Pomaly nabiehajuce Win7 po log-in-e

Zpráva

#16 Příspěvek od **Mc_Murphy** » 27 črc 2013 17:05

Máš v Nastavení sítě "Získávat IP adresu automaticky"? Asi bych to tam tak dal.
Jinak IP Googlu jsou 8.8.8.8 a 8.8.4.4. Adresa 192.168.1.1 je většinou IP routeru.

Asi takto, pokud připojení funguje, tak bych se v tom nerýpal a nechal to být.
Případně, pokud budou problémy, poskytovatel by Ti měl říct, jak to máš mít nastaveno.

yozefb · #17 Příspěvek od **yozefb** » 02 srp 2013 21:06

uz dlhsie som sa neozval, spustil som este defraggler a ntb fici jedna radost, on sa celkom rozbehol po odstraneni ad-ware a prvom vycistenti malware.

ak este nieco treba, dajte mi vediet, inak to kludne mozete

#18 Příspěvek od **Mc_Murphy** » 03 srp 2013 07:57

Ano, defragmentace také dělá zázraky.

Mno jestli chceš, můžeme ještě dočistit, myslím si, že tam ještě nějaké malé drobnůstky budou.

Pokud chceš tedy pokračovat, vlož mi sem prosím nový aktuální log ze RSITu, ať se podívám, co se povedlo a co zatím ne.

yozefb · #19 Příspěvek od **yozefb** » 04 srp 2013 17:55

Logfile of random's system information tool 1.09 (written by random/random)
Run by karol at 2013-08-04 17:55:15
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 42 GB (9%) free of 464 GB
Total RAM: 8103 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:55:27, on 4. 8. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\karol\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\DVD Decrypter\DVDDecrypter.exe
C:\Program Files\trend micro\karol.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\karol\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3482861-DD81-48FE-9EBD-28976F0A4AAD}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DokanMounter - Unknown owner - C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Screen Reading Optimizer Service Program (SROSVC) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 15326 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-53d018c9-0e0c-452c-90f4-615c013514f0 -SystemEventPortName:HostProcess-29ec4692-5e88-42df-92c0-c790ed2621f5 -IoCancelEventPortName:HostProcess-aaca8ce3-d3af-4eb3-9302-d027277bd45f -NonStateChangingEventPortName:HostProcess-1eb1759a-7afc-455e-adf6-e27f2e286a49 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5b3a59e2-0700-43ca-8f50-f5a42c4e0157 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 24494304
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
\??\C:\Windows\system32\conhost.exe "-3531460925571987271208091431-1429977333171138647814237122051006620754962250426
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe" -service
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-11e6d388-8487-476a-b653-b3c7c1f5fc0f -SystemEventPortName:HostProcess-7a7e399e-da2e-463a-a412-73c53f8064a9 -IoCancelEventPortName:HostProcess-9cd051f2-a298-4876-af1e-307acc1284cf -NonStateChangingEventPortName:HostProcess-05493ac1-e020-4d68-b6b4-d7026eb5e002 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9c14c07b-8346-4c07-8419-feb25933b1d3 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
atieclxx
"taskhost.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
taskeng.exe {B6240DE3-3A70-4885-8EFE-E332EC969C12}
"c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
WLIDSvcM.exe 3092
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version7\TeamViewer7_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version7\TeamViewer7_Logfile.log
"C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" -EMBEDDING
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe" -Embedding
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" /start
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1628.14ff4400.528779727 "C:\Users\karol\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1628 "\\.\pipe\gecko-crash-server-pipe.1628" plugin
"C:\Users\karol\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"
"C:\Program Files (x86)\DVD Decrypter\DVDDecrypter.exe" /MODE READ /SOURCE "D:\"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\karol\Downloads\RSITx64(3).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1003UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1004UA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job

=========Mozilla firefox=========

ProfilePath - C:\Users\karol\AppData\Roaming\Mozilla\Firefox\Profiles\pr4u9n61.default

prefs.js - "browser.startup.homepage" - "https://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npwachk.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-22 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-22 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"TpShocks"=C:\Windows\SYSTEM32\TpShocks.exe [2011-03-29 380776]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-12-23 2868496]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2011-04-26 310912]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2011-01-27 41320]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"ALCKRESI.EXE"=C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [2011-07-13 281960]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2012-09-07 63376]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\karol\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-18 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^karol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"=rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-09 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\SYSTEM32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-07-29 21:01:31 ----D---- C:\Users\karol\AppData\Roaming\Skype
2013-07-29 20:31:09 ----D---- C:\Program Files (x86)\Dokan
2013-07-25 17:51:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-07-25 17:51:48 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-07-25 17:41:08 ----A---- C:\AdwCleaner[S1].txt
2013-07-24 21:22:47 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-24 21:22:47 ----A---- C:\Windows\system32\DWrite.dll
2013-07-24 21:19:42 ----D---- C:\Windows\ERUNT
2013-07-24 21:12:09 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-07-24 21:09:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-24 21:09:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-24 21:09:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-24 21:09:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-07-24 21:09:21 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-07-24 21:09:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-24 21:09:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-24 21:09:21 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-07-24 21:09:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-24 21:09:21 ----A---- C:\Windows\system32\elshyph.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-07-24 21:09:20 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\url.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-07-24 21:09:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-07-24 21:09:19 ----A---- C:\Windows\system32\wininet.dll
2013-07-24 21:09:19 ----A---- C:\Windows\system32\urlmon.dll
2013-07-24 21:09:19 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-24 21:09:19 ----A---- C:\Windows\system32\msrating.dll
2013-07-24 21:09:19 ----A---- C:\Windows\system32\msls31.dll
2013-07-24 21:09:19 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-24 21:09:19 ----A---- C:\Windows\system32\iertutil.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\wextract.exe
2013-07-24 21:09:18 ----A---- C:\Windows\system32\webcheck.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\vbscript.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\url.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\pngfilt.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\occache.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\mshtmled.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\mshtml.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\mshta.exe
2013-07-24 21:09:18 ----A---- C:\Windows\system32\msfeedssync.exe
2013-07-24 21:09:18 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\licmgr10.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\jscript.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\inseng.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\imgutil.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\iexpress.exe
2013-07-24 21:09:18 ----A---- C:\Windows\system32\ieUnatt.exe
2013-07-24 21:09:18 ----A---- C:\Windows\system32\iesetup.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\iernonce.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\iepeers.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\iedkcs32.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\ieapfltr.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\ieapfltr.dat
2013-07-24 21:09:18 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-24 21:09:18 ----A---- C:\Windows\system32\icardie.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\dxtrans.dll
2013-07-24 21:09:18 ----A---- C:\Windows\system32\dxtmsft.dll
2013-07-24 21:09:17 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-07-24 21:09:17 ----A---- C:\Windows\system32\mshtmler.dll
2013-07-24 21:09:17 ----A---- C:\Windows\system32\jscript9.dll
2013-07-24 21:09:17 ----A---- C:\Windows\system32\ieui.dll
2013-07-24 21:09:17 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-24 21:09:17 ----A---- C:\Windows\system32\ieframe.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-24 21:08:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-24 21:08:00 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-07-24 21:08:00 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-07-24 21:08:00 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-07-24 21:08:00 ----A---- C:\Windows\system32\XpsPrint.dll
2013-07-24 21:08:00 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-07-24 21:08:00 ----A---- C:\Windows\system32\WMPhoto.dll
2013-07-24 21:08:00 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-07-24 21:07:59 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\UIAnimation.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\FntCache.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\dxgi.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\d3d10warp.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\d3d10level9.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\d3d10core.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\d3d10_1.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\d3d10.dll
2013-07-24 21:07:59 ----A---- C:\Windows\system32\d2d1.dll
2013-07-24 20:57:27 ----D---- C:\ProgramData\GFI Software
2013-07-22 23:52:13 ----D---- C:\Program Files\Defraggler
2013-07-19 23:54:41 ----D---- C:\Windows\system32\MRT
2013-07-11 22:23:57 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 22:23:56 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 22:23:56 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 22:23:55 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 22:23:45 ----A---- C:\Windows\system32\win32k.sys
2013-07-03 22:58:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-06-22 13:24:48 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-06-22 13:24:43 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-06-18 20:50:08 ----A---- C:\Windows\system32\drivers\MpFilter.sys
2013-06-14 19:53:50 ----D---- C:\Program Files (x86)\Bluetooth Software Update Tool
2013-06-12 22:56:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 22:56:17 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 22:56:17 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 22:55:57 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 22:55:57 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 22:55:47 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 22:55:47 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 22:55:46 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 22:55:45 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 22:55:45 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 22:55:45 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 22:55:45 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 22:55:45 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 22:55:45 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 22:55:45 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 22:55:41 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 22:55:41 ----A---- C:\Windows\system32\d3d11.dll
2013-06-08 21:48:43 ----D---- C:\ldiag
2013-06-08 20:56:36 ----HD---- C:\Windows\system32\WLANProfiles
2013-06-08 20:55:32 ----D---- C:\Program Files (x86)\Cisco
2013-06-08 20:55:28 ----D---- C:\ProgramData\Intel.sav
2013-06-08 20:53:19 ----D---- C:\ProgramData\Package Cache
2013-06-08 20:49:06 ----D---- C:\Program Files\Common Files\SPBA
2013-06-06 20:57:30 ----HD---- C:\A
2013-06-01 17:42:29 ----D---- C:\Users\karol\AppData\Roaming\TS3Client
2013-06-01 17:41:21 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2013-05-24 19:33:43 ----D---- C:\Users\karol\AppData\Roaming\Notepad++
2013-05-24 19:29:44 ----D---- C:\rsit
2013-05-24 19:29:44 ----D---- C:\Program Files\trend micro
2013-05-17 00:01:38 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-17 00:01:38 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-17 00:01:38 ----A---- C:\Windows\system32\cdd.dll
2013-05-17 00:01:09 ----A---- C:\Windows\system32\shell32.dll
2013-05-17 00:01:08 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-17 00:01:08 ----A---- C:\Windows\system32\authui.dll
2013-05-17 00:01:07 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-17 00:01:05 ----A---- C:\Windows\system32\consent.exe
2013-05-17 00:00:45 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-17 00:00:44 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-17 00:00:44 ----A---- C:\Windows\system32\appinfo.dll
2013-05-17 00:00:23 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-17 00:00:23 ----A---- C:\Windows\system32\wwanprotdim.dll

======List of files/folders modified in the last 3 months======

2013-08-04 17:55:27 ----D---- C:\Windows\Prefetch
2013-08-04 17:55:03 ----D---- C:\Windows\Temp
2013-08-04 17:24:00 ----D---- C:\Users\karol\AppData\Roaming\vlc
2013-08-04 10:24:58 ----D---- C:\Windows\system32\config
2013-08-04 10:20:25 ----D---- C:\Windows\System32
2013-08-04 10:20:25 ----D---- C:\Windows\inf
2013-08-04 10:20:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-04 10:19:29 ----D---- C:\temp
2013-08-04 08:59:33 ----A---- C:\Windows\SYSWOW64\log.txt
2013-08-04 08:54:12 ----SHD---- C:\System Volume Information
2013-08-03 00:43:22 ----AD---- C:\ProgramData\TEMP
2013-08-03 00:18:21 ----HD---- C:\ProgramData
2013-08-01 23:51:53 ----SHD---- C:\Windows\Installer
2013-08-01 23:51:53 ----SHD---- C:\Config.Msi
2013-08-01 21:06:45 ----D---- C:\Users\karol\AppData\Roaming\Mozilla
2013-07-30 20:22:30 ----RSD---- C:\Windows\Fonts
2013-07-30 18:35:04 ----D---- C:\Windows\system32\catroot2
2013-07-29 23:00:01 ----D---- C:\ProgramData\Skype
2013-07-29 22:59:57 ----RD---- C:\Program Files (x86)\Skype
2013-07-29 22:59:57 ----D---- C:\Program Files (x86)\Common Files
2013-07-29 20:31:10 ----D---- C:\Windows\SysWOW64
2013-07-29 20:31:10 ----D---- C:\Windows\system32\drivers
2013-07-29 20:31:09 ----RD---- C:\Program Files (x86)
2013-07-25 19:05:33 ----D---- C:\Windows\winsxs
2013-07-25 17:50:39 ----D---- C:\Windows\system32\catroot
2013-07-25 02:54:00 ----D---- C:\Windows\rescache
2013-07-24 21:19:42 ----AD---- C:\Windows
2013-07-24 21:15:05 ----D---- C:\Windows\Panther
2013-07-24 21:12:40 ----D---- C:\Program Files\Internet Explorer
2013-07-24 21:12:40 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-24 21:12:39 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-07-24 21:12:39 ----D---- C:\Windows\SYSWOW64\migration
2013-07-24 21:12:39 ----D---- C:\Windows\SYSWOW64\en-US
2013-07-24 21:12:38 ----D---- C:\Windows\system32\sk-SK
2013-07-24 21:12:38 ----D---- C:\Windows\system32\migration
2013-07-24 21:12:38 ----D---- C:\Windows\system32\en-US
2013-07-24 21:12:38 ----D---- C:\Windows\PolicyDefinitions
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\it-IT
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-07-24 21:12:37 ----D---- C:\Windows\SYSWOW64\el-GR
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\es-ES
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\de-DE
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\da-DK
2013-07-24 21:12:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-07-24 21:12:36 ----D---- C:\Windows\system32\pt-PT
2013-07-24 21:12:36 ----D---- C:\Windows\system32\pt-BR
2013-07-24 21:12:36 ----D---- C:\Windows\system32\it-IT
2013-07-24 21:12:35 ----D---- C:\Windows\system32\zh-TW
2013-07-24 21:12:35 ----D---- C:\Windows\system32\zh-HK
2013-07-24 21:12:35 ----D---- C:\Windows\system32\zh-CN
2013-07-24 21:12:35 ----D---- C:\Windows\system32\tr-TR
2013-07-24 21:12:35 ----D---- C:\Windows\system32\sv-SE
2013-07-24 21:12:35 ----D---- C:\Windows\system32\ru-RU
2013-07-24 21:12:35 ----D---- C:\Windows\system32\pl-PL
2013-07-24 21:12:35 ----D---- C:\Windows\system32\nl-NL
2013-07-24 21:12:35 ----D---- C:\Windows\system32\nb-NO
2013-07-24 21:12:35 ----D---- C:\Windows\system32\ko-KR
2013-07-24 21:12:35 ----D---- C:\Windows\system32\ja-JP
2013-07-24 21:12:35 ----D---- C:\Windows\system32\hu-HU
2013-07-24 21:12:35 ----D---- C:\Windows\system32\fr-FR
2013-07-24 21:12:35 ----D---- C:\Windows\system32\fi-FI
2013-07-24 21:12:35 ----D---- C:\Windows\system32\es-ES
2013-07-24 21:12:35 ----D---- C:\Windows\system32\el-GR
2013-07-24 21:12:35 ----D---- C:\Windows\system32\de-DE
2013-07-24 21:12:35 ----D---- C:\Windows\system32\da-DK
2013-07-24 21:12:35 ----D---- C:\Windows\system32\cs-CZ
2013-07-24 21:11:32 ----D---- C:\Windows\Logs
2013-07-24 21:03:41 ----SD---- C:\ProgramData\Microsoft
2013-07-24 21:03:41 ----D---- C:\Program Files (x86)\Microsoft
2013-07-24 21:00:35 ----D---- C:\Program Files (x86)\Ad-Aware Antivirus
2013-07-24 21:00:34 ----D---- C:\Windows\SYSWOW64\drivers
2013-07-22 23:52:13 ----D---- C:\Program Files
2013-07-20 22:32:57 ----D---- C:\Users\karol\AppData\Roaming\Adobe
2013-07-20 00:15:41 ----D---- C:\Program Files\Microsoft Security Client
2013-07-20 00:15:28 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-19 22:49:10 ----D---- C:\Program Files\Adobe
2013-07-19 22:08:12 ----D---- C:\Windows\Microsoft.NET
2013-07-19 22:08:11 ----RSD---- C:\Windows\assembly
2013-07-13 18:12:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-13 18:12:04 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 23:52:54 ----D---- C:\Program Files\Windows Defender
2013-07-12 23:52:54 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 23:52:53 ----D---- C:\Program Files\Windows Journal
2013-07-12 20:53:16 ----D---- C:\ProgramData\Microsoft Help
2013-07-12 20:41:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-10 20:18:45 ----D---- C:\ProgramData\Sony Ericsson
2013-07-10 20:18:44 ----D---- C:\Program Files (x86)\Sony Ericsson
2013-07-06 20:33:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-23 23:57:12 ----A---- C:\Windows\system32\MRT.exe
2013-06-23 23:13:13 ----D---- C:\Windows\system32\wdi
2013-06-23 00:45:00 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-06-22 13:24:35 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-22 13:24:35 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-06-22 13:24:35 ----A---- C:\Windows\SYSWOW64\java.exe
2013-06-22 13:24:34 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-22 13:24:32 ----D---- C:\Program Files (x86)\Java
2013-06-08 22:06:54 ----D---- C:\video
2013-06-08 21:40:40 ----D---- C:\Program Files\Lenovo
2013-06-08 21:38:48 ----D---- C:\Windows\Downloaded Installations
2013-06-08 21:06:00 ----D---- C:\Windows\system32\drivers\UMDF
2013-06-08 21:06:00 ----D---- C:\Program Files\ThinkVantage Fingerprint Software
2013-06-08 20:57:45 ----D---- C:\Program Files\Common Files\Lenovo
2013-06-08 20:56:53 ----D---- C:\Windows\system32\DriverStore
2013-06-08 20:56:44 ----D---- C:\Program Files\Intel
2013-06-08 20:55:32 ----D---- C:\Program Files (x86)\Intel
2013-06-08 20:54:32 ----D---- C:\ProgramData\Intel
2013-06-08 20:49:20 ----D---- C:\Windows\system32\WinBioPlugIns
2013-06-08 20:49:06 ----D---- C:\Program Files\Common Files
2013-05-17 23:36:40 ----D---- C:\Windows\AppPatch
2013-05-17 22:39:59 ----D---- C:\Users\karol\AppData\Roaming\Lenovo

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2012-02-01 31872]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2011-03-29 139888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-08 530488]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2011-03-29 23664]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
R1 PHCORE;PHCORE; \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [2011-07-08 32104]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2012-01-23 14960]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 120408]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-03-05 166016]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 10857984]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-08 328704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-02-13 163808]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-03-24 85504]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2012-12-05 42824]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-12-13 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-04-19 25528]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-02-05 11518976]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2013-01-29 50800]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-27 40248]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-12-23 412432]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2011-05-30 40248]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2013-02-13 163808]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-10-17 437288]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-10-17 146984]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-10-17 164392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-10-17 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-10-17 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-03-24 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-03-24 13952]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-10-14 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-10-14 27176]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-03-24 94208]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-03-24 28672]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-03-24 196608]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-04-19 35256]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0;PCDSRVC{127174DC-C366ED8B-06020200}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [2011-06-27 25584]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [2009-08-08 23112]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2012-09-07 133008]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2012-09-07 272272]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-02-13 770528]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-10-17 970016]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DokanMounter;DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2012-12-05 60272]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2011-01-27 40808]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2012-08-24 127072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-01-27 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2012-02-08 70136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 SROSVC;Screen Reading Optimizer Service Program; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2012-03-05 446800]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2010-08-31 1028096]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2012-12-18 127120]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2012-12-04 125504]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [2011-08-18 1492280]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-03 136176]
S2 HyperW7Svc;HyperW7 Service; C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-11-18 144448]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-01-08 277488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-03 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-03 117144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-01-23 89152]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-01-23 175168]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [2008-09-18 93848]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2013-04-11 22376]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2011-03-29 47728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#20 Příspěvek od **Mc_Murphy** » 05 srp 2013 12:42

Fixni v HJT níže uvedené položky.

Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
Položky, které v seznamu nenajdeš, prostě přeskoč.
HJT najdeš zde: C:\Program Files\trend micro\karol.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš operační systém Windows Vista či Windows 7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[clearallrestorepoints]
[resethosts]
[purity]
[emptytemp]
[emptyflash]
[emptyjava]

:Services
AdobeARMservice
AdobeFlashPlayerUpdateSvc
gupdate
gupdatem
gusvc
SkypeUpdate

:Files
C:\Program Files (x86)\Ad-Aware Antivirus
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1003UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1004UA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
C:\AdwCleaner[S1].txt

:Reg
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LENOVO.TPKNRRES"=-
"HotKeysCmds"=-
"Persistence"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^karol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=-
"Adobe ARM"=-
"StartCCC"=-
"SunJavaUpdateSched"=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

yozefb · #21 Příspěvek od **yozefb** » 15 srp 2013 10:42

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jozef&Michaela
->Temp folder emptied: 117623030 bytes
->Temporary Internet Files folder emptied: 312790776 bytes
->Java cache emptied: 459517 bytes
->FireFox cache emptied: 245619590 bytes
->Google Chrome cache emptied: 434768376 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 60473 bytes

User: karol
->Temp folder emptied: 438943871 bytes
->Temporary Internet Files folder emptied: 639543272 bytes
->Java cache emptied: 6333358 bytes
->FireFox cache emptied: 466472386 bytes
->Google Chrome cache emptied: 133047392 bytes
->Flash cache emptied: 64942 bytes

User: Michaela
->Temp folder emptied: 551040084 bytes
->Temporary Internet Files folder emptied: 227590715 bytes
->Java cache emptied: 14871 bytes
->FireFox cache emptied: 983928860 bytes
->Google Chrome cache emptied: 103634130 bytes
->Flash cache emptied: 79807 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 107200 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 467294572 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50528 bytes
RecycleBin emptied: 37234651 bytes

Total Files Cleaned = 4 927,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jozef&Michaela
->Flash cache emptied: 0 bytes

User: karol
->Flash cache emptied: 0 bytes

User: Michaela
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Jozef&Michaela
->Java cache emptied: 0 bytes

User: karol
->Java cache emptied: 0 bytes

User: Michaela
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\WDBF folder moved successfully.
C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\Staging folder moved successfully.
C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\LKGD folder moved successfully.
C:\Program Files (x86)\Ad-Aware Antivirus\Definitions folder moved successfully.
C:\Program Files (x86)\Ad-Aware Antivirus folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP60FF.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6633.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFBEB.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFFD1.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP138C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP338E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5AEC.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D1D.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6EDE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP879B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8C73.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP90CD.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA539.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB099.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD412.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD48D.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDBA2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE39A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPECD9.tmp folder moved successfully.
C:\Windows\Installer\MSI1959.tmp moved successfully.
C:\Windows\Installer\MSI8D9B.tmp moved successfully.
C:\Windows\Installer\MSIB05C.tmp moved successfully.
C:\Windows\Installer\MSIC245.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\48bdda4dd935f4dbc90901be08b8296e\BIT625A.tmp moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1003Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1003UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1004Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1004UA.job moved successfully.
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job moved successfully.
C:\Windows\tasks\SystemToolsDailyTest.job moved successfully.
C:\AdwCleaner[S1].txt moved successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LENOVO.TPKNRRES not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HotKeysCmds not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Persistence not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^karol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 08152013_111147

Files\Folders moved on Reboot...
C:\Users\karol\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#22 Příspěvek od **Mc_Murphy** » 15 srp 2013 14:49

OK, OTL provedlo, co mělo a kromě jiného vysypalo téměř 5 GB bordýlku.

Jak je na tom počítač teď? Můžu po sobě uklidit a hotovo?

yozefb · #23 Příspěvek od **yozefb** » 20 srp 2013 18:59

dakujem, pocitac ide omnho lepsie ako predtym

#24 Příspěvek od **Mc_Murphy** » 20 srp 2013 19:03

OK, to rád čtu.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stáhni a spusť.
Pokud používáš operační systém Windows Vista či Windows 7, klikni na T-Cleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce!
Pro potvrzení volby mačkej A, Enter.
Po použití utilitu smaž ručně.
Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir)!

OTC http://oldtimer.geekstogo.com/OTC.exe

Stáhni a spusť.
Klikni na CleanUp a potvrď YES.
Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž ručně.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

#25 Příspěvek od **Mc_Murphy** » 09 zář 2013 13:20

Zde to tedy uzamknu.

VIRY.CZ

Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e

Re: Pomaly nabiehajuce Win7 po log-in-e