ProgramData
2014-04-13 17:43:25 ----D---- C:\Windows\Panther
2014-04-13 17:43:25 ----D---- C:\Windows\Logs
2014-04-13 17:43:25 ----D---- C:\Windows\debug
2014-04-13 17:40:09 ----D---- C:\Windows\Cursors
2014-04-13 17:40:06 ----D---- C:\Windows\system32\Tasks
2014-04-13 17:36:35 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 17:32:30 ----D---- C:\ProgramData\McAfee
2014-04-13 17:32:22 ----RD---- C:\Program Files
2014-04-13 17:32:22 ----D---- C:\Program Files\Common Files
2014-04-13 17:15:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-13 17:15:29 ----D---- C:\Windows\system32\en-US
2014-04-13 17:02:08 ----D---- C:\ProgramData\Microsoft Help
2014-04-13 16:56:11 ----RSD---- C:\Windows\Fonts
2014-04-13 16:55:57 ----D---- C:\Windows\ShellNew
2014-04-13 16:55:46 ----D---- C:\Program Files (x86)\MSBuild
2014-04-13 16:54:56 ----D---- C:\Program Files (x86)\Microsoft Office
2014-04-13 16:54:54 ----SD---- C:\ProgramData\Microsoft
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-13 16:53:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-13 16:52:12 ----A---- C:\Windows\win.ini
2014-04-13 16:34:45 ----D---- C:\Program Files (x86)\Microsoft Works
2014-04-13 16:31:55 ----D---- C:\Windows\system32\restore
2014-04-13 16:11:20 ----D---- C:\Windows\system32\wdi
2014-04-13 15:31:41 ----D---- C:\Windows\Prefetch
2014-04-13 12:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:18:01 ----D---- C:\Windows\rescache
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-09 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-09 108440]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2013-12-09 84720]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
-----------------EOF-----------------
Run by Cody at 2014-04-13 18:53:07
Microsoft Windows 7 Home Premium
System drive C: has 216 GB (90%) free of 238 GB
Total RAM: 1913 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:12, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Cody\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10239 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
taskeng.exe {ABBA2D81-9138-4C55-ABE3-2A5F68F7ED1B}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000068c
taskeng.exe {D5A600AF-E841-413B-8100-153E7FD3E9CE}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\04132014_184638.log
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Users\Cody\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3512.0.1920847094\1006726099" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.1883 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3512.2.2090620894\184026258" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3512.4.558366832\696064074" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
wmiadap.exe /F /T /R
"C:\Users\Cody\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-04-13 346576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
{41564952-412D-5637-4300-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-13 1758160]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 18:46:38 ----D---- C:\_OTM
2014-04-13 18:00:58 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-04-13 18:00:58 ----A---- C:\Windows\system32\cabview.dll
2014-04-13 18:00:57 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-04-13 18:00:57 ----A---- C:\Windows\system32\rdpcore.dll
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-04-13 17:57:26 ----A---- C:\Windows\system32\ff_vfw.dll
2014-04-13 17:57:20 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2014-04-13 17:57:20 ----A---- C:\Windows\system32\lagarith.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\x264vfw64.dll
2014-04-13 17:57:18 ----A---- C:\Windows\SYSWOW64\unrar.dll
2014-04-13 17:57:18 ----A---- C:\Windows\system32\unrar64.dll
2014-04-13 17:57:13 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-04-13 17:57:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wups2.dll
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wuauclt.exe
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wucltux.dll
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wuaueng.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wups.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wudriver.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wuapi.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuapp.exe
2014-04-13 17:51:52 ----D---- C:\Program Files (x86)\VNT
2014-04-13 17:51:48 ----D---- C:\ProgramData\AskPartnerNetwork
2014-04-13 17:51:48 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2014-04-13 17:51:23 ----D---- C:\ProgramData\APN
2014-04-13 17:51:22 ----D---- C:\Users\Cody\AppData\Roaming\Avira
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2014-04-13 17:49:21 ----D---- C:\Program Files (x86)\Avira
2014-04-13 17:40:34 ----D---- C:\Users\Cody\AppData\Roaming\Nero
2014-04-13 17:36:28 ----D---- C:\Program Files (x86)\Nero
2014-04-13 17:36:21 ----D---- C:\ProgramData\Nero
2014-04-13 17:28:52 ----D---- C:\Program Files\Intel
2014-04-13 17:28:08 ----D---- C:\ProgramData\Package Cache
2014-04-13 17:19:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-04-13 17:19:22 ----D---- C:\Users\Cody\AppData\Roaming\WinBatch
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\system32\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\dfshim.dll
2014-04-13 17:13:03 ----D---- C:\ProgramData\Avira
2014-04-13 17:13:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-04-13 17:12:43 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-04-13 17:12:26 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-04-13 17:12:07 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-04-13 17:11:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.ini
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.exe
2014-04-13 16:55:22 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-13 16:54:54 ----D---- C:\Windows\PCHEALTH
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2014-04-13 16:54:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-13 16:52:32 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-13 16:52:04 ----D---- C:\Program Files\Microsoft Office
2014-04-13 16:51:30 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-04-13 16:50:58 ----RHD---- C:\MSOCache
2014-04-13 16:45:06 ----N---- C:\Windows\system32\MpSigStub.exe
2014-04-13 16:44:34 ----D---- C:\ProgramData\DriverGenius
2014-04-13 16:40:46 ----D---- C:\ProgramData\Ashampoo
2014-04-13 16:40:43 ----A---- C:\Windows\system32\DfSdkBt.exe
2014-04-13 16:40:35 ----D---- C:\Program Files (x86)\Ashampoo
2014-04-13 15:56:59 ----D---- C:\AdwCleaner
2014-04-13 12:48:20 ----D---- C:\ProgramData\Kaspersky Lab
2014-04-13 12:38:48 ----D---- C:\ProgramData\Simply Super Software
2014-04-13 12:30:56 ----D---- C:\rsit
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 18:53:12 ----D---- C:\Windows\Temp
2014-04-13 18:52:59 ----D---- C:\Windows\System32
2014-04-13 18:52:59 ----D---- C:\Windows\inf
2014-04-13 18:52:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 18:48:47 ----D---- C:\Windows
2014-04-13 18:47:02 ----D---- C:\Windows\system32\config
2014-04-13 18:46:39 ----D---- C:\Windows\Tasks
2014-04-13 18:46:39 ----D---- C:\Program Files (x86)\Google
2014-04-13 18:26:07 ----D---- C:\Windows\system32\catroot2
2014-04-13 18:24:39 ----RD---- C:\Program Files (x86)
2014-04-13 18:23:15 ----D---- C:\Windows\Microsoft.NET
2014-04-13 18:22:48 ----RSD---- C:\Windows\assembly
2014-04-13 18:05:00 ----D---- C:\Windows\winsxs
2014-04-13 18:02:42 ----D---- C:\Windows\system32\catroot
2014-04-13 18:02:32 ----D---- C:\Windows\SysWOW64
2014-04-13 18:02:32 ----D---- C:\Windows\system32\drivers
2014-04-13 18:02:32 ----D---- C:\Windows\system32\cs-CZ
2014-04-13 17:52:16 ----SHD---- C:\Windows\Installer
2014-04-13 17:51:48 ----HD---- C:\ProgramData
2014-04-13 17:43:25 ----D---- C:\Windows\Panther
2014-04-13 17:43:25 ----D---- C:\Windows\Logs
2014-04-13 17:43:25 ----D---- C:\Windows\debug
2014-04-13 17:40:09 ----D---- C:\Windows\Cursors
2014-04-13 17:40:06 ----D---- C:\Windows\system32\Tasks
2014-04-13 17:36:35 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 17:32:30 ----D---- C:\ProgramData\McAfee
2014-04-13 17:32:22 ----RD---- C:\Program Files
2014-04-13 17:32:22 ----D---- C:\Program Files\Common Files
2014-04-13 17:15:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-13 17:15:29 ----D---- C:\Windows\system32\en-US
2014-04-13 17:02:08 ----D---- C:\ProgramData\Microsoft Help
2014-04-13 16:56:11 ----RSD---- C:\Windows\Fonts
2014-04-13 16:55:57 ----D---- C:\Windows\ShellNew
2014-04-13 16:55:46 ----D---- C:\Program Files (x86)\MSBuild
2014-04-13 16:54:56 ----D---- C:\Program Files (x86)\Microsoft Office
2014-04-13 16:54:54 ----SD---- C:\ProgramData\Microsoft
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-13 16:53:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-13 16:52:12 ----A---- C:\Windows\win.ini
2014-04-13 16:34:45 ----D---- C:\Program Files (x86)\Microsoft Works
2014-04-13 16:31:55 ----D---- C:\Windows\system32\restore
2014-04-13 16:11:20 ----D---- C:\Windows\system32\wdi
2014-04-13 15:31:41 ----D---- C:\Windows\Prefetch
2014-04-13 12:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:18:01 ----D---- C:\Windows\rescache
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-09 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-09 108440]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2013-12-09 84720]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém
Většina položek nebyla smazána. Zkuste to znovu se stejným skriptem a před skenem vypněte antivir.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém
Logfile of random's system information tool 1.09 (written by random/random)
Run by Cody at 2014-04-13 19:37:38
Microsoft Windows 7 Home Premium
System drive C: has 215 GB (90%) free of 238 GB
Total RAM: 1913 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:37:56, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Cody\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10251 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
taskeng.exe {55187AD2-836A-4762-9B4E-027D53A56985}
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000654
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Users\Cody\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3128.0.1000948891\138178640" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.1883 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3128.1.719373906\779939958" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3128.2.154765342\85454516" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3128.3.1704050594\1745647455" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3128.4.217447611\1619582251" /prefetch:673131151
"C:\Users\Cody\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-04-13 346576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
{41564952-412D-5637-4300-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-13 1758160]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 18:46:38 ----D---- C:\_OTM
2014-04-13 18:00:58 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-04-13 18:00:58 ----A---- C:\Windows\system32\cabview.dll
2014-04-13 18:00:57 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-04-13 18:00:57 ----A---- C:\Windows\system32\rdpcore.dll
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-04-13 17:57:26 ----A---- C:\Windows\system32\ff_vfw.dll
2014-04-13 17:57:20 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2014-04-13 17:57:20 ----A---- C:\Windows\system32\lagarith.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\x264vfw64.dll
2014-04-13 17:57:18 ----A---- C:\Windows\SYSWOW64\unrar.dll
2014-04-13 17:57:18 ----A---- C:\Windows\system32\unrar64.dll
2014-04-13 17:57:13 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-04-13 17:57:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wups2.dll
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wuauclt.exe
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wucltux.dll
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wuaueng.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wups.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wudriver.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wuapi.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuapp.exe
2014-04-13 17:51:52 ----D---- C:\Program Files (x86)\VNT
2014-04-13 17:51:48 ----D---- C:\ProgramData\AskPartnerNetwork
2014-04-13 17:51:48 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2014-04-13 17:51:23 ----D---- C:\ProgramData\APN
2014-04-13 17:51:22 ----D---- C:\Users\Cody\AppData\Roaming\Avira
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2014-04-13 17:49:21 ----D---- C:\Program Files (x86)\Avira
2014-04-13 17:40:34 ----D---- C:\Users\Cody\AppData\Roaming\Nero
2014-04-13 17:36:28 ----D---- C:\Program Files (x86)\Nero
2014-04-13 17:36:21 ----D---- C:\ProgramData\Nero
2014-04-13 17:28:52 ----D---- C:\Program Files\Intel
2014-04-13 17:28:08 ----D---- C:\ProgramData\Package Cache
2014-04-13 17:19:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-04-13 17:19:22 ----D---- C:\Users\Cody\AppData\Roaming\WinBatch
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\system32\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\dfshim.dll
2014-04-13 17:13:03 ----D---- C:\ProgramData\Avira
2014-04-13 17:13:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-04-13 17:12:43 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-04-13 17:12:26 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-04-13 17:12:07 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-04-13 17:11:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.ini
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.exe
2014-04-13 16:55:22 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-13 16:54:54 ----D---- C:\Windows\PCHEALTH
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2014-04-13 16:54:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-13 16:52:32 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-13 16:52:04 ----D---- C:\Program Files\Microsoft Office
2014-04-13 16:51:30 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-04-13 16:50:58 ----RHD---- C:\MSOCache
2014-04-13 16:45:06 ----N---- C:\Windows\system32\MpSigStub.exe
2014-04-13 16:44:34 ----D---- C:\ProgramData\DriverGenius
2014-04-13 16:40:46 ----D---- C:\ProgramData\Ashampoo
2014-04-13 16:40:43 ----A---- C:\Windows\system32\DfSdkBt.exe
2014-04-13 16:40:35 ----D---- C:\Program Files (x86)\Ashampoo
2014-04-13 15:56:59 ----D---- C:\AdwCleaner
2014-04-13 12:48:20 ----D---- C:\ProgramData\Kaspersky Lab
2014-04-13 12:38:48 ----D---- C:\ProgramData\Simply Super Software
2014-04-13 12:30:56 ----D---- C:\rsit
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 19:37:55 ----D---- C:\Windows\Temp
2014-04-13 19:36:47 ----D---- C:\Windows\Microsoft.NET
2014-04-13 19:34:23 ----RSD---- C:\Windows\assembly
2014-04-13 19:28:24 ----D---- C:\Windows\System32
2014-04-13 19:28:24 ----D---- C:\Windows\inf
2014-04-13 19:28:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 19:24:47 ----D---- C:\Windows
2014-04-13 19:22:22 ----D---- C:\Windows\system32\config
2014-04-13 18:46:39 ----D---- C:\Windows\Tasks
2014-04-13 18:46:39 ----D---- C:\Program Files (x86)\Google
2014-04-13 18:26:07 ----D---- C:\Windows\system32\catroot2
2014-04-13 18:24:39 ----RD---- C:\Program Files (x86)
2014-04-13 18:05:00 ----D---- C:\Windows\winsxs
2014-04-13 18:02:42 ----D---- C:\Windows\system32\catroot
2014-04-13 18:02:32 ----D---- C:\Windows\SysWOW64
2014-04-13 18:02:32 ----D---- C:\Windows\system32\drivers
2014-04-13 18:02:32 ----D---- C:\Windows\system32\cs-CZ
2014-04-13 17:52:16 ----SHD---- C:\Windows\Installer
2014-04-13 17:51:48 ----HD---- C:\ProgramData
2014-04-13 17:43:25 ----D---- C:\Windows\Panther
2014-04-13 17:43:25 ----D---- C:\Windows\Logs
2014-04-13 17:43:25 ----D---- C:\Windows\debug
2014-04-13 17:40:09 ----D---- C:\Windows\Cursors
2014-04-13 17:40:06 ----D---- C:\Windows\system32\Tasks
2014-04-13 17:36:35 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 17:32:30 ----D---- C:\ProgramData\McAfee
2014-04-13 17:32:22 ----RD---- C:\Program Files
2014-04-13 17:32:22 ----D---- C:\Program Files\Common Files
2014-04-13 17:15:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-13 17:15:29 ----D---- C:\Windows\system32\en-US
2014-04-13 17:02:08 ----D---- C:\ProgramData\Microsoft Help
2014-04-13 16:56:11 ----RSD---- C:\Windows\Fonts
2014-04-13 16:55:57 ----D---- C:\Windows\ShellNew
2014-04-13 16:55:46 ----D---- C:\Program Files (x86)\MSBuild
2014-04-13 16:54:56 ----D---- C:\Program Files (x86)\Microsoft Office
2014-04-13 16:54:54 ----SD---- C:\ProgramData\Microsoft
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-13 16:53:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-13 16:52:12 ----A---- C:\Windows\win.ini
2014-04-13 16:34:45 ----D---- C:\Program Files (x86)\Microsoft Works
2014-04-13 16:31:55 ----D---- C:\Windows\system32\restore
2014-04-13 16:11:20 ----D---- C:\Windows\system32\wdi
2014-04-13 15:31:41 ----D---- C:\Windows\Prefetch
2014-04-13 12:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:18:01 ----D---- C:\Windows\rescache
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-09 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-09 108440]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2013-12-09 84720]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
-----------------EOF-----------------
Run by Cody at 2014-04-13 19:37:38
Microsoft Windows 7 Home Premium
System drive C: has 215 GB (90%) free of 238 GB
Total RAM: 1913 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:37:56, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Cody\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10251 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
taskeng.exe {55187AD2-836A-4762-9B4E-027D53A56985}
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000654
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Users\Cody\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3128.0.1000948891\138178640" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.1883 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3128.1.719373906\779939958" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3128.2.154765342\85454516" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3128.3.1704050594\1745647455" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3128.4.217447611\1619582251" /prefetch:673131151
"C:\Users\Cody\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-04-13 346576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
{41564952-412D-5637-4300-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-13 1758160]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 18:46:38 ----D---- C:\_OTM
2014-04-13 18:00:58 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-04-13 18:00:58 ----A---- C:\Windows\system32\cabview.dll
2014-04-13 18:00:57 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-04-13 18:00:57 ----A---- C:\Windows\system32\rdpcore.dll
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-04-13 17:57:26 ----A---- C:\Windows\system32\ff_vfw.dll
2014-04-13 17:57:20 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2014-04-13 17:57:20 ----A---- C:\Windows\system32\lagarith.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\x264vfw64.dll
2014-04-13 17:57:18 ----A---- C:\Windows\SYSWOW64\unrar.dll
2014-04-13 17:57:18 ----A---- C:\Windows\system32\unrar64.dll
2014-04-13 17:57:13 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-04-13 17:57:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wups2.dll
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wuauclt.exe
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wucltux.dll
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wuaueng.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wups.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wudriver.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wuapi.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuapp.exe
2014-04-13 17:51:52 ----D---- C:\Program Files (x86)\VNT
2014-04-13 17:51:48 ----D---- C:\ProgramData\AskPartnerNetwork
2014-04-13 17:51:48 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2014-04-13 17:51:23 ----D---- C:\ProgramData\APN
2014-04-13 17:51:22 ----D---- C:\Users\Cody\AppData\Roaming\Avira
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2014-04-13 17:49:21 ----D---- C:\Program Files (x86)\Avira
2014-04-13 17:40:34 ----D---- C:\Users\Cody\AppData\Roaming\Nero
2014-04-13 17:36:28 ----D---- C:\Program Files (x86)\Nero
2014-04-13 17:36:21 ----D---- C:\ProgramData\Nero
2014-04-13 17:28:52 ----D---- C:\Program Files\Intel
2014-04-13 17:28:08 ----D---- C:\ProgramData\Package Cache
2014-04-13 17:19:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-04-13 17:19:22 ----D---- C:\Users\Cody\AppData\Roaming\WinBatch
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\system32\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\dfshim.dll
2014-04-13 17:13:03 ----D---- C:\ProgramData\Avira
2014-04-13 17:13:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-04-13 17:12:43 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-04-13 17:12:26 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-04-13 17:12:07 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-04-13 17:11:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.ini
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.exe
2014-04-13 16:55:22 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-13 16:54:54 ----D---- C:\Windows\PCHEALTH
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2014-04-13 16:54:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-13 16:52:32 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-13 16:52:04 ----D---- C:\Program Files\Microsoft Office
2014-04-13 16:51:30 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-04-13 16:50:58 ----RHD---- C:\MSOCache
2014-04-13 16:45:06 ----N---- C:\Windows\system32\MpSigStub.exe
2014-04-13 16:44:34 ----D---- C:\ProgramData\DriverGenius
2014-04-13 16:40:46 ----D---- C:\ProgramData\Ashampoo
2014-04-13 16:40:43 ----A---- C:\Windows\system32\DfSdkBt.exe
2014-04-13 16:40:35 ----D---- C:\Program Files (x86)\Ashampoo
2014-04-13 15:56:59 ----D---- C:\AdwCleaner
2014-04-13 12:48:20 ----D---- C:\ProgramData\Kaspersky Lab
2014-04-13 12:38:48 ----D---- C:\ProgramData\Simply Super Software
2014-04-13 12:30:56 ----D---- C:\rsit
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 19:37:55 ----D---- C:\Windows\Temp
2014-04-13 19:36:47 ----D---- C:\Windows\Microsoft.NET
2014-04-13 19:34:23 ----RSD---- C:\Windows\assembly
2014-04-13 19:28:24 ----D---- C:\Windows\System32
2014-04-13 19:28:24 ----D---- C:\Windows\inf
2014-04-13 19:28:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 19:24:47 ----D---- C:\Windows
2014-04-13 19:22:22 ----D---- C:\Windows\system32\config
2014-04-13 18:46:39 ----D---- C:\Windows\Tasks
2014-04-13 18:46:39 ----D---- C:\Program Files (x86)\Google
2014-04-13 18:26:07 ----D---- C:\Windows\system32\catroot2
2014-04-13 18:24:39 ----RD---- C:\Program Files (x86)
2014-04-13 18:05:00 ----D---- C:\Windows\winsxs
2014-04-13 18:02:42 ----D---- C:\Windows\system32\catroot
2014-04-13 18:02:32 ----D---- C:\Windows\SysWOW64
2014-04-13 18:02:32 ----D---- C:\Windows\system32\drivers
2014-04-13 18:02:32 ----D---- C:\Windows\system32\cs-CZ
2014-04-13 17:52:16 ----SHD---- C:\Windows\Installer
2014-04-13 17:51:48 ----HD---- C:\ProgramData
2014-04-13 17:43:25 ----D---- C:\Windows\Panther
2014-04-13 17:43:25 ----D---- C:\Windows\Logs
2014-04-13 17:43:25 ----D---- C:\Windows\debug
2014-04-13 17:40:09 ----D---- C:\Windows\Cursors
2014-04-13 17:40:06 ----D---- C:\Windows\system32\Tasks
2014-04-13 17:36:35 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 17:32:30 ----D---- C:\ProgramData\McAfee
2014-04-13 17:32:22 ----RD---- C:\Program Files
2014-04-13 17:32:22 ----D---- C:\Program Files\Common Files
2014-04-13 17:15:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-13 17:15:29 ----D---- C:\Windows\system32\en-US
2014-04-13 17:02:08 ----D---- C:\ProgramData\Microsoft Help
2014-04-13 16:56:11 ----RSD---- C:\Windows\Fonts
2014-04-13 16:55:57 ----D---- C:\Windows\ShellNew
2014-04-13 16:55:46 ----D---- C:\Program Files (x86)\MSBuild
2014-04-13 16:54:56 ----D---- C:\Program Files (x86)\Microsoft Office
2014-04-13 16:54:54 ----SD---- C:\ProgramData\Microsoft
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-13 16:53:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-13 16:52:12 ----A---- C:\Windows\win.ini
2014-04-13 16:34:45 ----D---- C:\Program Files (x86)\Microsoft Works
2014-04-13 16:31:55 ----D---- C:\Windows\system32\restore
2014-04-13 16:11:20 ----D---- C:\Windows\system32\wdi
2014-04-13 15:31:41 ----D---- C:\Windows\Prefetch
2014-04-13 12:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:18:01 ----D---- C:\Windows\rescache
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-09 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-09 108440]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2013-12-09 84720]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém
Dvouklikem na soubor C:\Program Files\trend micro\Cody.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém
Logfile of random's system information tool 1.09 (written by random/random)
Run by Cody at 2014-04-13 21:49:49
Microsoft Windows 7 Home Premium
System drive C: has 212 GB (89%) free of 238 GB
Total RAM: 1913 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:49:51, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Cody\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9890 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
taskeng.exe {116DE2F7-669D-402E-880C-F5615E35EE18}
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000069c
taskeng.exe {18555A8D-8FF7-4A45-8592-498AC782AF37}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Users\Cody\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3876.0.1840029514\1119721571" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.1883 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3876.2.815185590\1954485320" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3876.4.1903984366\1715463244" /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Cody\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-04-13 346576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
{41564952-412D-5637-4300-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 21:49:49 ----D---- C:\rsit
2014-04-13 21:30:49 ----D---- C:\Program Files (x86)\Trend Micro
2014-04-13 18:00:58 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-04-13 18:00:58 ----A---- C:\Windows\system32\cabview.dll
2014-04-13 18:00:57 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-04-13 18:00:57 ----A---- C:\Windows\system32\rdpcore.dll
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-04-13 17:57:26 ----A---- C:\Windows\system32\ff_vfw.dll
2014-04-13 17:57:20 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2014-04-13 17:57:20 ----A---- C:\Windows\system32\lagarith.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\x264vfw64.dll
2014-04-13 17:57:18 ----A---- C:\Windows\SYSWOW64\unrar.dll
2014-04-13 17:57:18 ----A---- C:\Windows\system32\unrar64.dll
2014-04-13 17:57:13 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-04-13 17:57:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wups2.dll
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wuauclt.exe
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wucltux.dll
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wuaueng.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wups.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wudriver.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wuapi.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuapp.exe
2014-04-13 17:51:52 ----D---- C:\Program Files (x86)\VNT
2014-04-13 17:51:48 ----D---- C:\ProgramData\AskPartnerNetwork
2014-04-13 17:51:48 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2014-04-13 17:51:23 ----D---- C:\ProgramData\APN
2014-04-13 17:51:22 ----D---- C:\Users\Cody\AppData\Roaming\Avira
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2014-04-13 17:49:21 ----D---- C:\Program Files (x86)\Avira
2014-04-13 17:40:34 ----D---- C:\Users\Cody\AppData\Roaming\Nero
2014-04-13 17:36:28 ----D---- C:\Program Files (x86)\Nero
2014-04-13 17:36:21 ----D---- C:\ProgramData\Nero
2014-04-13 17:28:52 ----D---- C:\Program Files\Intel
2014-04-13 17:28:08 ----D---- C:\ProgramData\Package Cache
2014-04-13 17:19:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-04-13 17:19:22 ----D---- C:\Users\Cody\AppData\Roaming\WinBatch
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\system32\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\dfshim.dll
2014-04-13 17:13:03 ----D---- C:\ProgramData\Avira
2014-04-13 17:13:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-04-13 17:12:43 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-04-13 17:12:26 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-04-13 17:12:07 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-04-13 17:11:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.ini
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.exe
2014-04-13 16:55:22 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-13 16:54:54 ----D---- C:\Windows\PCHEALTH
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2014-04-13 16:54:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-13 16:52:32 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-13 16:52:04 ----D---- C:\Program Files\Microsoft Office
2014-04-13 16:51:30 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-04-13 16:50:58 ----RHD---- C:\MSOCache
2014-04-13 16:45:06 ----N---- C:\Windows\system32\MpSigStub.exe
2014-04-13 16:44:34 ----D---- C:\ProgramData\DriverGenius
2014-04-13 16:40:46 ----D---- C:\ProgramData\Ashampoo
2014-04-13 16:40:43 ----A---- C:\Windows\system32\DfSdkBt.exe
2014-04-13 16:40:35 ----D---- C:\Program Files (x86)\Ashampoo
2014-04-13 15:56:59 ----D---- C:\AdwCleaner
2014-04-13 12:48:20 ----D---- C:\ProgramData\Kaspersky Lab
2014-04-13 12:38:48 ----D---- C:\ProgramData\Simply Super Software
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 21:49:50 ----D---- C:\Windows\Temp
2014-04-13 21:40:07 ----D---- C:\Windows\System32
2014-04-13 21:40:07 ----D---- C:\Windows\inf
2014-04-13 21:40:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 21:39:21 ----D---- C:\Windows\system32\config
2014-04-13 21:36:34 ----D---- C:\Windows
2014-04-13 21:30:49 ----SHD---- C:\Windows\Installer
2014-04-13 21:30:49 ----RD---- C:\Program Files (x86)
2014-04-13 20:54:23 ----D---- C:\Windows\rescache
2014-04-13 20:11:17 ----RSD---- C:\Windows\assembly
2014-04-13 20:11:17 ----D---- C:\Windows\Microsoft.NET
2014-04-13 18:46:39 ----D---- C:\Windows\Tasks
2014-04-13 18:46:39 ----D---- C:\Program Files (x86)\Google
2014-04-13 18:26:07 ----D---- C:\Windows\system32\catroot2
2014-04-13 18:05:00 ----D---- C:\Windows\winsxs
2014-04-13 18:02:42 ----D---- C:\Windows\system32\catroot
2014-04-13 18:02:32 ----D---- C:\Windows\SysWOW64
2014-04-13 18:02:32 ----D---- C:\Windows\system32\drivers
2014-04-13 18:02:32 ----D---- C:\Windows\system32\cs-CZ
2014-04-13 17:51:48 ----HD---- C:\ProgramData
2014-04-13 17:43:25 ----D---- C:\Windows\Panther
2014-04-13 17:43:25 ----D---- C:\Windows\Logs
2014-04-13 17:43:25 ----D---- C:\Windows\debug
2014-04-13 17:40:09 ----D---- C:\Windows\Cursors
2014-04-13 17:40:06 ----D---- C:\Windows\system32\Tasks
2014-04-13 17:36:35 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 17:32:30 ----D---- C:\ProgramData\McAfee
2014-04-13 17:32:22 ----RD---- C:\Program Files
2014-04-13 17:32:22 ----D---- C:\Program Files\Common Files
2014-04-13 17:15:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-13 17:15:29 ----D---- C:\Windows\system32\en-US
2014-04-13 17:02:08 ----D---- C:\ProgramData\Microsoft Help
2014-04-13 16:56:11 ----RSD---- C:\Windows\Fonts
2014-04-13 16:55:57 ----D---- C:\Windows\ShellNew
2014-04-13 16:55:46 ----D---- C:\Program Files (x86)\MSBuild
2014-04-13 16:54:56 ----D---- C:\Program Files (x86)\Microsoft Office
2014-04-13 16:54:54 ----SD---- C:\ProgramData\Microsoft
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-13 16:53:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-13 16:52:12 ----A---- C:\Windows\win.ini
2014-04-13 16:34:45 ----D---- C:\Program Files (x86)\Microsoft Works
2014-04-13 16:31:55 ----D---- C:\Windows\system32\restore
2014-04-13 16:11:20 ----D---- C:\Windows\system32\wdi
2014-04-13 15:31:41 ----D---- C:\Windows\Prefetch
2014-04-13 12:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-09 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-09 108440]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2013-12-09 84720]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
-----------------EOF-----------------
mimochodem mi ten HJT vyhodil hlášku, kterou jsem přepsal zde:
For some reason your system denied write access to the Host file.If any hijackthis domains are in this file,
Hijackthis may NOT be able to fix this.
If that happens, you need to edit the file yourself. To do this, click Start, Run and type:
notepad C:\Windows\System32\drivers\etc\hosts
and press Enter. Find the(s) HijackThis reports and delete them.
Save the file as'host.' (with quotes), and reboot.
For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as administrator'.
píšu to sem jelikož tenhle soubor jsem měl právě infikovaný win32 trojan/ hosts2.gen (to jen tak, kdyby pomohlo)
Run by Cody at 2014-04-13 21:49:49
Microsoft Windows 7 Home Premium
System drive C: has 212 GB (89%) free of 238 GB
Total RAM: 1913 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:49:51, on 13.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Cody\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Cody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9890 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
taskeng.exe {116DE2F7-669D-402E-880C-F5615E35EE18}
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000069c
taskeng.exe {18555A8D-8FF7-4A45-8592-498AC782AF37}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Users\Cody\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3876.0.1840029514\1119721571" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,28 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.1883 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3876.2.815185590\1954485320" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group5 pct:10e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_42/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --disable-accelerated-video-decode --enable-software-compositing --channel="3876.4.1903984366\1715463244" /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Cody\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-04-13 346576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []
{41564952-412D-5637-4300-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-09 684600]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-04-13 21:49:49 ----D---- C:\rsit
2014-04-13 21:30:49 ----D---- C:\Program Files (x86)\Trend Micro
2014-04-13 18:00:58 ----A---- C:\Windows\SYSWOW64\cabview.dll
2014-04-13 18:00:58 ----A---- C:\Windows\system32\cabview.dll
2014-04-13 18:00:57 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-04-13 18:00:57 ----A---- C:\Windows\system32\rdpcore.dll
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-04-13 18:00:56 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-04-13 17:57:26 ----A---- C:\Windows\system32\ff_vfw.dll
2014-04-13 17:57:20 ----A---- C:\Windows\SYSWOW64\lagarith.dll
2014-04-13 17:57:20 ----A---- C:\Windows\system32\lagarith.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\SYSWOW64\x264vfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidvfw.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\xvidcore.dll
2014-04-13 17:57:19 ----A---- C:\Windows\system32\x264vfw64.dll
2014-04-13 17:57:18 ----A---- C:\Windows\SYSWOW64\unrar.dll
2014-04-13 17:57:18 ----A---- C:\Windows\system32\unrar64.dll
2014-04-13 17:57:13 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-04-13 17:57:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wups2.dll
2014-04-13 17:54:54 ----A---- C:\Windows\system32\wuauclt.exe
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wucltux.dll
2014-04-13 17:54:53 ----A---- C:\Windows\system32\wuaueng.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wups.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wudriver.dll
2014-04-13 17:54:32 ----A---- C:\Windows\system32\wuapi.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-04-13 17:54:18 ----A---- C:\Windows\system32\wuapp.exe
2014-04-13 17:51:52 ----D---- C:\Program Files (x86)\VNT
2014-04-13 17:51:48 ----D---- C:\ProgramData\AskPartnerNetwork
2014-04-13 17:51:48 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2014-04-13 17:51:23 ----D---- C:\ProgramData\APN
2014-04-13 17:51:22 ----D---- C:\Users\Cody\AppData\Roaming\Avira
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avipbb.sys
2014-04-13 17:49:24 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2014-04-13 17:49:21 ----D---- C:\Program Files (x86)\Avira
2014-04-13 17:40:34 ----D---- C:\Users\Cody\AppData\Roaming\Nero
2014-04-13 17:36:28 ----D---- C:\Program Files (x86)\Nero
2014-04-13 17:36:21 ----D---- C:\ProgramData\Nero
2014-04-13 17:28:52 ----D---- C:\Program Files\Intel
2014-04-13 17:28:08 ----D---- C:\ProgramData\Package Cache
2014-04-13 17:19:27 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-04-13 17:19:22 ----D---- C:\Users\Cody\AppData\Roaming\WinBatch
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\PresentationHost.exe
2014-04-13 17:14:17 ----A---- C:\Windows\system32\netfxperf.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\mscoree.dll
2014-04-13 17:14:17 ----A---- C:\Windows\system32\dfshim.dll
2014-04-13 17:13:03 ----D---- C:\ProgramData\Avira
2014-04-13 17:13:03 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-04-13 17:12:43 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-04-13 17:12:26 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-04-13 17:12:07 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-04-13 17:11:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.ini
2014-04-13 17:05:27 ----A---- C:\Windows\AutoKMS.exe
2014-04-13 16:55:22 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-04-13 16:54:54 ----D---- C:\Windows\PCHEALTH
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2014-04-13 16:54:51 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-13 16:52:32 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-13 16:52:04 ----D---- C:\Program Files\Microsoft Office
2014-04-13 16:51:30 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-04-13 16:50:58 ----RHD---- C:\MSOCache
2014-04-13 16:45:06 ----N---- C:\Windows\system32\MpSigStub.exe
2014-04-13 16:44:34 ----D---- C:\ProgramData\DriverGenius
2014-04-13 16:40:46 ----D---- C:\ProgramData\Ashampoo
2014-04-13 16:40:43 ----A---- C:\Windows\system32\DfSdkBt.exe
2014-04-13 16:40:35 ----D---- C:\Program Files (x86)\Ashampoo
2014-04-13 15:56:59 ----D---- C:\AdwCleaner
2014-04-13 12:48:20 ----D---- C:\ProgramData\Kaspersky Lab
2014-04-13 12:38:48 ----D---- C:\ProgramData\Simply Super Software
2014-04-13 12:30:56 ----D---- C:\Program Files\trend micro
2014-04-13 12:27:31 ----D---- C:\Users\Cody\AppData\Roaming\Google
2014-04-13 02:21:28 ----D---- C:\Users\Cody\AppData\Roaming\Toshiba
2014-04-13 02:19:53 ----D---- C:\Users\Cody\AppData\Roaming\Identities
2014-04-13 02:17:27 ----D---- C:\ProgramData\ToshibaEurope
2014-04-13 02:17:08 ----SD---- C:\Users\Cody\AppData\Roaming\Microsoft
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Media Center Programs
2014-04-13 02:17:08 ----D---- C:\Users\Cody\AppData\Roaming\Macromedia
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Šablony
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Plocha
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Oblíbené položky
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Nabídka Start
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Dokumenty
2014-04-13 02:16:55 ----SHD---- C:\ProgramData\Data aplikací
2014-04-13 02:08:59 ----AD---- C:\Windows\OemDrv
2014-04-13 02:06:44 ----A---- C:\Windows\NDSTray.INI
2014-04-13 02:06:24 ----A---- C:\Windows\system32\drivers\tos_sps64.sys
2014-04-13 02:06:19 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-04-13 02:00:53 ----D---- C:\ProgramData\TOSHIBA
2014-04-13 01:59:51 ----A---- C:\Windows\system32\drivers\PGEffect.sys
2014-04-13 01:58:45 ----D---- C:\Program Files\Synaptics
2014-04-13 01:57:51 ----D---- C:\Windows\SYSWOW64\TSFM
2014-04-13 01:55:54 ----A---- C:\Windows\system32\RTSUSTORicon.dll
2014-04-13 01:52:02 ----A---- C:\Windows\system32\drivers\RTL8187B.sys
2014-04-13 01:52:01 ----D---- C:\Program Files (x86)\Realtek WLAN Driver
2014-04-13 01:50:52 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-04-13 01:50:52 ----D---- C:\Program Files\Realtek
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX1.dat
2014-04-13 01:50:37 ----A---- C:\Windows\system32\drivers\RTEQEX0.dat
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\SRSHP64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RtkApi64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RTCOM64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\RCoInst64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\FMAPO64.dll
2014-04-13 01:50:33 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-04-13 01:50:32 ----HD---- C:\Program Files (x86)\Temp
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAR64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\system32\AERTAC64.dll
2014-04-13 01:50:32 ----A---- C:\Windows\RtlExUpd.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\TSCI.dll
2014-04-13 01:43:14 ----A---- C:\Windows\SYSWOW64\THCI.dll
2014-04-13 01:37:51 ----D---- C:\Windows\SoftwareDistribution
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\x64
2014-04-13 01:36:35 ----D---- C:\Windows\SYSWOW64\Lang
2014-04-13 01:36:31 ----A---- C:\Windows\SYSWOW64\igxpun.exe
2014-04-13 01:36:30 ----D---- C:\Intel
2014-04-13 01:35:57 ----SHD---- C:\$RECYCLE.BIN
2014-04-13 01:31:24 ----SHD---- C:\System Volume Information
2014-04-13 01:31:24 ----ASH---- C:\pagefile.sys
2014-04-13 01:31:24 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 month======
2014-04-13 21:49:50 ----D---- C:\Windows\Temp
2014-04-13 21:40:07 ----D---- C:\Windows\System32
2014-04-13 21:40:07 ----D---- C:\Windows\inf
2014-04-13 21:40:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-13 21:39:21 ----D---- C:\Windows\system32\config
2014-04-13 21:36:34 ----D---- C:\Windows
2014-04-13 21:30:49 ----SHD---- C:\Windows\Installer
2014-04-13 21:30:49 ----RD---- C:\Program Files (x86)
2014-04-13 20:54:23 ----D---- C:\Windows\rescache
2014-04-13 20:11:17 ----RSD---- C:\Windows\assembly
2014-04-13 20:11:17 ----D---- C:\Windows\Microsoft.NET
2014-04-13 18:46:39 ----D---- C:\Windows\Tasks
2014-04-13 18:46:39 ----D---- C:\Program Files (x86)\Google
2014-04-13 18:26:07 ----D---- C:\Windows\system32\catroot2
2014-04-13 18:05:00 ----D---- C:\Windows\winsxs
2014-04-13 18:02:42 ----D---- C:\Windows\system32\catroot
2014-04-13 18:02:32 ----D---- C:\Windows\SysWOW64
2014-04-13 18:02:32 ----D---- C:\Windows\system32\drivers
2014-04-13 18:02:32 ----D---- C:\Windows\system32\cs-CZ
2014-04-13 17:51:48 ----HD---- C:\ProgramData
2014-04-13 17:43:25 ----D---- C:\Windows\Panther
2014-04-13 17:43:25 ----D---- C:\Windows\Logs
2014-04-13 17:43:25 ----D---- C:\Windows\debug
2014-04-13 17:40:09 ----D---- C:\Windows\Cursors
2014-04-13 17:40:06 ----D---- C:\Windows\system32\Tasks
2014-04-13 17:36:35 ----D---- C:\Program Files (x86)\Common Files
2014-04-13 17:32:30 ----D---- C:\ProgramData\McAfee
2014-04-13 17:32:22 ----RD---- C:\Program Files
2014-04-13 17:32:22 ----D---- C:\Program Files\Common Files
2014-04-13 17:15:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-13 17:15:29 ----D---- C:\Windows\system32\en-US
2014-04-13 17:02:08 ----D---- C:\ProgramData\Microsoft Help
2014-04-13 16:56:11 ----RSD---- C:\Windows\Fonts
2014-04-13 16:55:57 ----D---- C:\Windows\ShellNew
2014-04-13 16:55:46 ----D---- C:\Program Files (x86)\MSBuild
2014-04-13 16:54:56 ----D---- C:\Program Files (x86)\Microsoft Office
2014-04-13 16:54:54 ----SD---- C:\ProgramData\Microsoft
2014-04-13 16:54:54 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-04-13 16:53:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-13 16:52:12 ----A---- C:\Windows\win.ini
2014-04-13 16:34:45 ----D---- C:\Program Files (x86)\Microsoft Works
2014-04-13 16:31:55 ----D---- C:\Windows\system32\restore
2014-04-13 16:11:20 ----D---- C:\Windows\system32\wdi
2014-04-13 15:31:41 ----D---- C:\Windows\Prefetch
2014-04-13 12:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-13 12:27:22 ----D---- C:\Windows\system32\LogFiles
2014-04-13 02:19:46 ----D---- C:\Toshiba
2014-04-13 02:17:07 ----RD---- C:\Users
2014-04-13 02:16:55 ----D---- C:\Program Files\Windows NT
2014-04-13 02:11:06 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-13 02:09:47 ----D---- C:\Windows\system32\sysprep
2014-04-13 02:09:28 ----D---- C:\Windows\SYSWOW64\sysprep
2014-04-13 02:06:26 ----D---- C:\Windows\system32\DriverStore
2014-04-13 02:06:15 ----D---- C:\Program Files (x86)\TOSHIBA
2014-04-13 02:06:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 02:04:38 ----D---- C:\Program Files\TOSHIBA
2014-04-13 02:04:34 ----D---- C:\Windows\Downloaded Installations
2014-04-13 01:55:36 ----D---- C:\Program Files (x86)\Realtek
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-09 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-09 28600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-09 108440]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2013-12-09 84720]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-08-20 446976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-09 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-09 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-09 1011768]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-13 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
-----------------EOF-----------------
mimochodem mi ten HJT vyhodil hlášku, kterou jsem přepsal zde:
For some reason your system denied write access to the Host file.If any hijackthis domains are in this file,
Hijackthis may NOT be able to fix this.
If that happens, you need to edit the file yourself. To do this, click Start, Run and type:
notepad C:\Windows\System32\drivers\etc\hosts
and press Enter. Find the(s) HijackThis reports and delete them.
Save the file as'host.' (with quotes), and reboot.
For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as administrator'.
píšu to sem jelikož tenhle soubor jsem měl právě infikovaný win32 trojan/ hosts2.gen (to jen tak, kdyby pomohlo)
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém
Hosts soubor je systémový. Je to de facto texťák, takže nemůže být infikovaný.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém
pravdu máte, ten infikovaný měl příponu .bak
znamená to, že jsme vyřízení? Žádná další akce, log či něco jiného?
znamená to, že jsme vyřízení? Žádná další akce, log či něco jiného?
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém
Pokud AV již nic nehlásí, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?