Logfile of random's system information tool 1.08 (written by random/random)
Run by Jan Havránek at 2011-04-16 11:34:09
Microsoft Windows 7 Home Premium
System drive C: has 128 GB (27%) free of 466 GB
Total RAM: 4055 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:34:18, on 16.4.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Miranda IM\miranda32.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jan Havránek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~2\SEARCH~1\SEARCH~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Users\Jan Havránek\AppData\Local\Browser Plugin\BHO.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\SPEEDB~1\Toolbar\grabber.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.872
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jan Havránek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files (x86)\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14525 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\SysWOW64\svchost.exe -k netsvcs
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
WLIDSvcM.exe 1200
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-483a7870-57db-4bba-8272-a684d6084a11 -SystemEventPortName:HostProcess-3f87a116-5fa2-41e7-ad6e-7943ad5b7773 -IoCancelEventPortName:HostProcess-36043b14-e18c-4010-959a-189c31e0167d -NonStateChangingEventPortName:HostProcess-37d0c8c3-1120-4586-a31e-b2d7e6574cdb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:64246f59-ac89-4bd7-826d-4476b59ebb37
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm112.cpl,CMICtrlWnd
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" view=DOCKVIEW
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Miranda IM\miranda32.exe"
taskeng.exe {0B886D21-CB7C-444A-9DEF-03AD43393307}
"c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Xfire\Xfire.exe"
"C:\Program Files (x86)\Xfire\Xfire.exe" C:\Program Files (x86)\Xfire\Xfire.exe/uac 4072
"C:\Program Files (x86)\Xfire\xfire64.exe" xfire64.exe /pid 5444
C:\Windows\ehome\ehRecvr.exe
C:\Windows\ehome\ehPrivJob.exe /DoReindexSearchRoot
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:11 /Query:3;3;6;Pokračovat v posledním seznamu;29655;-1;;;;0;;;;1;;
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.0430F900.2007494603 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.00443600.2047822514 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.00443480.439578125 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.00443300.1197781409 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.00443180.1787251812 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.00443000.1380886507 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.00443D80.344075747 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.0044AD80.2103486218 /prefetch:3 --ignored=" --type=renderer "
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.0044A900.870610745 /prefetch:3
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Jan Havránek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci\1.0_0\npGamePlayLabsPlugin.dll" --lang=cs --plugin-data-dir="C:\Users\Jan Havránek\AppData\Local\Google\Chrome\User Data\Default" --channel=5724.06672A00.1813197841 /prefetch:4
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Jan Havránek\AppData\Local\Google\Chrome\User Data\Default\Extensions\noocneohefmdhonidldnlhaainpiomkp\1.12.0.36021_0\lib/cooliris.dll" --lang=cs --plugin-data-dir="C:\Users\Jan Havránek\AppData\Local\Google\Chrome\User Data\Default" --channel=5724.06673E00.1077309951 /prefetch:4
C:\Windows\system32\rundll32.exe "C:\Users\JANHAV~1\AppData\Local\Google\Chrome\APPLIC~1\100648~1.204\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\10.0.648.204\gcswf32.dll" --lang=cs --plugin-data-dir="C:\Users\Jan Havránek\AppData\Local\Google\Chrome\User Data\Default" --channel=5724.06672800.1684729621 /prefetch:4 --flash-broker=5068
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_0/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.0046D180.125121785 /prefetch:3
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_0/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.08886D80.115947607 /prefetch:3
"C:\Users\Jan Havránek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_0/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_9/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/ --channel=5724.087E5780.851987198 /prefetch:3
"F:\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-665727265-469208298-3818899785-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-665727265-469208298-3818899785-1000UA.job
C:\Windows\tasks\HPCeeScheduleForJan Havránek.job
C:\Windows\tasks\PCDRScheduledMaintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2010-08-26 1241552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
SBCONVERT Class - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll [2010-05-19 2447360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
SearchPredictObj Class - C:\PROGRA~2\SEARCH~1\SEARCH~1.DLL [2010-04-14 443880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Users\Jan Havránek\AppData\Local\Browser Plugin\BHO.dll [2011-03-08 432640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-03 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\PROGRA~2\SPEEDB~1\Toolbar\grabber.dll [2010-05-19 185944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll [2010-05-19 2447360]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2010-08-26 1241552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-09-14 610360]
"PC-Doctor for Windows localizer"=C:\Program Files\PC-Doctor for Windows\localizer.exe [2009-09-17 95728]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-27 500208]
"Cm112Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048]
"Google Update"=C:\Users\Jan Havránek\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-12 136176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-01-26 15026056]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jan Havránek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-10-02 284696]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2010-12-06 1910152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.872 []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files (x86)\Rainmeter\Rainmeter.exe
C:\Users\Jan Havránek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-12-31 52272]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-04-16 11:34:09 ----D---- C:\rsit
2011-04-16 11:34:09 ----D---- C:\Program Files\trend micro
2011-04-16 11:22:44 ----D---- C:\Program Files (x86)\Trend Micro
2011-04-15 21:55:52 ----D---- C:\Program Files (x86)\Valve
2011-04-15 20:40:41 ----A---- C:\Windows\game.ini
2011-04-15 18:10:24 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-15 18:10:23 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-04-15 18:10:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-04-15 18:10:22 ----A---- C:\Windows\system32\vbscript.dll
2011-04-15 18:10:22 ----A---- C:\Windows\system32\jscript.dll
2011-04-15 18:10:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-04-15 18:10:15 ----A---- C:\Windows\system32\win32k.sys
2011-04-15 18:10:13 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-15 18:10:12 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-15 18:10:12 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-15 18:10:12 ----A---- C:\Windows\system32\mfc42.dll
2011-04-15 18:10:10 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-15 18:10:10 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-15 18:10:09 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-15 18:10:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-15 18:10:08 ----A---- C:\Windows\system32\atmfd.dll
2011-04-15 18:10:07 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-15 18:10:07 ----A---- C:\Windows\system32\atmlib.dll
2011-04-15 18:10:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-04-15 18:10:05 ----A---- C:\Windows\system32\mshtml.dll
2011-04-15 18:10:03 ----A---- C:\Windows\system32\ieframe.dll
2011-04-15 18:10:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-04-15 18:09:58 ----A---- C:\Windows\system32\urlmon.dll
2011-04-15 18:09:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-04-15 18:09:57 ----A---- C:\Windows\system32\wininet.dll
2011-04-15 18:09:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-04-15 18:09:55 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-04-15 18:09:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-04-15 18:09:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-04-15 18:09:55 ----A---- C:\Windows\system32\mstime.dll
2011-04-15 18:09:55 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-15 18:09:55 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-15 18:09:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-04-15 18:09:54 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-04-15 18:09:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-04-15 18:09:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-04-15 18:09:54 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-04-15 18:09:54 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-15 18:09:54 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-15 18:09:54 ----A---- C:\Windows\system32\ieui.dll
2011-04-15 18:09:54 ----A---- C:\Windows\system32\iertutil.dll
2011-04-15 18:09:54 ----A---- C:\Windows\system32\iepeers.dll
2011-04-15 18:09:53 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-04-15 18:09:53 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-04-15 18:09:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-04-15 18:09:53 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-15 18:09:53 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-15 18:09:53 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-15 18:09:45 ----A---- C:\Windows\system32\winload.exe
2011-04-15 18:09:44 ----A---- C:\Windows\system32\winresume.exe
2011-04-15 18:09:44 ----A---- C:\Windows\system32\kdusb.dll
2011-04-15 18:09:44 ----A---- C:\Windows\system32\kdcom.dll
2011-04-15 18:09:44 ----A---- C:\Windows\system32\kd1394.dll
2011-04-15 18:09:43 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-15 18:09:43 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-15 18:09:42 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-15 18:09:42 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-15 18:09:42 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-15 18:09:42 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-15 18:09:42 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-15 18:09:41 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-15 18:09:39 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-15 18:09:39 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-15 18:09:39 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-15 18:09:39 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-08 13:28:58 ----A---- C:\Windows\SYSWOW64\xfcodec.dll
2011-04-08 13:28:58 ----A---- C:\Windows\system32\xfcodec64.dll
2011-04-03 19:40:03 ----D---- C:\Windows\PCHEALTH
2011-04-02 19:56:03 ----D---- C:\Program Files\Microsoft Office
2011-04-02 19:55:08 ----RHD---- C:\MSOCache
2011-03-29 19:36:47 ----D---- C:\Users\Jan Havránek\AppData\Roaming\Rainmeter
2011-03-29 19:36:37 ----D---- C:\Program Files (x86)\Rainmeter
2011-03-28 17:19:18 ----HD---- C:\Windows\msdownld.tmp
2011-03-28 17:19:04 ----D---- C:\Windows\SYSWOW64\directx
2011-03-25 20:53:38 ----D---- C:\Program Files (x86)\City Interactive
2011-03-24 15:38:33 ----D---- C:\Program Files (x86)\DDS Converter 2
2011-03-18 17:54:30 ----D---- C:\Ubisoft Game Launcher
2011-03-18 17:51:41 ----D---- C:\Users\Jan Havránek\AppData\Roaming\PunkBuster
======List of files/folders modified in the last 1 months======
2011-04-16 11:34:09 ----RD---- C:\Program Files
2011-04-16 11:31:18 ----D---- C:\Windows\system32\config
2011-04-16 11:27:31 ----D---- C:\Users\Jan Havránek\AppData\Roaming\Skype
2011-04-16 11:24:04 ----D---- C:\Windows\Temp
2011-04-16 11:23:45 ----D---- C:\Windows\System32
2011-04-16 11:23:45 ----D---- C:\Windows\inf
2011-04-16 11:23:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-16 11:23:18 ----RD---- C:\Program Files (x86)
2011-04-16 11:22:45 ----SHD---- C:\Windows\Installer
2011-04-16 11:22:45 ----SHD---- C:\Config.Msi
2011-04-16 11:22:34 ----SHD---- C:\System Volume Information
2011-04-16 11:16:21 ----RSD---- C:\Windows\assembly
2011-04-16 11:16:21 ----D---- C:\Windows\Microsoft.NET
2011-04-16 11:15:36 ----D---- C:\Windows\debug
2011-04-16 11:15:35 ----D---- C:\Windows
2011-04-16 11:15:32 ----D---- C:\Users\Jan Havránek\AppData\Roaming\Xfire
2011-04-16 11:11:37 ----D---- C:\Users\Jan Havránek\AppData\Roaming\skypePM
2011-04-16 11:10:28 ----D---- C:\Windows\winsxs
2011-04-16 11:10:12 ----D---- C:\ProgramData\NVIDIA
2011-04-16 11:08:19 ----D---- C:\Windows\SysWOW64
2011-04-16 11:08:18 ----D---- C:\Windows\system32\drivers
2011-04-16 11:08:18 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-16 11:08:17 ----D---- C:\Windows\SYSWOW64\migration
2011-04-16 11:08:17 ----D---- C:\Windows\system32\migration
2011-04-16 11:08:17 ----D---- C:\Program Files\Internet Explorer
2011-04-16 11:08:14 ----D---- C:\Windows\system32\Boot
2011-04-16 00:26:55 ----D---- C:\ProgramData\Microsoft Help
2011-04-16 00:25:59 ----D---- C:\Windows\system32\catroot
2011-04-16 00:19:36 ----A---- C:\Windows\system32\MRT.exe
2011-04-15 21:55:33 ----D---- C:\Windows\Prefetch
2011-04-15 21:21:16 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-04-15 20:50:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-04-15 20:38:10 ----D---- C:\Program Files (x86)\Activision
2011-04-15 18:09:32 ----D---- C:\Windows\system32\catroot2
2011-04-15 18:06:11 ----D---- C:\ProgramData\Xfire
2011-04-15 18:04:20 ----D---- C:\Program Files (x86)\Xfire
2011-04-03 19:40:21 ----RSD---- C:\Windows\Fonts
2011-04-03 19:40:04 ----D---- C:\Program Files (x86)\Microsoft Works
2011-04-03 17:44:26 ----D---- C:\Windows\Tasks
2011-04-03 17:44:26 ----D---- C:\Windows\system32\Tasks
2011-04-03 17:33:36 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2011-04-03 14:47:25 ----SD---- C:\Users\Jan Havránek\AppData\Roaming\Microsoft
2011-04-02 19:57:30 ----D---- C:\Program Files (x86)\Microsoft Office
2011-04-02 19:57:28 ----D---- C:\Program Files (x86)\Common Files
2011-04-02 19:57:18 ----SD---- C:\ProgramData\Microsoft
2011-04-02 19:56:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-02 19:56:01 ----D---- C:\Windows\ShellNew
2011-03-30 21:01:21 ----HD---- C:\ProgramData
2011-03-29 17:21:51 ----D---- C:\Users\Jan Havránek\AppData\Roaming\uTorrent
2011-03-29 17:19:21 ----D---- C:\Program Files\CCleaner
2011-03-29 17:17:52 ----D---- C:\Temp
2011-03-29 11:18:08 ----D---- C:\Users\Jan Havránek\AppData\Roaming\HpUpdate
2011-03-29 11:18:08 ----D---- C:\Users\Jan Havránek\AppData\Roaming\HP Support Assistant
2011-03-28 17:53:06 ----D---- C:\Program Files (x86)\LucasArts
2011-03-28 17:15:47 ----D---- C:\Windows\system32\DriverStore
2011-03-22 22:49:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-03-19 12:22:19 ----D---- C:\Program Files (x86)\Fraps
2011-03-18 18:03:54 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-03-18 18:03:24 ----D---- C:\Users\Jan Havránek\AppData\Roaming\Ubisoft
2011-03-18 17:54:29 ----D---- C:\ProgramData\Ubisoft
2011-03-18 17:37:11 ----D---- C:\Program Files (x86)\Ubisoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 537112]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-15 834544]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-02-17 228272]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-17 56688]
R3 AVER_H193;AVerMedia H193 Video Capture; C:\Windows\system32\drivers\AVer888RC_64.sys [2009-11-13 543616]
R3 CXCIR;AVerMedia Consumer Infrared Receiver; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys [2009-11-13 39936]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-07 2484072]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-17 156080]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-17 175664]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S3 ahv5keuf;ahv5keuf; C:\Windows\system32\drivers\ahv5keuf.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 cpuz132;cpuz132; \??\C:\Users\JANHAV~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-09-17 23536]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 108072]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 19496]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 145448]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s916mgmt.sys [2007-11-02 130088]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s916obex.sys [2007-11-02 124968]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBADVAU;USB Advance Audio Interface; C:\Windows\system32\drivers\cm11264.sys [2007-11-13 1120768]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 X6va001;X6va001; \??\C:\Users\JANHAV~1\AppData\Local\Temp\001E85F.tmp []
S3 X6va003;X6va003; \??\C:\Users\JANHAV~1\AppData\Local\Temp\003BC2D.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 2101640]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 12784]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-01-07 1005160]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-03-18 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-04-15 214520]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2010-11-22 718072]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 136176]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-06-06 250616]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Děkuji.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravím, tyhle zbytečnosti fixni v HJT :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... gBQAEEATgA"&"inst=NwA3AC0ANAAwADEAMwAzADMANgA4ADUALQBGAEwAKwA5AC0AWABPADMANgArADEA"&"prod=90"&"ver=9.0.872
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jan Havránek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HJT najdeš zde :
C:\Program Files\trend micro\Jan Havránek.exe
Fix znamená že spustíš HJT
jako admin
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Jinak nic špatného nevidím.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60347
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... gBQAEEATgA"&"inst=NwA3AC0ANAAwADEAMwAzADMANgA4ADUALQBGAEwAKwA5AC0AWABPADMANgArADEA"&"prod=90"&"ver=9.0.872
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jan Havránek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HJT najdeš zde :
C:\Program Files\trend micro\Jan Havránek.exe
Fix znamená že spustíš HJT
jako adminv okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Jinak nic špatného nevidím.
Přispějete na provoz fóra?