Ahoj ahoj ahoj ...
Po nějaké větší aktualizaci OS se kamarádovi totálně zasekal NTB.
Procesor nebyl nijak extra vytížený, ale NTB ragoval pomalu a trhaně, zkoušel nějaké odinstalace posledního SW a aktualizací, ale nepomohlo to ...
Já jsem vrátil NTB "zpátky v čase" díky bodu obnovení co tam měl a zdá se to být zase OK, ale pro jistotu, můžete nám to projít, jestli tam něco nestraší?
Předem velké DÍKY!
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2013-09-09 10:26:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 16 GB (10%) free of 162 GB
Total RAM: 7889 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:26:17, on 9.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\inf\msehygk\msehygk.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
C:\Program Files\trend micro\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - mscoree.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [MobileAccess] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe -silentExitIfNotFirst
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GPULoader] "C:\Program Files (x86)\VLC Player GPU+\GPULog.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD871C4D-4F7C-46AA-8F93-4BC2D91CC1F1}: NameServer = 93.153.117.1 93.153.117.33
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BlackBerry Device Manager (Blackberry Device Manager) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Macheen Service (MacheenService) - Macheen - C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 15763 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c175fe5d-ccf1-44f5-8ac9-0b73aff69b6f -SystemEventPortName:HostProcess-9369f91f-034a-4a28-aef2-8d6cd10368a5 -IoCancelEventPortName:HostProcess-967878b2-b4e1-4c32-ac4e-d2a2d4dd7029 -NonStateChangingEventPortName:HostProcess-cfd75196-b8a5-4e44-85da-022569874eea -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8228bf83-0183-467d-8713-9abfa6887ea5 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b3b423bb-c2d1-42a9-b8e6-33acea1642c5 -SystemEventPortName:HostProcess-648c781a-e6ed-4421-ace2-526fc3220742 -IoCancelEventPortName:HostProcess-f5c560b0-8ca7-46d2-816e-787587a77539 -NonStateChangingEventPortName:HostProcess-3726dc9c-1583-4581-8eaa-7af985157d26 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e51b7c25-38a2-472c-b114-4f164193912e -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 3593472
\??\C:\Windows\system32\conhost.exe "782521533-20688038821086034063552996404-17925531507340764201664764259-430240729
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe" servicemode
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
WLIDSvcM.exe 2860
taskeng.exe {FD524DB0-9B9D-4BBA-AFAE-2F11D9C8682C}
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe" -silentExitIfNotFirst
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\inf\msehygk\msehygk.exe -o stratum+tcp://mint.bitminter.com:3333 -u pastan_protein -p worker
\??\C:\Windows\system32\conhost.exe "2754204891732655311080671210782810052-1614802715-725159563-1854587935-1298118539
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe" /start
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
taskeng.exe {A4282FE9-A307-4E33-AECA-1111A389B379}
"C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe102_ Global\UsGthrCtrlFltPipeMssGthrPipe102 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Jirka\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\gz9api0t.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-08-23 254032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]
Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19 2443376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-23 192592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]
Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19 2109040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e8ed77-2fba-4ec6-bc07-65de4de6709f}]
Shopping Suggestion. - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-08-23 254032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-23 192592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-20 13192848]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-17 1215632]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2013-02-12 382248]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-01-28 293672]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-02-19 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-02-19 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-02-19 441152]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe []
"AutoKMS"=C:\Windows\AutoKMS.exe [2013-07-29 446258]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-11-21 39408]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcWin7Hlpr]
C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aqyGpTmzBgH]
C:\Users\Jirka\AppData\Roaming\LTC\videoplayerupdate16.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-02-28 133400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-10-13 1088424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-03-18 448736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-11-21 39408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-31 55808]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-04-19 291608]
"PWMTRV"=rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-07-14 4351712]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-07-25 508656]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2013-01-17 267792]
"MobileAccess"=C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [2013-04-17 155864]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"GPULoader"=C:\Program Files (x86)\VLC Player GPU+\GPULog.exe [2013-07-07 935424]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-02-19 441856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ACGina
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2013-09-09 10:26:09 ----D---- C:\rsit
2013-09-09 10:26:09 ----D---- C:\Program Files\trend micro
2013-09-05 22:10:58 ----D---- C:\Program Files (x86)\ESET
2013-09-05 21:34:42 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-09-04 21:54:46 ----A---- C:\Windows\system32\RtkAPO64.dll
2013-09-04 21:54:46 ----A---- C:\Windows\system32\RTCOM64.dll
2013-09-04 21:54:45 ----A---- C:\Windows\system32\R4EEL64A.dll
2013-09-04 21:54:45 ----A---- C:\Windows\system32\R4EED64A.dll
2013-09-04 21:54:44 ----A---- C:\Windows\system32\FMAPO64.dll
2013-09-04 21:51:11 ----D---- C:\ProgramData\Intel.sav
2013-09-04 21:46:30 ----D---- C:\Users\Jirka\AppData\Roaming\LSC
2013-09-04 21:45:41 ----A---- C:\Windows\SYSWOW64\SynTPCOM.dll
2013-09-04 21:45:41 ----A---- C:\Windows\SYSWOW64\SynCOM.dll
2013-09-04 21:45:41 ----A---- C:\Windows\system32\SETA493.tmp
2013-09-04 21:45:41 ----A---- C:\Windows\system32\SET9C38.tmp
2013-09-04 21:45:41 ----A---- C:\Windows\system32\drivers\SynTP.sys
2013-09-04 21:45:40 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2013-09-01 21:14:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-01 21:14:44 ----A---- C:\Windows\system32\ieui.dll
2013-09-01 21:14:43 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-01 21:14:43 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-01 21:14:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-01 21:14:43 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-01 21:14:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-01 21:14:43 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-01 21:14:43 ----A---- C:\Windows\system32\iesetup.dll
2013-09-01 21:14:43 ----A---- C:\Windows\system32\iernonce.dll
2013-09-01 21:14:43 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-01 21:14:42 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-01 21:14:42 ----A---- C:\Windows\system32\iertutil.dll
2013-09-01 21:14:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-01 21:14:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-01 21:14:41 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-01 21:14:41 ----A---- C:\Windows\system32\jscript9.dll
2013-09-01 21:14:41 ----A---- C:\Windows\system32\jscript.dll
2013-09-01 21:14:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-01 21:14:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-01 21:14:40 ----A---- C:\Windows\system32\urlmon.dll
2013-09-01 21:14:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-01 21:14:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-01 21:14:39 ----A---- C:\Windows\system32\wininet.dll
2013-09-01 21:14:39 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-01 21:14:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-01 21:14:37 ----A---- C:\Windows\system32\mshtml.dll
2013-09-01 21:14:37 ----A---- C:\Windows\system32\ieframe.dll
2013-09-01 21:14:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-01 21:09:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-01 21:09:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-01 21:09:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-01 21:09:04 ----A---- C:\Windows\system32\ntdll.dll
2013-09-01 21:09:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-01 21:09:03 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-01 21:09:03 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-01 21:09:03 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-01 21:09:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-01 21:09:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-01 21:09:03 ----A---- C:\Windows\system32\wow64.dll
2013-09-01 21:09:02 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-09-01 21:09:02 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-09-01 21:09:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-09-01 21:09:01 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-09-01 21:09:01 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-09-01 21:09:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-09-01 21:09:01 ----A---- C:\Windows\system32\wintrust.dll
2013-09-01 21:09:01 ----A---- C:\Windows\system32\cryptsvc.dll
2013-09-01 21:09:01 ----A---- C:\Windows\system32\cryptnet.dll
2013-09-01 21:09:01 ----A---- C:\Windows\system32\crypt32.dll
2013-09-01 21:08:59 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-09-01 21:08:59 ----A---- C:\Windows\system32\tzres.dll
2013-09-01 21:08:58 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-09-01 21:08:58 ----A---- C:\Windows\system32\rpcrt4.dll
2013-09-01 21:08:57 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-09-01 21:08:57 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-21 15:34:46 ----D---- C:\Windows\Offline Address Books
2013-08-19 23:34:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-09-09 10:26:17 ----D---- C:\Windows\Prefetch
2013-09-09 10:26:09 ----RD---- C:\Program Files
2013-09-09 10:25:21 ----D---- C:\Windows\Temp
2013-09-09 10:20:41 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2013-09-09 09:19:14 ----D---- C:\Windows\system32\config
2013-09-09 08:36:45 ----SHD---- C:\System Volume Information
2013-09-09 08:28:23 ----HD---- C:\ProgramData
2013-09-09 08:28:17 ----A---- C:\Windows\WebUpdateSvc4.INI
2013-09-07 21:44:05 ----A---- C:\Windows\SYSWOW64\log.txt
2013-09-07 09:13:12 ----A---- C:\QcOSD.txt
2013-09-06 01:22:54 ----D---- C:\Windows\System32
2013-09-06 01:22:54 ----D---- C:\Windows\inf
2013-09-06 01:22:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-06 01:18:11 ----D---- C:\Windows
2013-09-06 01:17:37 ----D---- C:\Windows\Tasks
2013-09-06 01:17:37 ----D---- C:\Windows\system32\wfp
2013-09-06 01:17:36 ----D---- C:\Windows\system32\wbem
2013-09-06 01:17:19 ----HD---- C:\Windows\system32\WLANProfiles
2013-09-06 01:17:19 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-09-06 01:17:19 ----D---- C:\Windows\SysWOW64
2013-09-06 01:17:19 ----D---- C:\Windows\system32\Tasks
2013-09-06 01:17:18 ----D---- C:\Windows\system32\NDF
2013-09-06 01:17:18 ----D---- C:\Windows\system32\DriverStore
2013-09-06 01:17:17 ----SHD---- C:\Windows\Installer
2013-09-06 01:17:17 ----RSD---- C:\Windows\Media
2013-09-06 01:17:17 ----RSD---- C:\Windows\assembly
2013-09-06 01:17:17 ----D---- C:\Windows\system32\drivers\UMDF
2013-09-06 01:17:17 ----D---- C:\Windows\system32\drivers
2013-09-06 01:17:17 ----D---- C:\Windows\system32\CodeIntegrity
2013-09-06 01:17:17 ----D---- C:\Windows\system32\catroot2
2013-09-06 01:17:17 ----D---- C:\Windows\system32\catroot
2013-09-06 01:17:17 ----D---- C:\Windows\security
2013-09-06 01:17:17 ----D---- C:\Users\Jirka\AppData\Roaming\Intel
2013-09-06 01:17:15 ----D---- C:\ProgramData\Tarma Installer
2013-09-06 01:17:15 ----D---- C:\ProgramData\Lenovo
2013-09-06 01:17:15 ----D---- C:\ProgramData\Intel
2013-09-06 01:17:15 ----D---- C:\Program Files\ThinkPad
2013-09-06 01:17:15 ----D---- C:\Program Files\Synaptics
2013-09-06 01:17:15 ----D---- C:\Program Files\Lenovo
2013-09-06 01:17:14 ----RD---- C:\Program Files (x86)
2013-09-06 01:17:14 ----D---- C:\Program Files\Intel
2013-09-06 01:17:14 ----D---- C:\Program Files\Google
2013-09-06 01:17:14 ----D---- C:\Program Files\Common Files\Lenovo
2013-09-06 01:17:14 ----D---- C:\Program Files\Common Files\Intel
2013-09-06 01:17:14 ----D---- C:\Program Files (x86)\ThinkPad
2013-09-06 01:17:14 ----D---- C:\Program Files (x86)\SugarSync
2013-09-06 01:17:14 ----D---- C:\Program Files (x86)\Mobile Broadband drivers
2013-09-06 01:17:14 ----D---- C:\Program Files (x86)\Lenovo
2013-09-06 01:17:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-06 01:17:13 ----D---- C:\Program Files (x86)\Intel
2013-09-06 01:17:12 ----D---- C:\Program Files (x86)\Google
2013-09-06 01:17:12 ----D---- C:\Program Files (x86)\Dolby Home Theater v4
2013-09-06 01:17:12 ----D---- C:\Program Files (x86)\Cisco
2013-09-06 01:17:10 ----D---- C:\Windows\registration
2013-09-06 01:16:57 ----SD---- C:\ProgramData\Microsoft
2013-09-06 01:00:00 ----D---- C:\ProgramData\Roaming
2013-09-04 21:55:10 ----HD---- C:\Program Files (x86)\Temp
2013-09-04 21:46:52 ----SHD---- C:\Config.Msi
2013-09-04 21:46:15 ----D---- C:\Windows\Downloaded Installations
2013-09-04 00:05:35 ----D---- C:\Users\Jirka\AppData\Roaming\LTC
2013-09-02 23:36:49 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2013-09-02 00:25:29 ----D---- C:\Windows\rescache
2013-09-01 23:16:25 ----D---- C:\Windows\Microsoft.NET
2013-09-01 21:18:23 ----D---- C:\Windows\winsxs
2013-09-01 21:17:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-09-01 21:17:22 ----D---- C:\Windows\system32\cs-CZ
2013-09-01 21:17:22 ----D---- C:\Windows\AppPatch
2013-09-01 21:17:22 ----D---- C:\Program Files\Internet Explorer
2013-09-01 21:17:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-01 21:12:50 ----D---- C:\Windows\system32\MRT
2013-09-01 21:09:52 ----A---- C:\Windows\system32\MRT.exe
2013-08-30 08:54:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-27 16:08:15 ----D---- C:\Windows\ModemLogs
2013-08-20 22:57:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-16 08:30:36 ----D---- C:\Windows\system32\wdi
2013-08-14 08:06:25 ----D---- C:\Program Files (x86)\VLC Player GPU+
2013-08-12 13:45:58 ----RSD---- C:\Windows\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 DzHDD64;DzHDD64; C:\Windows\System32\DRIVERS\DzHDD64.sys [2013-01-10 29512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-04-19 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2012-07-23 148328]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2011-12-29 25416]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 PHCORE;PHCORE; \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [2012-03-27 33344]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2013-01-10 20328]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 5U877;5U877; C:\Windows\system32\DRIVERS\5U877.sys [2012-03-28 216704]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-01-11 360624]
R3 ecnssndis; Mobile Broadband Driver; C:\Windows\System32\Drivers\wwuss64.sys [2011-10-05 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter; C:\Windows\System32\Drivers\wwussf64.sys [2011-10-05 29736]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-04-28 44800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-02-19 9000256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-21 4106256]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-04-19 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-04-19 789272]
R3 l36wgps; Mobile Broadband GPS Port; C:\Windows\system32\DRIVERS\l36wgps64.sys [2012-03-01 103184]
R3 Mbm3CBus;H5321 gw Mobile Broadband Device (WDM); C:\Windows\system32\DRIVERS\Mbm3CBus.sys [2011-08-23 419400]
R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM); C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [2011-08-23 430664]
R3 Mbm3mdfl; Mobile Broadband Modem Port Filter; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [2011-08-23 19528]
R3 Mbm3Mdm; Mobile Broadband Modem Port Driver; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [2011-08-23 483400]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-26 40248]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-05-29 44784]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-05-29 460528]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2011-05-29 40248]
R3 tvtvcamd;Camera Plus (VGA Resolution Maximum); C:\Windows\system32\DRIVERS\tvtvcamd.sys [2011-12-08 27432]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-04-01 163368]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-12-08 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-04-01 594472]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-04-01 184872]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2012-03-05 210984]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-05 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 13824]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-26 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-26 27760]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-06-11 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-06-11 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2013-01-03 78336]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-06-11 9216]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-06-11 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2012-04-01 957216]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-04-28 61224]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-01-28 58664]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2012-08-24 127072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-01-28 61736]
R2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2013-01-28 188200]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-10 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-28 277784]
R2 MacheenService;Macheen Service; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [2013-04-17 32480]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-12 193824]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2012-09-07 145808]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2012-12-04 125504]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2008-01-10 61440]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
R2 VIPAppService;VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-04-19 84080]
R3 Blackberry Device Manager;BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-01-18 577536]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-21 136176]
S2 HyperW7Svc;HyperW7 Service; C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2012-05-30 144992]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-02-19 276288]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2013-01-10 320576]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-14 1432400]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-21 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-24 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2013-06-26 22376]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2011-12-29 49480]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu po navrácení k bodu obnovení
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu po navrácení k bodu obnovení
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu po navrácení k bodu obnovení
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013
Ran by Jirka (administrator) on JIRKA-THINK on 09-09-2013 12:42:59
Running from C:\Users\Jirka\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Data Perceptions / PowerProgrammer) C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Lenovo) C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
(Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
() C:\Windows\inf\msehygk\msehygk.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [382248 2013-02-12] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [293672 2013-01-28] (Lenovo Group Limited)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [446258 2013-07-29] ()
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [] -
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-21] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Policies\Explorer: []
MountPoints2: {ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} - D:\Startme.exe
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6000936 2013-01-10] (Lenovo Group Limited)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-14] (Lenovo, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [MobileAccess] - C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [155864 2013-04-17] (Lenovo)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GPULoader] - C:\Program Files (x86)\VLC Player GPU+\GPULog.exe [935424 2013-07-07] ()
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKU\Default\...\RunOnce: [] -
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] ()
HKU\Default User\...\RunOnce: [] -
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] ()
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 91.187.32.2 192.168.1.1
Tcpip\..\Interfaces\{CD871C4D-4F7C-46AA-8F93-4BC2D91CC1F1}: [NameServer]93.153.117.1 93.153.117.33
FireFox:
========
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\gz9api0t.default
FF user.js: detected! => C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\gz9api0t.default\user.js
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\
Chrome:
=======
CHR Extension: (Docs) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Shopping Suggestion) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbpjlaagejfakeobljhgplbgklgemll\1.0.0_0
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-01-10] (Lenovo.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [188200 2013-01-28] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [32480 2013-04-17] (Macheen)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-06-26] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 WebUpdate4; C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe [278800 2013-01-16] (Data Perceptions / PowerProgrammer)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [688024 2012-05-31] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-23] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-23] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-23] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-23] (MCCI Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R1 PHCORE; C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [33344 2012-03-27] (Lenovo Group Limited)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [279312 2012-04-27] (Ericsson AB)
S3 intaud_WaveExtensible; system32\drivers\intelaud.sys [x]
S3 iwdbus; system32\DRIVERS\iwdbus.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-09 12:41 - 2013-09-09 12:41 - 00000000 ____D C:\Users\Jirka\AppData\Local\qb11E52864.EE
2013-09-09 12:41 - 2013-09-08 23:29 - 01948948 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2013-09-09 10:33 - 2013-09-09 10:33 - 00047018 _____ C:\Users\Jirka\Documents\info Svoboda NTB.txt
2013-09-09 10:26 - 2013-09-09 10:26 - 00000000 ____D C:\rsit
2013-09-09 10:26 - 2013-09-09 10:26 - 00000000 ____D C:\Program Files\trend micro
2013-09-09 10:23 - 2013-09-09 10:23 - 00935175 _____ C:\Users\Jirka\Downloads\RSITx64.exe
2013-09-05 22:10 - 2013-09-05 22:10 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-05 21:34 - 2013-09-05 22:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-05 21:34 - 2013-09-05 21:34 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-09-04 21:54 - 2012-08-10 16:57 - 01264272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-09-04 21:54 - 2012-07-16 15:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-09-04 21:54 - 2012-06-15 12:20 - 00433544 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-09-04 21:54 - 2012-06-15 12:20 - 00141192 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-09-04 21:54 - 2012-04-10 07:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-09-04 21:51 - 2013-09-04 21:51 - 00000000 ____D C:\ProgramData\Intel.sav
2013-09-04 21:46 - 2013-09-04 21:46 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\LSC
2013-09-04 21:45 - 2013-05-29 21:41 - 00540400 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2013-09-04 21:45 - 2013-05-29 21:41 - 00460528 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2013-09-04 21:45 - 2013-05-29 21:41 - 00229616 _____ (Synaptics Incorporated) C:\Windows\system32\SET9C38.tmp
2013-09-04 21:45 - 2013-05-29 21:41 - 00178416 _____ (Synaptics Incorporated) C:\Windows\system32\SETA493.tmp
2013-09-04 21:45 - 2013-05-29 21:41 - 00114416 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2013-09-04 21:45 - 2013-05-29 21:41 - 00044784 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2013-09-04 13:02 - 2013-09-04 13:02 - 00044032 _____ C:\Users\Jirka\Documents\Kouřil - Bukovanská kaple.xls
2013-09-03 09:10 - 2013-09-03 09:15 - 280034854 _____ C:\Users\Jirka\Downloads\VODA.ZIP
2013-09-02 21:35 - 2013-09-02 21:35 - 00000488 _____ C:\Users\Jirka\Downloads\vw_rns510_ee_v9_7921_sce_rar.torrent
2013-09-01 23:36 - 2013-09-02 02:48 - 689635328 _____ C:\Users\Jirka\Downloads\FW_4020_70_20_5.ISO
2013-09-01 21:14 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-01 21:14 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-01 21:14 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-01 21:14 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-01 21:14 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-01 21:14 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-01 21:14 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-01 21:14 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-01 21:14 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-01 21:14 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-01 21:14 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-01 21:14 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-01 21:09 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-01 21:09 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-09-01 21:09 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-01 21:09 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-01 21:09 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-01 21:09 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-01 21:09 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-01 21:09 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-01 21:09 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-01 21:09 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-01 21:09 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-01 21:09 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-01 21:09 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-01 21:09 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-01 21:09 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-01 21:09 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-01 21:09 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-01 21:09 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-01 21:09 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-01 21:09 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-01 21:09 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-01 21:08 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-01 21:08 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-01 21:08 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-01 21:08 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-01 21:08 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-01 21:08 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-27 16:08 - 2013-08-27 16:08 - 00000000 ____D C:\Users\Jirka\Documents\Fax
2013-08-21 22:23 - 2013-08-21 23:11 - 295239224 _____ (Research In Motion Ltd. ) C:\Users\Jirka\Downloads\9900AllLang_PBr7.1.0_rel2807_PL5.1.0.692_A7.1.0.1033.exe
2013-08-21 15:34 - 2013-08-21 15:34 - 00000000 ____D C:\Windows\Offline Address Books
2013-08-19 23:34 - 2013-08-20 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-12 11:00 - 2013-08-12 11:02 - 00030208 _____ C:\Users\Jirka\Documents\Příkazský - kalkulace Kouřil Buk. kaple.xls
==================== One Month Modified Files and Folders =======
2013-09-09 12:42 - 2013-09-09 12:42 - 00000000 ____D C:\FRST
2013-09-09 12:42 - 2012-11-26 16:08 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Skype
2013-09-09 12:41 - 2013-09-09 12:41 - 00000000 ____D C:\Users\Jirka\AppData\Local\qb11E52864.EE
2013-09-09 12:28 - 2012-11-26 16:26 - 00000000 ____D C:\Users\Jirka\Documents\Soubory aplikace Outlook
2013-09-09 12:07 - 2012-12-22 11:31 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-09 11:52 - 2012-11-21 01:16 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-09 10:48 - 2012-12-14 22:18 - 00001101 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-09 10:33 - 2013-09-09 10:33 - 00047018 _____ C:\Users\Jirka\Documents\info Svoboda NTB.txt
2013-09-09 10:26 - 2013-09-09 10:26 - 00000000 ____D C:\rsit
2013-09-09 10:26 - 2013-09-09 10:26 - 00000000 ____D C:\Program Files\trend micro
2013-09-09 10:23 - 2013-09-09 10:23 - 00935175 _____ C:\Users\Jirka\Downloads\RSITx64.exe
2013-09-09 08:52 - 2012-11-21 01:16 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-09 08:37 - 2012-11-21 01:16 - 01059789 _____ C:\Windows\WindowsUpdate.log
2013-09-09 08:28 - 2012-11-20 16:55 - 00000378 _____ C:\ProgramData\LastUpdate.xml
2013-09-09 08:28 - 2012-11-20 16:55 - 00000031 _____ C:\Windows\WebUpdateSvc4.INI
2013-09-08 23:29 - 2013-09-09 12:41 - 01948948 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2013-09-07 22:26 - 2012-11-26 14:27 - 00000000 ____D C:\Users\Jirka\AppData\Local\MobileAccess
2013-09-07 09:13 - 2013-03-22 08:48 - 00757484 _____ C:\QcOSD.txt
2013-09-06 01:36 - 2012-12-03 00:27 - 00000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2013-09-06 01:24 - 2009-07-14 06:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-06 01:24 - 2009-07-14 06:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-06 01:22 - 2012-11-21 01:03 - 00669910 _____ C:\Windows\system32\perfh005.dat
2013-09-06 01:22 - 2012-11-21 01:03 - 00141510 _____ C:\Windows\system32\perfc005.dat
2013-09-06 01:22 - 2009-07-14 07:13 - 01585998 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-06 01:18 - 2012-11-26 14:26 - 00000000 ____D C:\Users\Jirka
2013-09-06 01:18 - 2009-07-14 06:51 - 00122021 _____ C:\Windows\setupact.log
2013-09-06 01:17 - 2013-04-18 21:43 - 00000000 ____D C:\ProgramData\Intel
2013-09-06 01:17 - 2013-04-18 21:43 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-09-06 01:17 - 2012-11-26 14:26 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Intel
2013-09-06 01:17 - 2012-11-21 01:17 - 00000000 ____D C:\Program Files\Google
2013-09-06 01:17 - 2012-11-21 01:17 - 00000000 ____D C:\Program Files (x86)\SugarSync
2013-09-06 01:17 - 2012-11-21 01:16 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-06 01:17 - 2012-11-21 01:15 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2013-09-06 01:17 - 2012-11-21 01:14 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-09-06 01:17 - 2012-11-21 01:12 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-09-06 01:17 - 2012-11-21 01:12 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-09-06 01:17 - 2012-11-21 01:12 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-09-06 01:17 - 2012-11-21 01:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-06 01:17 - 2012-11-21 01:11 - 00000000 ____D C:\Program Files\Lenovo
2013-09-06 01:17 - 2012-11-21 01:10 - 00000000 ____D C:\Program Files\ThinkPad
2013-09-06 01:17 - 2012-11-21 01:09 - 00000000 ____D C:\Program Files\Intel
2013-09-06 01:17 - 2012-11-21 01:09 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-09-06 01:17 - 2012-11-21 01:09 - 00000000 ____D C:\Program Files (x86)\Intel
2013-09-06 01:17 - 2012-11-21 01:08 - 00000000 ____D C:\Program Files\Synaptics
2013-09-06 01:17 - 2012-11-21 00:59 - 00000000 ____D C:\ProgramData\Lenovo
2013-09-06 01:17 - 2012-11-20 17:00 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-09-06 01:17 - 2011-12-08 22:42 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-06 01:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-06 01:17 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2013-09-06 01:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-06 01:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2013-09-06 01:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-05 22:10 - 2013-09-05 22:10 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-05 22:08 - 2013-09-05 21:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-05 21:34 - 2013-09-05 21:34 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-09-04 21:55 - 2012-11-21 01:12 - 00003041 _____ C:\RHDSetup.log
2013-09-04 21:51 - 2013-09-04 21:51 - 00000000 ____D C:\ProgramData\Intel.sav
2013-09-04 21:46 - 2013-09-04 21:46 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\LSC
2013-09-04 21:46 - 2013-03-14 16:39 - 00002982 _____ C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2013-09-04 21:46 - 2012-11-21 01:15 - 00000000 ____D C:\Windows\Downloaded Installations
2013-09-04 21:46 - 2012-11-21 01:08 - 00326358 _____ C:\Windows\DPINST.LOG
2013-09-04 21:46 - 2012-11-20 17:00 - 00001432 _____ C:\Windows\Synaptics.log
2013-09-04 21:45 - 2013-03-14 16:50 - 00000023 _____ C:\Windows\success64.log
2013-09-04 13:02 - 2013-09-04 13:02 - 00044032 _____ C:\Users\Jirka\Documents\Kouřil - Bukovanská kaple.xls
2013-09-04 00:05 - 2013-04-11 23:33 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\LTC
2013-09-03 09:15 - 2013-09-03 09:10 - 280034854 _____ C:\Users\Jirka\Downloads\VODA.ZIP
2013-09-02 23:36 - 2012-11-29 10:24 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\uTorrent
2013-09-02 21:46 - 2013-01-24 11:47 - 00000000 ____D C:\Users\Jirka\Documents\Torrent
2013-09-02 21:35 - 2013-09-02 21:35 - 00000488 _____ C:\Users\Jirka\Downloads\vw_rns510_ee_v9_7921_sce_rar.torrent
2013-09-02 02:48 - 2013-09-01 23:36 - 689635328 _____ C:\Users\Jirka\Downloads\FW_4020_70_20_5.ISO
2013-09-02 00:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-01 21:12 - 2013-07-17 09:24 - 00000000 ____D C:\Windows\system32\MRT
2013-09-01 21:09 - 2012-11-24 21:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-30 08:54 - 2012-11-24 17:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-27 16:08 - 2013-08-27 16:08 - 00000000 ____D C:\Users\Jirka\Documents\Fax
2013-08-25 00:42 - 2012-12-04 18:09 - 00001540 _____ C:\Users\Jirka\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-08-25 00:42 - 2012-12-04 18:09 - 00001540 _____ C:\Users\Jirka\AppData\Roaming\Rim.Desktop.Exception.log
2013-08-24 18:01 - 2012-12-19 23:48 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-08-21 23:11 - 2013-08-21 22:23 - 295239224 _____ (Research In Motion Ltd. ) C:\Users\Jirka\Downloads\9900AllLang_PBr7.1.0_rel2807_PL5.1.0.692_A7.1.0.1033.exe
2013-08-21 16:15 - 2012-11-28 15:30 - 00000000 ____D C:\Users\Jirka\Documents\Doklady
2013-08-21 15:34 - 2013-08-21 15:34 - 00000000 ____D C:\Windows\Offline Address Books
2013-08-20 22:57 - 2012-12-22 11:31 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 22:57 - 2012-11-24 18:08 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 22:57 - 2012-11-24 18:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 15:50 - 2013-08-19 23:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 10:07 - 2012-11-29 22:55 - 00000000 ____D C:\Users\Jirka\Documents\Aktualizovat
2013-08-14 10:30 - 2012-11-29 23:21 - 00000000 ____D C:\Users\Jirka\Documents\Jirka osobní
2013-08-14 08:06 - 2013-07-28 18:08 - 00000000 ____D C:\Program Files (x86)\VLC Player GPU+
2013-08-12 11:02 - 2013-08-12 11:00 - 00030208 _____ C:\Users\Jirka\Documents\Příkazský - kalkulace Kouřil Buk. kaple.xls
Files to move or delete:
====================
C:\Users\Jirka\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jirka\AppData\Local\Temp\AskSLib.dll
C:\Users\Jirka\AppData\Local\Temp\extension1379510966460972073.dll
C:\Users\Jirka\AppData\Local\Temp\extension1907732701879540002.dll
C:\Users\Jirka\AppData\Local\Temp\extension2198349919779249407.dll
C:\Users\Jirka\AppData\Local\Temp\extension2710379517118014461.dll
C:\Users\Jirka\AppData\Local\Temp\extension2744685327818515528.dll
C:\Users\Jirka\AppData\Local\Temp\extension3015124521564935367.dll
C:\Users\Jirka\AppData\Local\Temp\extension358279432347355852.dll
C:\Users\Jirka\AppData\Local\Temp\extension5133151171358972534.dll
C:\Users\Jirka\AppData\Local\Temp\extension542849834365728840.dll
C:\Users\Jirka\AppData\Local\Temp\extension5603881546932997768.dll
C:\Users\Jirka\AppData\Local\Temp\extension5722263554524785963.dll
C:\Users\Jirka\AppData\Local\Temp\extension6158804808356427954.dll
C:\Users\Jirka\AppData\Local\Temp\extension6159061135703438112.dll
C:\Users\Jirka\AppData\Local\Temp\extension6972877043615086248.dll
C:\Users\Jirka\AppData\Local\Temp\extension7478495243277973524.dll
C:\Users\Jirka\AppData\Local\Temp\extension7899638309155248939.dll
C:\Users\Jirka\AppData\Local\Temp\extension8270750590816364213.dll
C:\Users\Jirka\AppData\Local\Temp\extension8730623787905554403.dll
C:\Users\Jirka\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Jirka\AppData\Local\Temp\InitBDE.exe
C:\Users\Jirka\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jirka\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jirka\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Jirka\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Jirka\AppData\Local\Temp\prefetch.exe
C:\Users\Jirka\AppData\Local\Temp\presetup.exe
C:\Users\Jirka\AppData\Local\Temp\Setup__2140_il50912.exe
C:\Users\Jirka\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jirka\AppData\Local\Temp\UpdUninstall.exe
C:\Users\Jirka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Alternate Data Streams (whitelisted) ====
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
==================== Loaded Modules (whitelisted) ============
Task: {BA1DF76F-849E-4E27-BA47-D110D445CB74} - System32\Tasks\WPD\SqmUpload_S-1-5-21-891745072-4193010090-3770117065-1003 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation)
2012-12-14 22:18 - 2013-09-02 16:20 - 00114528 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.dll
2012-05-14 19:39 - 2012-05-14 19:39 - 00463952 _____ (SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
2012-11-21 01:14 - 2013-01-10 06:45 - 00094208 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2011-12-29 08:48 - 2011-12-29 08:48 - 00023616 _____ (Lenovo.) C:\Windows\system32\Sensor64.dll
2012-08-10 13:56 - 2012-08-10 13:56 - 03181464 ____R (Nero AG) C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\NeroShellExt.dll
2012-08-10 13:56 - 2012-08-10 13:56 - 00051096 ____R (Nero AG) C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\SolutionExplorer.dll
2013-01-24 09:32 - 2012-06-09 20:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2012-11-21 01:02 - 2013-05-29 21:41 - 01048816 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2013-04-24 01:22 - 2013-04-24 01:22 - 00229616 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2012-11-21 01:12 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-09-04 21:54 - 2012-07-16 15:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2011-12-29 08:48 - 2011-12-29 08:48 - 00023616 _____ (Lenovo.) C:\Windows\System32\Sensor64.dll
2012-11-21 01:13 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-31 19:22 - 2012-07-25 18:03 - 01080560 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4c.dll
2012-08-31 19:22 - 2012-07-25 18:03 - 00040688 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\Dolby.Interop.dll
2012-11-20 17:00 - 2012-06-15 12:20 - 00123784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2012-08-31 19:21 - 2012-07-25 18:02 - 00020208 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\cs\pcee4c.resources.dll
2013-09-09 10:48 - 2013-09-02 16:29 - 00322400 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\outlook\TeamViewerMeetingAddIn.dll
2013-02-15 03:36 - 2013-02-15 03:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2012-12-14 22:18 - 2013-09-02 16:20 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll
2013-01-18 17:10 - 2013-01-18 17:10 - 00270336 _____ (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgrPs.dll
2013-04-17 13:02 - 2013-04-17 13:02 - 00127208 _____ (Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenAppLibrary.dll
2012-04-13 12:47 - 2012-04-13 12:47 - 00040960 _____ ( ) C:\Program Files (x86)\Lenovo\MobileAccess\Interop.MbnApi.dll
2012-04-13 12:47 - 2012-04-13 12:47 - 00018944 _____ ( ) C:\Program Files (x86)\Lenovo\MobileAccess\Interop.NETWORKLIST.dll
2013-04-17 13:01 - 2013-04-17 13:01 - 00033792 _____ (Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenServiceInterface.dll
2013-01-16 13:05 - 2013-01-16 13:05 - 00037136 _____ (Data Perceptions) C:\Program Files (x86)\Lenovo\MobileAccess\wuw4.dll
2012-11-21 01:13 - 2013-02-19 21:35 - 00056832 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00612352 ____S (The cURL library, http://curl.haxx.se/) C:\Windows\inf\msehygk\libcurl.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00279955 ____S () C:\Windows\inf\msehygk\libidn-11.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\inf\msehygk\LIBEAY32.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\inf\msehygk\SSLEAY32.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00084992 ____S () C:\Windows\inf\msehygk\zlib1.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00110094 ____S (libusb.org) C:\Windows\inf\msehygk\libusb-1.0.dll
2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2013-03-06 09:09 - 2013-03-06 09:09 - 19329896 _____ (Adobe Systems Inc.) c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
2012-12-14 22:18 - 2013-09-02 16:29 - 00337760 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_cs.dll
2012-12-14 22:18 - 2013-09-02 16:29 - 03031904 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll
Název chybujícího modulu: xul.dll, verze: 23.0.1.4974, časové razítko: 0x520bc166
Description: firefox.exe23.0.1.4974520bc252xul.dll23.0.1.4974520bc166c00000050017af0820dc01ceaa8eb8169bf8C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllf7a11875-1683-11e3-a2dd-028037ec0200
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Scheduled Tasks (whitelisted) ===========
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Supplementary Scan (All) ================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcWin7Hlpr
C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aqyGpTmzBgH
C:\Users\Jirka\AppData\Roaming\LTC\videoplayerupdate16.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000000
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000000
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
"DisableCAD"=dword:00000001
"EnableLinkedConnections"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"VIDC.YVU9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"MSVideo8"="VfWWDM32.dll"
"wave2"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
==================== Drive and Memory info ===================
Drive c: (Windows7_OS) (Fixed) (Total:158.21 GB) (Free:15.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive z: () (Network) (Total:298.09 GB) (Free:291.68 GB) NTFS
Available physical RAM: 5772.73 MB
Total physical RAM: 7888.8 MB
Percentage of memory in use: 26%
LastRegBack: 2013-09-02 00:18
==================== End Of Log ==============================
Ran by Jirka (administrator) on JIRKA-THINK on 09-09-2013 12:42:59
Running from C:\Users\Jirka\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Data Perceptions / PowerProgrammer) C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Lenovo) C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
(Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
() C:\Windows\inf\msehygk\msehygk.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [382248 2013-02-12] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [293672 2013-01-28] (Lenovo Group Limited)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [446258 2013-07-29] ()
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [] -
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-21] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Policies\Explorer: []
MountPoints2: {ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} - D:\Startme.exe
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6000936 2013-01-10] (Lenovo Group Limited)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-14] (Lenovo, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [MobileAccess] - C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [155864 2013-04-17] (Lenovo)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GPULoader] - C:\Program Files (x86)\VLC Player GPU+\GPULog.exe [935424 2013-07-07] ()
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKU\Default\...\RunOnce: [] -
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] ()
HKU\Default User\...\RunOnce: [] -
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] ()
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 91.187.32.2 192.168.1.1
Tcpip\..\Interfaces\{CD871C4D-4F7C-46AA-8F93-4BC2D91CC1F1}: [NameServer]93.153.117.1 93.153.117.33
FireFox:
========
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\gz9api0t.default
FF user.js: detected! => C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\gz9api0t.default\user.js
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\
Chrome:
=======
CHR Extension: (Docs) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Shopping Suggestion) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbpjlaagejfakeobljhgplbgklgemll\1.0.0_0
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-01-10] (Lenovo.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [188200 2013-01-28] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [32480 2013-04-17] (Macheen)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-06-26] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 WebUpdate4; C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe [278800 2013-01-16] (Data Perceptions / PowerProgrammer)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [688024 2012-05-31] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-23] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-23] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-23] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-23] (MCCI Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R1 PHCORE; C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [33344 2012-03-27] (Lenovo Group Limited)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [279312 2012-04-27] (Ericsson AB)
S3 intaud_WaveExtensible; system32\drivers\intelaud.sys [x]
S3 iwdbus; system32\DRIVERS\iwdbus.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-09 12:41 - 2013-09-09 12:41 - 00000000 ____D C:\Users\Jirka\AppData\Local\qb11E52864.EE
2013-09-09 12:41 - 2013-09-08 23:29 - 01948948 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2013-09-09 10:33 - 2013-09-09 10:33 - 00047018 _____ C:\Users\Jirka\Documents\info Svoboda NTB.txt
2013-09-09 10:26 - 2013-09-09 10:26 - 00000000 ____D C:\rsit
2013-09-09 10:26 - 2013-09-09 10:26 - 00000000 ____D C:\Program Files\trend micro
2013-09-09 10:23 - 2013-09-09 10:23 - 00935175 _____ C:\Users\Jirka\Downloads\RSITx64.exe
2013-09-05 22:10 - 2013-09-05 22:10 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-05 21:34 - 2013-09-05 22:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-05 21:34 - 2013-09-05 21:34 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-09-04 21:54 - 2012-08-10 16:57 - 01264272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-09-04 21:54 - 2012-07-16 15:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-09-04 21:54 - 2012-06-15 12:20 - 00433544 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-09-04 21:54 - 2012-06-15 12:20 - 00141192 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-09-04 21:54 - 2012-04-10 07:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-09-04 21:51 - 2013-09-04 21:51 - 00000000 ____D C:\ProgramData\Intel.sav
2013-09-04 21:46 - 2013-09-04 21:46 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\LSC
2013-09-04 21:45 - 2013-05-29 21:41 - 00540400 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2013-09-04 21:45 - 2013-05-29 21:41 - 00460528 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2013-09-04 21:45 - 2013-05-29 21:41 - 00229616 _____ (Synaptics Incorporated) C:\Windows\system32\SET9C38.tmp
2013-09-04 21:45 - 2013-05-29 21:41 - 00178416 _____ (Synaptics Incorporated) C:\Windows\system32\SETA493.tmp
2013-09-04 21:45 - 2013-05-29 21:41 - 00114416 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2013-09-04 21:45 - 2013-05-29 21:41 - 00044784 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2013-09-04 13:02 - 2013-09-04 13:02 - 00044032 _____ C:\Users\Jirka\Documents\Kouřil - Bukovanská kaple.xls
2013-09-03 09:10 - 2013-09-03 09:15 - 280034854 _____ C:\Users\Jirka\Downloads\VODA.ZIP
2013-09-02 21:35 - 2013-09-02 21:35 - 00000488 _____ C:\Users\Jirka\Downloads\vw_rns510_ee_v9_7921_sce_rar.torrent
2013-09-01 23:36 - 2013-09-02 02:48 - 689635328 _____ C:\Users\Jirka\Downloads\FW_4020_70_20_5.ISO
2013-09-01 21:14 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-01 21:14 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-01 21:14 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-01 21:14 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-01 21:14 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-01 21:14 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-01 21:14 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-01 21:14 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-01 21:14 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-01 21:14 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-01 21:14 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-01 21:14 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-01 21:14 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-01 21:14 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-01 21:09 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-01 21:09 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-09-01 21:09 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-01 21:09 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-01 21:09 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-01 21:09 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-01 21:09 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-01 21:09 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-01 21:09 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-01 21:09 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-01 21:09 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-01 21:09 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-01 21:09 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-01 21:09 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-01 21:09 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-01 21:09 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-01 21:09 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-01 21:09 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-01 21:09 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-01 21:09 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-01 21:09 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-01 21:08 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-01 21:08 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-01 21:08 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-01 21:08 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-01 21:08 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-01 21:08 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-27 16:08 - 2013-08-27 16:08 - 00000000 ____D C:\Users\Jirka\Documents\Fax
2013-08-21 22:23 - 2013-08-21 23:11 - 295239224 _____ (Research In Motion Ltd. ) C:\Users\Jirka\Downloads\9900AllLang_PBr7.1.0_rel2807_PL5.1.0.692_A7.1.0.1033.exe
2013-08-21 15:34 - 2013-08-21 15:34 - 00000000 ____D C:\Windows\Offline Address Books
2013-08-19 23:34 - 2013-08-20 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-12 11:00 - 2013-08-12 11:02 - 00030208 _____ C:\Users\Jirka\Documents\Příkazský - kalkulace Kouřil Buk. kaple.xls
==================== One Month Modified Files and Folders =======
2013-09-09 12:42 - 2013-09-09 12:42 - 00000000 ____D C:\FRST
2013-09-09 12:42 - 2012-11-26 16:08 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Skype
2013-09-09 12:41 - 2013-09-09 12:41 - 00000000 ____D C:\Users\Jirka\AppData\Local\qb11E52864.EE
2013-09-09 12:28 - 2012-11-26 16:26 - 00000000 ____D C:\Users\Jirka\Documents\Soubory aplikace Outlook
2013-09-09 12:07 - 2012-12-22 11:31 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-09 11:52 - 2012-11-21 01:16 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-09 10:48 - 2012-12-14 22:18 - 00001101 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-09 10:33 - 2013-09-09 10:33 - 00047018 _____ C:\Users\Jirka\Documents\info Svoboda NTB.txt
2013-09-09 10:26 - 2013-09-09 10:26 - 00000000 ____D C:\rsit
2013-09-09 10:26 - 2013-09-09 10:26 - 00000000 ____D C:\Program Files\trend micro
2013-09-09 10:23 - 2013-09-09 10:23 - 00935175 _____ C:\Users\Jirka\Downloads\RSITx64.exe
2013-09-09 08:52 - 2012-11-21 01:16 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-09 08:37 - 2012-11-21 01:16 - 01059789 _____ C:\Windows\WindowsUpdate.log
2013-09-09 08:28 - 2012-11-20 16:55 - 00000378 _____ C:\ProgramData\LastUpdate.xml
2013-09-09 08:28 - 2012-11-20 16:55 - 00000031 _____ C:\Windows\WebUpdateSvc4.INI
2013-09-08 23:29 - 2013-09-09 12:41 - 01948948 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2013-09-07 22:26 - 2012-11-26 14:27 - 00000000 ____D C:\Users\Jirka\AppData\Local\MobileAccess
2013-09-07 09:13 - 2013-03-22 08:48 - 00757484 _____ C:\QcOSD.txt
2013-09-06 01:36 - 2012-12-03 00:27 - 00000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2013-09-06 01:24 - 2009-07-14 06:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-06 01:24 - 2009-07-14 06:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-06 01:22 - 2012-11-21 01:03 - 00669910 _____ C:\Windows\system32\perfh005.dat
2013-09-06 01:22 - 2012-11-21 01:03 - 00141510 _____ C:\Windows\system32\perfc005.dat
2013-09-06 01:22 - 2009-07-14 07:13 - 01585998 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-06 01:18 - 2012-11-26 14:26 - 00000000 ____D C:\Users\Jirka
2013-09-06 01:18 - 2009-07-14 06:51 - 00122021 _____ C:\Windows\setupact.log
2013-09-06 01:17 - 2013-04-18 21:43 - 00000000 ____D C:\ProgramData\Intel
2013-09-06 01:17 - 2013-04-18 21:43 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-09-06 01:17 - 2012-11-26 14:26 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Intel
2013-09-06 01:17 - 2012-11-21 01:17 - 00000000 ____D C:\Program Files\Google
2013-09-06 01:17 - 2012-11-21 01:17 - 00000000 ____D C:\Program Files (x86)\SugarSync
2013-09-06 01:17 - 2012-11-21 01:16 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-06 01:17 - 2012-11-21 01:15 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2013-09-06 01:17 - 2012-11-21 01:14 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-09-06 01:17 - 2012-11-21 01:12 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-09-06 01:17 - 2012-11-21 01:12 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-09-06 01:17 - 2012-11-21 01:12 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-09-06 01:17 - 2012-11-21 01:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-06 01:17 - 2012-11-21 01:11 - 00000000 ____D C:\Program Files\Lenovo
2013-09-06 01:17 - 2012-11-21 01:10 - 00000000 ____D C:\Program Files\ThinkPad
2013-09-06 01:17 - 2012-11-21 01:09 - 00000000 ____D C:\Program Files\Intel
2013-09-06 01:17 - 2012-11-21 01:09 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-09-06 01:17 - 2012-11-21 01:09 - 00000000 ____D C:\Program Files (x86)\Intel
2013-09-06 01:17 - 2012-11-21 01:08 - 00000000 ____D C:\Program Files\Synaptics
2013-09-06 01:17 - 2012-11-21 00:59 - 00000000 ____D C:\ProgramData\Lenovo
2013-09-06 01:17 - 2012-11-20 17:00 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-09-06 01:17 - 2011-12-08 22:42 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-06 01:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-06 01:17 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2013-09-06 01:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-06 01:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2013-09-06 01:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-05 22:10 - 2013-09-05 22:10 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-05 22:08 - 2013-09-05 21:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-05 21:34 - 2013-09-05 21:34 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-09-04 21:55 - 2012-11-21 01:12 - 00003041 _____ C:\RHDSetup.log
2013-09-04 21:51 - 2013-09-04 21:51 - 00000000 ____D C:\ProgramData\Intel.sav
2013-09-04 21:46 - 2013-09-04 21:46 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\LSC
2013-09-04 21:46 - 2013-03-14 16:39 - 00002982 _____ C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2013-09-04 21:46 - 2012-11-21 01:15 - 00000000 ____D C:\Windows\Downloaded Installations
2013-09-04 21:46 - 2012-11-21 01:08 - 00326358 _____ C:\Windows\DPINST.LOG
2013-09-04 21:46 - 2012-11-20 17:00 - 00001432 _____ C:\Windows\Synaptics.log
2013-09-04 21:45 - 2013-03-14 16:50 - 00000023 _____ C:\Windows\success64.log
2013-09-04 13:02 - 2013-09-04 13:02 - 00044032 _____ C:\Users\Jirka\Documents\Kouřil - Bukovanská kaple.xls
2013-09-04 00:05 - 2013-04-11 23:33 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\LTC
2013-09-03 09:15 - 2013-09-03 09:10 - 280034854 _____ C:\Users\Jirka\Downloads\VODA.ZIP
2013-09-02 23:36 - 2012-11-29 10:24 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\uTorrent
2013-09-02 21:46 - 2013-01-24 11:47 - 00000000 ____D C:\Users\Jirka\Documents\Torrent
2013-09-02 21:35 - 2013-09-02 21:35 - 00000488 _____ C:\Users\Jirka\Downloads\vw_rns510_ee_v9_7921_sce_rar.torrent
2013-09-02 02:48 - 2013-09-01 23:36 - 689635328 _____ C:\Users\Jirka\Downloads\FW_4020_70_20_5.ISO
2013-09-02 00:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-01 21:12 - 2013-07-17 09:24 - 00000000 ____D C:\Windows\system32\MRT
2013-09-01 21:09 - 2012-11-24 21:53 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-30 08:54 - 2012-11-24 17:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-27 16:08 - 2013-08-27 16:08 - 00000000 ____D C:\Users\Jirka\Documents\Fax
2013-08-25 00:42 - 2012-12-04 18:09 - 00001540 _____ C:\Users\Jirka\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-08-25 00:42 - 2012-12-04 18:09 - 00001540 _____ C:\Users\Jirka\AppData\Roaming\Rim.Desktop.Exception.log
2013-08-24 18:01 - 2012-12-19 23:48 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-08-21 23:11 - 2013-08-21 22:23 - 295239224 _____ (Research In Motion Ltd. ) C:\Users\Jirka\Downloads\9900AllLang_PBr7.1.0_rel2807_PL5.1.0.692_A7.1.0.1033.exe
2013-08-21 16:15 - 2012-11-28 15:30 - 00000000 ____D C:\Users\Jirka\Documents\Doklady
2013-08-21 15:34 - 2013-08-21 15:34 - 00000000 ____D C:\Windows\Offline Address Books
2013-08-20 22:57 - 2012-12-22 11:31 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 22:57 - 2012-11-24 18:08 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 22:57 - 2012-11-24 18:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 15:50 - 2013-08-19 23:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-19 10:07 - 2012-11-29 22:55 - 00000000 ____D C:\Users\Jirka\Documents\Aktualizovat
2013-08-14 10:30 - 2012-11-29 23:21 - 00000000 ____D C:\Users\Jirka\Documents\Jirka osobní
2013-08-14 08:06 - 2013-07-28 18:08 - 00000000 ____D C:\Program Files (x86)\VLC Player GPU+
2013-08-12 11:02 - 2013-08-12 11:00 - 00030208 _____ C:\Users\Jirka\Documents\Příkazský - kalkulace Kouřil Buk. kaple.xls
Files to move or delete:
====================
C:\Users\Jirka\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jirka\AppData\Local\Temp\AskSLib.dll
C:\Users\Jirka\AppData\Local\Temp\extension1379510966460972073.dll
C:\Users\Jirka\AppData\Local\Temp\extension1907732701879540002.dll
C:\Users\Jirka\AppData\Local\Temp\extension2198349919779249407.dll
C:\Users\Jirka\AppData\Local\Temp\extension2710379517118014461.dll
C:\Users\Jirka\AppData\Local\Temp\extension2744685327818515528.dll
C:\Users\Jirka\AppData\Local\Temp\extension3015124521564935367.dll
C:\Users\Jirka\AppData\Local\Temp\extension358279432347355852.dll
C:\Users\Jirka\AppData\Local\Temp\extension5133151171358972534.dll
C:\Users\Jirka\AppData\Local\Temp\extension542849834365728840.dll
C:\Users\Jirka\AppData\Local\Temp\extension5603881546932997768.dll
C:\Users\Jirka\AppData\Local\Temp\extension5722263554524785963.dll
C:\Users\Jirka\AppData\Local\Temp\extension6158804808356427954.dll
C:\Users\Jirka\AppData\Local\Temp\extension6159061135703438112.dll
C:\Users\Jirka\AppData\Local\Temp\extension6972877043615086248.dll
C:\Users\Jirka\AppData\Local\Temp\extension7478495243277973524.dll
C:\Users\Jirka\AppData\Local\Temp\extension7899638309155248939.dll
C:\Users\Jirka\AppData\Local\Temp\extension8270750590816364213.dll
C:\Users\Jirka\AppData\Local\Temp\extension8730623787905554403.dll
C:\Users\Jirka\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Jirka\AppData\Local\Temp\InitBDE.exe
C:\Users\Jirka\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jirka\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jirka\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Jirka\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Jirka\AppData\Local\Temp\prefetch.exe
C:\Users\Jirka\AppData\Local\Temp\presetup.exe
C:\Users\Jirka\AppData\Local\Temp\Setup__2140_il50912.exe
C:\Users\Jirka\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jirka\AppData\Local\Temp\UpdUninstall.exe
C:\Users\Jirka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Alternate Data Streams (whitelisted) ====
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
==================== Loaded Modules (whitelisted) ============
Task: {BA1DF76F-849E-4E27-BA47-D110D445CB74} - System32\Tasks\WPD\SqmUpload_S-1-5-21-891745072-4193010090-3770117065-1003 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation)
2012-12-14 22:18 - 2013-09-02 16:20 - 00114528 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.dll
2012-05-14 19:39 - 2012-05-14 19:39 - 00463952 _____ (SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
2012-11-21 01:14 - 2013-01-10 06:45 - 00094208 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2011-12-29 08:48 - 2011-12-29 08:48 - 00023616 _____ (Lenovo.) C:\Windows\system32\Sensor64.dll
2012-08-10 13:56 - 2012-08-10 13:56 - 03181464 ____R (Nero AG) C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\NeroShellExt.dll
2012-08-10 13:56 - 2012-08-10 13:56 - 00051096 ____R (Nero AG) C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\SolutionExplorer.dll
2013-01-24 09:32 - 2012-06-09 20:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2012-11-21 01:02 - 2013-05-29 21:41 - 01048816 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2013-04-24 01:22 - 2013-04-24 01:22 - 00229616 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2012-11-21 01:12 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-09-04 21:54 - 2012-07-16 15:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2011-12-29 08:48 - 2011-12-29 08:48 - 00023616 _____ (Lenovo.) C:\Windows\System32\Sensor64.dll
2012-11-21 01:13 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-31 19:22 - 2012-07-25 18:03 - 01080560 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4c.dll
2012-08-31 19:22 - 2012-07-25 18:03 - 00040688 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\Dolby.Interop.dll
2012-11-20 17:00 - 2012-06-15 12:20 - 00123784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2012-08-31 19:21 - 2012-07-25 18:02 - 00020208 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\cs\pcee4c.resources.dll
2013-09-09 10:48 - 2013-09-02 16:29 - 00322400 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\outlook\TeamViewerMeetingAddIn.dll
2013-02-15 03:36 - 2013-02-15 03:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2012-12-14 22:18 - 2013-09-02 16:20 - 00095584 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.dll
2013-01-18 17:10 - 2013-01-18 17:10 - 00270336 _____ (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgrPs.dll
2013-04-17 13:02 - 2013-04-17 13:02 - 00127208 _____ (Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenAppLibrary.dll
2012-04-13 12:47 - 2012-04-13 12:47 - 00040960 _____ ( ) C:\Program Files (x86)\Lenovo\MobileAccess\Interop.MbnApi.dll
2012-04-13 12:47 - 2012-04-13 12:47 - 00018944 _____ ( ) C:\Program Files (x86)\Lenovo\MobileAccess\Interop.NETWORKLIST.dll
2013-04-17 13:01 - 2013-04-17 13:01 - 00033792 _____ (Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenServiceInterface.dll
2013-01-16 13:05 - 2013-01-16 13:05 - 00037136 _____ (Data Perceptions) C:\Program Files (x86)\Lenovo\MobileAccess\wuw4.dll
2012-11-21 01:13 - 2013-02-19 21:35 - 00056832 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00612352 ____S (The cURL library, http://curl.haxx.se/) C:\Windows\inf\msehygk\libcurl.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00279955 ____S () C:\Windows\inf\msehygk\libidn-11.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\inf\msehygk\LIBEAY32.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\inf\msehygk\SSLEAY32.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00084992 ____S () C:\Windows\inf\msehygk\zlib1.dll
2013-07-28 20:31 - 2013-06-07 13:45 - 00110094 ____S (libusb.org) C:\Windows\inf\msehygk\libusb-1.0.dll
2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2013-03-06 09:09 - 2013-03-06 09:09 - 19329896 _____ (Adobe Systems Inc.) c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
2012-12-14 22:18 - 2013-09-02 16:29 - 00337760 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Resource_cs.dll
2012-12-14 22:18 - 2013-09-02 16:29 - 03031904 _____ (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_StaticRes.dll
Název chybujícího modulu: xul.dll, verze: 23.0.1.4974, časové razítko: 0x520bc166
Description: firefox.exe23.0.1.4974520bc252xul.dll23.0.1.4974520bc166c00000050017af0820dc01ceaa8eb8169bf8C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllf7a11875-1683-11e3-a2dd-028037ec0200
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Scheduled Tasks (whitelisted) ===========
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Supplementary Scan (All) ================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcWin7Hlpr
C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aqyGpTmzBgH
C:\Users\Jirka\AppData\Roaming\LTC\videoplayerupdate16.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000000
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000000
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
"DisableCAD"=dword:00000001
"EnableLinkedConnections"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"VIDC.YVU9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"MSVideo8"="VfWWDM32.dll"
"wave2"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
==================== Drive and Memory info ===================
Drive c: (Windows7_OS) (Fixed) (Total:158.21 GB) (Free:15.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive z: () (Network) (Total:298.09 GB) (Free:291.68 GB) NTFS
Available physical RAM: 5772.73 MB
Total physical RAM: 7888.8 MB
Percentage of memory in use: 26%
LastRegBack: 2013-09-02 00:18
==================== End Of Log ==============================
Re: Prosím o kontrolu logu po navrácení k bodu obnovení
Co udelame s temi nelegalnimi Office?? Nase forum nepodporuje piratsky SW a tim pachani trestneho cinu 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu po navrácení k bodu obnovení
Více než důrazně mu doporučím ať nainstaluje openoffice, na ten jeho "word" jednou za rok to ani nepozná, takže mu to odinstaluju zrovna.
Omluva, tohle jsem nějak neřešil jestli tam má legal verzi balíčku.
OS bude ok, na ntb je nálepka se sériákem ...
Omluva, tohle jsem nějak neřešil jestli tam má legal verzi balíčku.
OS bude ok, na ntb je nálepka se sériákem ...
Re: Prosím o kontrolu logu po navrácení k bodu obnovení
OK, takze pekne nelegalni Office do pryc a vzhuru do free reseniho Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [446258 2013-07-29] () HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKCU\...\Run: [] - HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-21] (Google Inc.) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Policies\Explorer: [] MountPoints2: {ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} - D:\Startme.exe HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [GPULoader] - C:\Program Files (x86)\VLC Player GPU+\GPULog.exe [935424 2013-07-07] () HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] () HKU\Default\...\RunOnce: [] - HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] () HKU\Default User\...\RunOnce: [] - HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] () HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENP HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENP HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aqyGpTmzBgH" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f 2013-09-05 22:10 - 2013-09-05 22:10 - 00000000 ____D C:\Program Files (x86)\ESET 2013-09-05 21:34 - 2013-09-05 22:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy C:\Windows\AutoKMS.exe Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu po navrácení k bodu obnovení
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-09-2013
Ran by Jirka at 2013-09-09 22:37:28 Run:1
Running from C:\Users\Jirka\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [446258 2013-07-29] ()
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [] -
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-21] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Policies\Explorer: []
MountPoints2: {ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} - D:\Startme.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GPULoader] - C:\Program Files (x86)\VLC Player GPU+\GPULog.exe [935424 2013-07-07] ()
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKU\Default\...\RunOnce: [] -
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] ()
HKU\Default User\...\RunOnce: [] -
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aqyGpTmzBgH" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f
2013-09-05 22:10 - 2013-09-05 22:10 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-05 21:34 - 2013-09-05 22:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
C:\Windows\AutoKMS.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktop => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktopChanges => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU\...\Run: [] - => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HKCU\...\Policies\Explorer: [] => Value not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} => Key deleted successfully.
HKCR\CLSID\{ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GPULoader => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\Default\...\RunOnce: [] - => Value not found.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Lenovoautoqdrive => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\Default User\...\RunOnce: [] - => Value not found.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Lenovoautoqdrive => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
C:\ProgramData\TEMP => ":A1EDB939" ADS removed successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aqyGpTmzBgH" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Program Files (x86)\ESET => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
"C:\Windows\AutoKMS.exe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by Jirka at 2013-09-09 22:37:28 Run:1
Running from C:\Users\Jirka\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [446258 2013-07-29] ()
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [] -
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-21] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Policies\Explorer: []
MountPoints2: {ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} - D:\Startme.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GPULoader] - C:\Program Files (x86)\VLC Player GPU+\GPULog.exe [935424 2013-07-07] ()
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKU\Default\...\RunOnce: [] -
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] ()
HKU\Default User\...\RunOnce: [] -
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2011-12-15] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aqyGpTmzBgH" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f
2013-09-05 22:10 - 2013-09-05 22:10 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-05 21:34 - 2013-09-05 22:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
C:\Windows\AutoKMS.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktop => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktopChanges => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU\...\Run: [] - => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HKCU\...\Policies\Explorer: [] => Value not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} => Key deleted successfully.
HKCR\CLSID\{ef99fa23-4f5b-11e2-aa11-9cb70dd0ed67} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GPULoader => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\Default\...\RunOnce: [] - => Value not found.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Lenovoautoqdrive => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\Default User\...\RunOnce: [] - => Value not found.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Lenovoautoqdrive => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
C:\ProgramData\TEMP => ":A1EDB939" ADS removed successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aqyGpTmzBgH" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Program Files (x86)\ESET => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
"C:\Windows\AutoKMS.exe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Prosím o kontrolu logu po navrácení k bodu obnovení
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu po navrácení k bodu obnovení
Supr čupr, šlape to zatím jako hodinky, takže díky za pomoc a projítí!!
Re: Prosím o kontrolu logu po navrácení k bodu obnovení
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?