Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Spomalený nábeh systému

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
gromo
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 28 bře 2010 16:45

Spomalený nábeh systému

#1 Příspěvek od gromo »

Dobrý deň,

už nejaký čas pozorujem spomalený nábeh systému. Kontrola Eset Online Scanerom ani MSE nič nenašla, takže to bude asi nejaká iná háveď. Prikladám log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uzivatel at 2013-11-05 08:07:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 177 GB (74%) free of 238 GB
Total RAM: 4091 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:07:50, on 5. 11. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.wisesearch.info/?pid=7 ... K&unqvl=39
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CrossriderApp0034362 - {11111111-1111-1111-1111-110311431162} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Uzivatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9527 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3930816
\??\C:\Windows\system32\conhost.exe "1939260940-11366033142062475686-1897764971-187130672-4591595021218923006-1497074808
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2012
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Uzivatel\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {C2E76E6F-7967-46A6-91CB-3B4243BE5497}
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 00817195-4827-527D-33A8-D9F8D677AAEF -Reinvoke
"C:\Users\Uzivatel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "keyword.URL" - "http://websearch.wisesearch.info/?pid=7 ... =39&l=1&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml

C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default\searchplugins\
babylon1.xml
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}]
HDvid Codec V1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}]
HDvid Codec V1

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2010-04-15 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}]
Complitly

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 1356240]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 642728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2013-11-05 08:03:26 ----D---- C:\rsit
2013-11-05 08:03:26 ----D---- C:\Program Files\trend micro
2013-10-29 18:03:08 ----D---- C:\Users\Uzivatel\AppData\Roaming\EZDownloader
2013-10-29 18:02:46 ----D---- C:\ProgramData\SearchNewTab
2013-10-29 18:02:45 ----D---- C:\ProgramData\WinterSoft
2013-10-29 18:00:52 ----D---- C:\ProgramData\DOwnolooadd kaeeper
2013-10-29 18:00:52 ----D---- C:\ProgramData\34d35070391cfe90
2013-10-29 18:00:11 ----D---- C:\ProgramData\InstallMate
2013-10-23 20:04:35 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2013-10-10 16:24:51 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 16:24:51 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 16:24:48 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-10-10 16:24:48 ----A---- C:\Windows\system32\d3d11.dll
2013-10-10 16:24:43 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 16:24:12 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-10 16:24:12 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 16:24:11 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-10 16:24:11 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-10 16:24:11 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-10 16:24:11 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 16:24:11 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 16:24:10 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-10 16:24:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-10 16:24:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-10 16:24:09 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-10 16:24:09 ----A---- C:\Windows\system32\mswsock.dll
2013-10-10 16:24:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-10 16:24:09 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-10 16:24:08 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 16:24:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-10 16:23:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-10 16:23:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-10 16:23:57 ----A---- C:\Windows\system32\ntdll.dll
2013-10-10 16:23:57 ----A---- C:\Windows\system32\advapi32.dll
2013-10-10 16:23:56 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-10 16:23:56 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-10 16:23:56 ----A---- C:\Windows\system32\tdh.dll
2013-10-10 16:23:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-10 16:23:55 ----A---- C:\Windows\system32\wow64.dll
2013-10-10 16:23:54 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-10 16:23:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-10 16:23:53 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-10 16:23:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-10 16:23:53 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-10 16:23:18 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 16:23:17 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 16:23:17 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 16:23:16 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-08 13:45:37 ----A---- C:\Users\Uzivatel\AppData\Roaming\regsvr32.exe_log.txt
2013-10-08 13:45:37 ----A---- C:\Users\Uzivatel\AppData\Roaming\LiveSupport.exe_log.txt
2013-10-08 13:44:11 ----D---- C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2013-10-08 12:29:40 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-10-02 22:23:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-09-14 11:02:51 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-14 11:02:46 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-14 11:02:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-14 11:02:46 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-14 11:02:46 ----A---- C:\Windows\system32\kernel32.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-14 11:02:45 ----A---- C:\Windows\system32\winsrv.dll
2013-09-14 11:02:45 ----A---- C:\Windows\system32\smss.exe
2013-09-14 11:02:45 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-14 11:02:45 ----A---- C:\Windows\system32\conhost.exe
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-14 11:02:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-14 11:02:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-14 11:02:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-14 11:02:40 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-14 11:02:40 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-14 11:02:39 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-14 11:02:39 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-14 11:02:33 ----A---- C:\Windows\system32\shell32.dll
2013-09-14 11:02:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-14 11:02:31 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-14 11:02:31 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-09 14:53:42 ----D---- C:\ProgramData\Adobe
2013-09-04 15:56:09 ----D---- C:\ProgramData\Toshiba
2013-08-31 20:36:57 ----D---- C:\Users\Uzivatel\AppData\Roaming\OfficeRecovery
2013-08-31 20:25:22 ----D---- C:\Windows\system32\MRT
2013-08-31 20:05:29 ----D---- C:\ProgramData\Microsoft Help
2013-08-31 15:11:30 ----A---- C:\Windows\system32\crypt32.dll
2013-08-31 15:11:28 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-31 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-31 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-31 15:11:28 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-31 15:11:28 ----A---- C:\Windows\system32\wintrust.dll
2013-08-31 15:11:28 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-31 15:11:28 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-31 15:11:15 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-31 15:11:15 ----A---- C:\Windows\system32\tzres.dll
2013-08-31 15:11:12 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-31 15:11:12 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-31 15:11:11 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-31 15:11:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-31 15:11:08 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-31 14:03:53 ----D---- C:\ProgramData\Mozilla
2013-08-30 21:02:05 ----D---- C:\ProgramData\TOSHIBA Tempro
2013-08-30 21:02:05 ----D---- C:\ProgramData\IsolatedStorage
2013-08-30 11:53:39 ----D---- C:\ProgramData\TuneUp Software

======List of files/folders modified in the last 3 months======

2013-11-05 08:04:15 ----D---- C:\Windows\tracing
2013-11-05 08:03:26 ----RD---- C:\Program Files
2013-11-05 08:03:03 ----D---- C:\Windows\temp
2013-11-05 08:01:51 ----D---- C:\Windows\System32
2013-11-05 08:01:51 ----D---- C:\Windows\inf
2013-11-05 08:01:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-05 08:01:01 ----D---- C:\Windows\system32\config
2013-11-05 07:55:56 ----SHD---- C:\Config.Msi
2013-11-05 00:03:54 ----D---- C:\Users\Uzivatel\AppData\Roaming\vlc
2013-11-04 21:14:06 ----SHD---- C:\Windows\Installer
2013-11-04 21:13:59 ----SHD---- C:\System Volume Information
2013-11-04 21:13:57 ----RD---- C:\Program Files (x86)
2013-11-04 21:13:43 ----D---- C:\Windows\SysWOW64
2013-11-04 20:57:39 ----D---- C:\Windows
2013-11-02 22:23:47 ----D---- C:\Windows\SoftwareDistribution
2013-11-02 20:54:03 ----D---- C:\Program Files (x86)\Windows Live
2013-10-30 13:48:18 ----D---- C:\Program Files (x86)\Common Files
2013-10-29 22:16:46 ----D---- C:\Windows\Prefetch
2013-10-29 18:29:46 ----D---- C:\Windows\system32\Tasks
2013-10-29 18:02:46 ----D---- C:\ProgramData
2013-10-29 17:13:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-29 14:56:09 ----D---- C:\Windows\Tasks
2013-10-29 08:40:49 ----D---- C:\Windows\Minidump
2013-10-28 21:39:09 ----D---- C:\Windows\system32\catroot2
2013-10-28 18:23:48 ----D---- C:\Users\Uzivatel\AppData\Roaming\BitTorrent
2013-10-23 16:03:59 ----RSD---- C:\Windows\assembly
2013-10-16 01:53:14 ----D---- C:\Windows\system32\drivers
2013-10-16 01:53:14 ----D---- C:\Windows\system32\catroot
2013-10-16 01:53:13 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-10-16 01:53:12 ----D---- C:\Program Files\Microsoft Security Client
2013-10-14 21:56:42 ----D---- C:\Windows\rescache
2013-10-14 18:30:39 ----D---- C:\Windows\Microsoft.NET
2013-10-14 07:33:19 ----D---- C:\Windows\winsxs
2013-10-14 07:32:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-14 07:31:05 ----D---- C:\Windows\system32\DriverStore
2013-10-14 07:31:05 ----D---- C:\Windows\AppPatch
2013-10-14 07:17:01 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-14 07:05:24 ----A---- C:\Windows\system32\MRT.exe
2013-10-10 23:59:12 ----D---- C:\Windows\system32\en-US
2013-10-10 19:06:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-03 05:48:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-01 15:15:14 ----D---- C:\Windows\system32\NDF
2013-09-15 15:24:28 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-09-15 15:24:28 ----D---- C:\Windows\system32\sk-SK
2013-08-31 20:01:37 ----D---- C:\Windows\system32\wfp
2013-08-31 20:01:33 ----D---- C:\Windows\system32\wbem
2013-08-31 20:00:57 ----D---- C:\Windows\AppCompat
2013-08-31 20:00:53 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2000-01-01 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2000-01-01 42624]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2000-01-01 16552]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-21 564824]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files (x86)\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-16 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-16 43680]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2000-01-01 6660608]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2000-01-01 195584]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2000-01-01 96896]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-07 3058168]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 103536]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2000-01-01 56448]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2000-01-01 6660608]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-02-22 42184]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2000-01-01 202752]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 361984]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 23808]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 366600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-02 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-18 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------



edit: nevšimol som si doplnenú ulitku FRST, takže log:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Uzivatel at 2013-11-05 08:07:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 177 GB (74%) free of 238 GB
Total RAM: 4091 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:07:50, on 5. 11. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.wisesearch.info/?pid=7 ... K&unqvl=39
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CrossriderApp0034362 - {11111111-1111-1111-1111-110311431162} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Uzivatel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9527 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3930816
\??\C:\Windows\system32\conhost.exe "1939260940-11366033142062475686-1897764971-187130672-4591595021218923006-1497074808
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2012
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Uzivatel\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {C2E76E6F-7967-46A6-91CB-3B4243BE5497}
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 00817195-4827-527D-33A8-D9F8D677AAEF -Reinvoke
"C:\Users\Uzivatel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "keyword.URL" - "http://websearch.wisesearch.info/?pid=7 ... =39&l=1&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml

C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default\searchplugins\
babylon1.xml
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}]
HDvid Codec V1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}]
HDvid Codec V1

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2010-04-15 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}]
Complitly

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 1356240]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 642728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2013-11-05 08:03:26 ----D---- C:\rsit
2013-11-05 08:03:26 ----D---- C:\Program Files\trend micro
2013-10-29 18:03:08 ----D---- C:\Users\Uzivatel\AppData\Roaming\EZDownloader
2013-10-29 18:02:46 ----D---- C:\ProgramData\SearchNewTab
2013-10-29 18:02:45 ----D---- C:\ProgramData\WinterSoft
2013-10-29 18:00:52 ----D---- C:\ProgramData\DOwnolooadd kaeeper
2013-10-29 18:00:52 ----D---- C:\ProgramData\34d35070391cfe90
2013-10-29 18:00:11 ----D---- C:\ProgramData\InstallMate
2013-10-23 20:04:35 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2013-10-10 16:24:51 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 16:24:51 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 16:24:49 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 16:24:49 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 16:24:48 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-10-10 16:24:48 ----A---- C:\Windows\system32\d3d11.dll
2013-10-10 16:24:43 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 16:24:12 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-10 16:24:12 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 16:24:11 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-10 16:24:11 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-10 16:24:11 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-10 16:24:11 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 16:24:11 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 16:24:10 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-10 16:24:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-10 16:24:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-10 16:24:09 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-10 16:24:09 ----A---- C:\Windows\system32\mswsock.dll
2013-10-10 16:24:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-10 16:24:09 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-10 16:24:08 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 16:24:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-10 16:23:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-10 16:23:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-10 16:23:57 ----A---- C:\Windows\system32\ntdll.dll
2013-10-10 16:23:57 ----A---- C:\Windows\system32\advapi32.dll
2013-10-10 16:23:56 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-10 16:23:56 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-10 16:23:56 ----A---- C:\Windows\system32\tdh.dll
2013-10-10 16:23:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-10 16:23:55 ----A---- C:\Windows\system32\wow64.dll
2013-10-10 16:23:54 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-10 16:23:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-10 16:23:53 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-10 16:23:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-10 16:23:53 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-10 16:23:18 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 16:23:17 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 16:23:17 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 16:23:16 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-08 13:45:37 ----A---- C:\Users\Uzivatel\AppData\Roaming\regsvr32.exe_log.txt
2013-10-08 13:45:37 ----A---- C:\Users\Uzivatel\AppData\Roaming\LiveSupport.exe_log.txt
2013-10-08 13:44:11 ----D---- C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2013-10-08 12:29:40 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-10-02 22:23:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-09-14 11:02:51 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-14 11:02:46 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-14 11:02:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-14 11:02:46 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-14 11:02:46 ----A---- C:\Windows\system32\kernel32.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-14 11:02:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-14 11:02:45 ----A---- C:\Windows\system32\winsrv.dll
2013-09-14 11:02:45 ----A---- C:\Windows\system32\smss.exe
2013-09-14 11:02:45 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-14 11:02:45 ----A---- C:\Windows\system32\conhost.exe
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-14 11:02:44 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-14 11:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-14 11:02:42 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-14 11:02:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-14 11:02:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-14 11:02:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-14 11:02:40 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-14 11:02:40 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-14 11:02:39 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-14 11:02:39 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-14 11:02:33 ----A---- C:\Windows\system32\shell32.dll
2013-09-14 11:02:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-14 11:02:31 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-14 11:02:31 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-09 14:53:42 ----D---- C:\ProgramData\Adobe
2013-09-04 15:56:09 ----D---- C:\ProgramData\Toshiba
2013-08-31 20:36:57 ----D---- C:\Users\Uzivatel\AppData\Roaming\OfficeRecovery
2013-08-31 20:25:22 ----D---- C:\Windows\system32\MRT
2013-08-31 20:05:29 ----D---- C:\ProgramData\Microsoft Help
2013-08-31 15:11:30 ----A---- C:\Windows\system32\crypt32.dll
2013-08-31 15:11:28 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-31 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-31 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-31 15:11:28 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-31 15:11:28 ----A---- C:\Windows\system32\wintrust.dll
2013-08-31 15:11:28 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-31 15:11:28 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-31 15:11:15 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-31 15:11:15 ----A---- C:\Windows\system32\tzres.dll
2013-08-31 15:11:12 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-31 15:11:12 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-31 15:11:11 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-31 15:11:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-31 15:11:08 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-31 14:03:53 ----D---- C:\ProgramData\Mozilla
2013-08-30 21:02:05 ----D---- C:\ProgramData\TOSHIBA Tempro
2013-08-30 21:02:05 ----D---- C:\ProgramData\IsolatedStorage
2013-08-30 11:53:39 ----D---- C:\ProgramData\TuneUp Software

======List of files/folders modified in the last 3 months======

2013-11-05 08:04:15 ----D---- C:\Windows\tracing
2013-11-05 08:03:26 ----RD---- C:\Program Files
2013-11-05 08:03:03 ----D---- C:\Windows\temp
2013-11-05 08:01:51 ----D---- C:\Windows\System32
2013-11-05 08:01:51 ----D---- C:\Windows\inf
2013-11-05 08:01:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-05 08:01:01 ----D---- C:\Windows\system32\config
2013-11-05 07:55:56 ----SHD---- C:\Config.Msi
2013-11-05 00:03:54 ----D---- C:\Users\Uzivatel\AppData\Roaming\vlc
2013-11-04 21:14:06 ----SHD---- C:\Windows\Installer
2013-11-04 21:13:59 ----SHD---- C:\System Volume Information
2013-11-04 21:13:57 ----RD---- C:\Program Files (x86)
2013-11-04 21:13:43 ----D---- C:\Windows\SysWOW64
2013-11-04 20:57:39 ----D---- C:\Windows
2013-11-02 22:23:47 ----D---- C:\Windows\SoftwareDistribution
2013-11-02 20:54:03 ----D---- C:\Program Files (x86)\Windows Live
2013-10-30 13:48:18 ----D---- C:\Program Files (x86)\Common Files
2013-10-29 22:16:46 ----D---- C:\Windows\Prefetch
2013-10-29 18:29:46 ----D---- C:\Windows\system32\Tasks
2013-10-29 18:02:46 ----D---- C:\ProgramData
2013-10-29 17:13:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-29 14:56:09 ----D---- C:\Windows\Tasks
2013-10-29 08:40:49 ----D---- C:\Windows\Minidump
2013-10-28 21:39:09 ----D---- C:\Windows\system32\catroot2
2013-10-28 18:23:48 ----D---- C:\Users\Uzivatel\AppData\Roaming\BitTorrent
2013-10-23 16:03:59 ----RSD---- C:\Windows\assembly
2013-10-16 01:53:14 ----D---- C:\Windows\system32\drivers
2013-10-16 01:53:14 ----D---- C:\Windows\system32\catroot
2013-10-16 01:53:13 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-10-16 01:53:12 ----D---- C:\Program Files\Microsoft Security Client
2013-10-14 21:56:42 ----D---- C:\Windows\rescache
2013-10-14 18:30:39 ----D---- C:\Windows\Microsoft.NET
2013-10-14 07:33:19 ----D---- C:\Windows\winsxs
2013-10-14 07:32:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-14 07:31:05 ----D---- C:\Windows\system32\DriverStore
2013-10-14 07:31:05 ----D---- C:\Windows\AppPatch
2013-10-14 07:17:01 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-14 07:05:24 ----A---- C:\Windows\system32\MRT.exe
2013-10-10 23:59:12 ----D---- C:\Windows\system32\en-US
2013-10-10 19:06:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-03 05:48:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-01 15:15:14 ----D---- C:\Windows\system32\NDF
2013-09-15 15:24:28 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-09-15 15:24:28 ----D---- C:\Windows\system32\sk-SK
2013-08-31 20:01:37 ----D---- C:\Windows\system32\wfp
2013-08-31 20:01:33 ----D---- C:\Windows\system32\wbem
2013-08-31 20:00:57 ----D---- C:\Windows\AppCompat
2013-08-31 20:00:53 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2000-01-01 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2000-01-01 42624]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2000-01-01 16552]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-21 564824]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files (x86)\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-16 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-16 43680]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2000-01-01 6660608]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2000-01-01 195584]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2000-01-01 96896]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-08-07 3058168]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 103536]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2000-01-01 56448]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2000-01-01 6660608]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-02-22 42184]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2010-02-03 60408]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2000-01-01 202752]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 361984]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 23808]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 366600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-02 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-02-25 196464]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-18 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Spomalený nábeh systému

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
gromo
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 28 bře 2010 16:45

Re: Spomalený nábeh systému

#3 Příspěvek od gromo »

Dík za odpoveď. :wink: Padol mi internet, takže sa opsravedlňujem za zdržanie.

log z AdwCleanera:

# AdwCleaner v3.011 - Report created 05/11/2013 at 10:15:11
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Uzivatel - ĽUBOŠ
# Running from : C:\Users\Uzivatel\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\DOwnolooadd kaeeper
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\Users\Uzivatel\AppData\Local\GamePlayLabs Plugin
Folder Deleted : C:\Users\Uzivatel\AppData\Roaming\EZDownloader
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Deleted : HKLM\SOFTWARE\a53d7dfb33db813
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKCU\Software\GamePlayLabs
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v24.0 (sk)

[ File : C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default\prefs.js ]

Line Deleted : user_pref("extensions.a4KmTuRO.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement(\"script\");scrip[...]
Line Deleted : user_pref("extensions.lAFOXWGI8.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++[...]

*************************

AdwCleaner[R0].txt - [3363 octets] - [05/11/2013 10:08:15]
AdwCleaner[S0].txt - [3278 octets] - [05/11/2013 10:15:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3338 octets] ##########

log z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Uzivatel on ut 05. 11. 2013 at 9:59:16,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\complitly.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\complitly
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\hdvid codec v1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3047231360-1637861669-50695928-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\hdvid codec v1-codedownloader_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\hdvid codec v1-codedownloader_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\livesupport_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\livesupport_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c670dcae-e392-aa32-6f42-143c7fc4bdfd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311431162}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322432262}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355435562}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366436662}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344434462}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311431162}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322432262}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355435562}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366436662}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344434462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355435562}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366436662}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344434462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_djvu-viewer-plug-in_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_djvu-viewer-plug-in_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_gimp[1]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_gimp[1]_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_gimp[2]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_gimp[2]_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_utorrent-64-bit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_utorrent-64-bit_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311431162}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355435562}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366436662}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344434462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_djvu-viewer-plug-in_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_djvu-viewer-plug-in_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_gimp[1]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_gimp[1]_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_gimp[2]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_gimp[2]_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_utorrent-64-bit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_utorrent-64-bit_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8b0d31e7-0331-43cc-87cd-a472317f1305}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8b0d31e7-0331-43cc-87cd-a472317f1305}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Uzivatel\AppData\Roaming\complitly"
Successfully deleted: [Folder] "C:\Users\Uzivatel\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Uzivatel\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{0A253EE6-DD7D-4161-A781-261D234DD827}
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{66242290-C39A-4C72-BA3A-C17ECD46A360}
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{6D9249CE-0E79-408D-8FA5-9A0854F5AA7B}
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{746061E8-5AF2-49C0-A1E7-8BC5CFFC0718}
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{96A92409-F57B-4D1A-8C87-3BDCCBDE4768}
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{BDE52B00-BDBC-4E63-B78A-5D867338B461}
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{C07B9C17-0D76-4F5F-B1F0-FCEB11EF2C80}
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{E90165ED-66FC-44A5-99C8-52EC22935F88}
Successfully deleted: [Empty Folder] C:\Users\Uzivatel\appdata\local\{F83FD8C7-5B87-405F-810A-D56F102FD1CB}



~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\Uzivatel\AppData\Roaming\mozilla\firefox\profiles\7upn4ma1.default\user.js
Successfully deleted: [File] C:\Users\Uzivatel\AppData\Roaming\mozilla\firefox\profiles\7upn4ma1.default\searchplugins\babylon1.xml
Successfully deleted: [File] C:\Users\Uzivatel\AppData\Roaming\mozilla\firefox\profiles\7upn4ma1.default\searchplugins\websearch.xml
Successfully deleted the following from C:\Users\Uzivatel\AppData\Roaming\mozilla\firefox\profiles\7upn4ma1.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=112572&babsrc=HP_ss&mntrId=ae9671db000000000000e839df4c9f69");
user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://websearch.wisesearch.info/?pid=714&r=2013/10/29&hid=8497998902200216871&lg=EN&cc=SK&unqvl=39&l=1&q=");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("extensions.50b6ae1f24b05.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.a4KmTuRO.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.create
user_pref("extensions.lAFOXWGI8.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1
user_pref("keyword.URL", "hxxp://websearch.wisesearch.info/?pid=714&r=2013/10/29&hid=8497998902200216871&lg=EN&cc=SK&unqvl=39&l=1&q=");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.wisesearch.info/?pid=714&r=2013/10/29&hid=8497998902200216871&lg=EN&cc=SK&unqvl=39");
user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.wisesearch.info/?pid=714&r=2013/10/29&hid=8497998902200216871&lg=EN&cc=SK&unqvl=39&l=1&q=");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\Uzivatel\AppData\Roaming\mozilla\firefox\profiles\7upn4ma1.default\minidumps [235 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 05. 11. 2013 at 10:06:35,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Spomalený nábeh systému

#4 Příspěvek od vyosek »

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
gromo
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 28 bře 2010 16:45

Re: Spomalený nábeh systému

#5 Příspěvek od gromo »

Nech sa páči:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Uzivatel (administrator) on ĽUBOŠ on 05-11-2013 10:51:55
Running from C:\Users\Uzivatel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
AppInit_DLLs: [97280 2009-07-14] ()
AppInit_DLLs-x32: [0 ] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute:

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x11ADBF5632C0CE01
SearchScopes: HKLM - DefaultScope {2378B474-10FD-44DC-8113-66AE3D2A9120} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {149360C1-3F2F-469F-A273-6CF58F3CCF93} URL = http://rover.ebay.com/rover/1/710-71511 ... earchTerms}
SearchScopes: HKCU - {29752C35-3424-481B-AE70-F6FF55BFC5B6} URL =
SearchScopes: HKCU - {CBA3014C-B02A-4F1C-8D9A-9FB9E3BD7455} URL = http://www.amazon.co.uk/gp/search?ie=UT ... nkCode=ur2
BHO: HDvid Codec V1 - {11111111-1111-1111-1111-110311431162} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default
FF Homepage: https://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Adblock Plus - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; C:\Program Files (x86)\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-12-16] ()
S3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-12-16] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-21] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-22] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-05 10:08 - 2013-11-05 10:15 - 00000000 ____D C:\AdwCleaner
2013-11-05 10:06 - 2013-11-05 10:06 - 00016891 _____ C:\Users\Uzivatel\Desktop\JRT.txt
2013-11-05 09:59 - 2013-11-05 09:59 - 00000000 ____D C:\Windows\ERUNT
2013-11-05 09:57 - 2013-11-05 09:58 - 01073258 _____ C:\Users\Uzivatel\Desktop\adwcleaner.exe
2013-11-05 09:56 - 2013-11-05 09:58 - 01033335 _____ (Thisisu) C:\Users\Uzivatel\Desktop\JRT.exe
2013-11-05 09:34 - 2013-11-05 09:34 - 00000000 ____D C:\FRST
2013-11-05 09:32 - 2013-11-05 09:32 - 00112128 _____ (forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe
2013-11-05 09:31 - 2013-11-05 09:32 - 01957098 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2013-11-05 08:03 - 2013-11-05 08:07 - 00000000 ____D C:\Program Files\trend micro
2013-11-05 08:03 - 2013-11-05 08:03 - 00000000 ____D C:\rsit
2013-11-05 08:02 - 2013-11-05 08:02 - 00935175 _____ C:\Users\Uzivatel\Desktop\RSITx64.exe
2013-11-02 22:20 - 2013-11-05 10:16 - 00000504 _____ C:\Windows\setupact.log
2013-11-02 22:20 - 2013-11-02 22:20 - 00000300 _____ C:\Windows\PFRO.log
2013-10-29 18:02 - 2013-10-29 18:02 - 00000000 ____D C:\ProgramData\WinterSoft
2013-10-29 18:00 - 2013-10-29 18:04 - 00000000 ____D C:\ProgramData\34d35070391cfe90
2013-10-29 18:00 - 2013-10-29 18:02 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-29 16:29 - 2013-10-29 16:29 - 00003140 _____ C:\Windows\System32\Tasks\{85ECEA2B-53B5-4492-A5AA-0936653D03D7}
2013-10-23 20:04 - 2012-04-08 23:40 - 00079360 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-21 06:53 - 2013-10-21 06:53 - 00007601 _____ C:\Users\Uzivatel\AppData\Local\recently-used.xbel
2013-10-16 13:21 - 2013-10-16 13:21 - 00003694 _____ C:\Windows\System32\Tasks\Adobe online update program
2013-10-14 14:34 - 2013-11-05 10:48 - 00000000 ____D C:\Users\Uzivatel\Akty X
2013-10-10 16:24 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 16:24 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 16:24 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 16:24 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 16:24 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 16:24 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 16:24 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 16:24 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 16:24 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 16:24 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 16:24 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 16:24 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 16:24 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 16:24 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 16:24 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 16:24 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 16:24 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 16:24 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 16:24 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 16:24 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 16:24 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 16:24 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 16:24 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 16:24 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 16:24 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 16:24 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 16:24 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 16:24 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 16:24 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 16:24 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-10-10 16:24 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-10-10 16:23 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 16:23 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 16:23 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 16:23 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 16:23 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 16:23 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 16:23 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 16:23 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 16:23 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 16:23 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 16:23 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 16:23 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 16:23 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 16:23 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 16:23 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 16:23 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 16:23 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 16:23 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 13:44 - 2013-10-08 13:45 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2013-10-08 12:29 - 2013-10-08 12:33 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

==================== One Month Modified Files and Folders =======

2013-11-05 10:48 - 2013-10-14 14:34 - 00000000 ____D C:\Users\Uzivatel\Akty X
2013-11-05 10:27 - 2012-05-22 10:00 - 01817189 _____ C:\Windows\WindowsUpdate.log
2013-11-05 10:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-11-05 10:23 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-05 10:23 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-05 10:21 - 2009-07-14 06:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-05 10:16 - 2013-11-02 22:20 - 00000504 _____ C:\Windows\setupact.log
2013-11-05 10:16 - 2012-02-22 21:58 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-11-05 10:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-05 10:15 - 2013-11-05 10:08 - 00000000 ____D C:\AdwCleaner
2013-11-05 10:06 - 2013-11-05 10:06 - 00016891 _____ C:\Users\Uzivatel\Desktop\JRT.txt
2013-11-05 10:06 - 2012-06-06 13:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-05 09:59 - 2013-11-05 09:59 - 00000000 ____D C:\Windows\ERUNT
2013-11-05 09:58 - 2013-11-05 09:57 - 01073258 _____ C:\Users\Uzivatel\Desktop\adwcleaner.exe
2013-11-05 09:58 - 2013-11-05 09:56 - 01033335 _____ (Thisisu) C:\Users\Uzivatel\Desktop\JRT.exe
2013-11-05 09:34 - 2013-11-05 09:34 - 00000000 ____D C:\FRST
2013-11-05 09:32 - 2013-11-05 09:32 - 00112128 _____ (forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe
2013-11-05 09:32 - 2013-11-05 09:31 - 01957098 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2013-11-05 09:01 - 2012-11-15 10:27 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\vlc
2013-11-05 08:07 - 2013-11-05 08:03 - 00000000 ____D C:\Program Files\trend micro
2013-11-05 08:03 - 2013-11-05 08:03 - 00000000 ____D C:\rsit
2013-11-05 08:02 - 2013-11-05 08:02 - 00935175 _____ C:\Users\Uzivatel\Desktop\RSITx64.exe
2013-11-05 00:03 - 2013-02-07 19:15 - 00000000 ___RD C:\Users\Uzivatel\Desktop\Filmotéka
2013-11-03 20:44 - 2010-09-08 15:30 - 00000000 ____D C:\Users\Uzivatel
2013-11-02 22:20 - 2013-11-02 22:20 - 00000300 _____ C:\Windows\PFRO.log
2013-11-02 20:54 - 2010-04-15 07:22 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-10-29 18:04 - 2013-10-29 18:00 - 00000000 ____D C:\ProgramData\34d35070391cfe90
2013-10-29 18:02 - 2013-10-29 18:02 - 00000000 ____D C:\ProgramData\WinterSoft
2013-10-29 18:02 - 2013-10-29 18:00 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-29 17:56 - 2010-09-08 15:30 - 00000000 ___RD C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-29 17:13 - 2010-04-15 06:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-29 16:29 - 2013-10-29 16:29 - 00003140 _____ C:\Windows\System32\Tasks\{85ECEA2B-53B5-4492-A5AA-0936653D03D7}
2013-10-29 08:40 - 2011-04-28 16:28 - 00000000 ____D C:\Windows\Minidump
2013-10-28 18:23 - 2013-03-15 19:35 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\BitTorrent
2013-10-28 15:33 - 2010-11-10 10:16 - 00000000 ____D C:\Users\Public\Documents\Škola
2013-10-23 19:05 - 2011-03-26 20:17 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\Google
2013-10-23 16:05 - 2010-11-12 18:49 - 00000648 _____ C:\Windows\SysWOW64\ealregsnapshot1.reg
2013-10-21 06:53 - 2013-10-21 06:53 - 00007601 _____ C:\Users\Uzivatel\AppData\Local\recently-used.xbel
2013-10-16 13:21 - 2013-10-16 13:21 - 00003694 _____ C:\Windows\System32\Tasks\Adobe online update program
2013-10-16 01:53 - 2013-04-14 10:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-16 01:53 - 2013-04-14 10:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-16 01:53 - 2012-10-17 17:22 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-14 21:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-14 07:33 - 2009-07-14 05:45 - 00446488 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 07:32 - 2012-05-10 14:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-14 07:19 - 2013-08-31 20:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 07:17 - 2012-05-10 14:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-14 07:07 - 2013-08-31 20:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 07:05 - 2010-10-14 16:16 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 19:06 - 2012-06-06 13:11 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 19:06 - 2012-04-10 22:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 19:06 - 2011-05-20 16:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 13:45 - 2013-10-08 13:44 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2013-10-08 12:37 - 2010-09-08 15:35 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\VirtualStore
2013-10-08 12:33 - 2013-10-08 12:29 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

Some content of TEMP:
====================
C:\Users\Uzivatel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-24 21:35

==================== End Of Log ============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Spomalený nábeh systému

#6 Příspěvek od vyosek »

Spustil jste FRST64.exe nebo FRSTLauncher???

Jelikoz log naznacuje, ze byl spusten jen FRST64.exe a ne ten Launcher :?:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
gromo
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 28 bře 2010 16:45

Re: Spomalený nábeh systému

#7 Příspěvek od gromo »

Urobil som nový sken, presne podľa návodu, malo by to byť ok.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Uzivatel (administrator) on ĽUBOŠ on 05-11-2013 11:11:29
Running from C:\Users\Uzivatel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
AppInit_DLLs: [97280 2009-07-14] ()
AppInit_DLLs-x32: [0 ] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute:

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x11ADBF5632C0CE01
SearchScopes: HKLM - DefaultScope {2378B474-10FD-44DC-8113-66AE3D2A9120} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {149360C1-3F2F-469F-A273-6CF58F3CCF93} URL = http://rover.ebay.com/rover/1/710-71511 ... earchTerms}
SearchScopes: HKCU - {29752C35-3424-481B-AE70-F6FF55BFC5B6} URL =
SearchScopes: HKCU - {CBA3014C-B02A-4F1C-8D9A-9FB9E3BD7455} URL = http://www.amazon.co.uk/gp/search?ie=UT ... nkCode=ur2
BHO: HDvid Codec V1 - {11111111-1111-1111-1111-110311431162} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default
FF Homepage: https://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Adblock Plus - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7upn4ma1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files (x86)\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; C:\Program Files (x86)\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-12-16] ()
S3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-12-16] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-21] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-22] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-05 10:08 - 2013-11-05 10:15 - 00000000 ____D C:\AdwCleaner
2013-11-05 09:59 - 2013-11-05 09:59 - 00000000 ____D C:\Windows\ERUNT
2013-11-05 09:57 - 2013-11-05 09:58 - 01073258 _____ C:\Users\Uzivatel\Desktop\adwcleaner.exe
2013-11-05 09:56 - 2013-11-05 09:58 - 01033335 _____ (Thisisu) C:\Users\Uzivatel\Desktop\JRT.exe
2013-11-05 09:34 - 2013-11-05 09:34 - 00000000 ____D C:\FRST
2013-11-05 09:32 - 2013-11-05 09:32 - 00112128 _____ (forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe
2013-11-05 09:31 - 2013-11-05 09:32 - 01957098 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2013-11-05 08:03 - 2013-11-05 08:07 - 00000000 ____D C:\Program Files\trend micro
2013-11-05 08:03 - 2013-11-05 08:03 - 00000000 ____D C:\rsit
2013-11-05 08:02 - 2013-11-05 08:02 - 00935175 _____ C:\Users\Uzivatel\Desktop\RSITx64.exe
2013-11-02 22:20 - 2013-11-05 10:16 - 00000504 _____ C:\Windows\setupact.log
2013-11-02 22:20 - 2013-11-02 22:20 - 00000300 _____ C:\Windows\PFRO.log
2013-10-29 18:02 - 2013-10-29 18:02 - 00000000 ____D C:\ProgramData\WinterSoft
2013-10-29 18:00 - 2013-10-29 18:04 - 00000000 ____D C:\ProgramData\34d35070391cfe90
2013-10-29 18:00 - 2013-10-29 18:02 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-29 16:29 - 2013-10-29 16:29 - 00003140 _____ C:\Windows\System32\Tasks\{85ECEA2B-53B5-4492-A5AA-0936653D03D7}
2013-10-23 20:04 - 2012-04-08 23:40 - 00079360 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-21 06:53 - 2013-10-21 06:53 - 00007601 _____ C:\Users\Uzivatel\AppData\Local\recently-used.xbel
2013-10-16 13:21 - 2013-10-16 13:21 - 00003694 _____ C:\Windows\System32\Tasks\Adobe online update program
2013-10-14 14:34 - 2013-11-05 10:48 - 00000000 ____D C:\Users\Uzivatel\Akty X
2013-10-10 16:24 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 16:24 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 16:24 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 16:24 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 16:24 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 16:24 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 16:24 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 16:24 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 16:24 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 16:24 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 16:24 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 16:24 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 16:24 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 16:24 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 16:24 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 16:24 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 16:24 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 16:24 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 16:24 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 16:24 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 16:24 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 16:24 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 16:24 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 16:24 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 16:24 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 16:24 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 16:24 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 16:24 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 16:24 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 16:24 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-10-10 16:24 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-10-10 16:23 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 16:23 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 16:23 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 16:23 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 16:23 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 16:23 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 16:23 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 16:23 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 16:23 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 16:23 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 16:23 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 16:23 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 16:23 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 16:23 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 16:23 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 16:23 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 16:23 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 16:23 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 13:44 - 2013-10-08 13:45 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2013-10-08 12:29 - 2013-10-08 12:33 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

==================== One Month Modified Files and Folders =======

2013-11-05 11:08 - 2012-05-22 10:00 - 01819919 _____ C:\Windows\WindowsUpdate.log
2013-11-05 11:06 - 2012-06-06 13:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-05 10:48 - 2013-10-14 14:34 - 00000000 ____D C:\Users\Uzivatel\Akty X
2013-11-05 10:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-11-05 10:23 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-05 10:23 - 2009-07-14 05:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-05 10:21 - 2009-07-14 06:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-05 10:16 - 2013-11-02 22:20 - 00000504 _____ C:\Windows\setupact.log
2013-11-05 10:16 - 2012-02-22 21:58 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-11-05 10:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-05 10:15 - 2013-11-05 10:08 - 00000000 ____D C:\AdwCleaner
2013-11-05 09:59 - 2013-11-05 09:59 - 00000000 ____D C:\Windows\ERUNT
2013-11-05 09:58 - 2013-11-05 09:57 - 01073258 _____ C:\Users\Uzivatel\Desktop\adwcleaner.exe
2013-11-05 09:58 - 2013-11-05 09:56 - 01033335 _____ (Thisisu) C:\Users\Uzivatel\Desktop\JRT.exe
2013-11-05 09:34 - 2013-11-05 09:34 - 00000000 ____D C:\FRST
2013-11-05 09:32 - 2013-11-05 09:32 - 00112128 _____ (forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe
2013-11-05 09:32 - 2013-11-05 09:31 - 01957098 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2013-11-05 09:01 - 2012-11-15 10:27 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\vlc
2013-11-05 08:07 - 2013-11-05 08:03 - 00000000 ____D C:\Program Files\trend micro
2013-11-05 08:03 - 2013-11-05 08:03 - 00000000 ____D C:\rsit
2013-11-05 08:02 - 2013-11-05 08:02 - 00935175 _____ C:\Users\Uzivatel\Desktop\RSITx64.exe
2013-11-05 00:03 - 2013-02-07 19:15 - 00000000 ___RD C:\Users\Uzivatel\Desktop\Filmotéka
2013-11-03 20:44 - 2010-09-08 15:30 - 00000000 ____D C:\Users\Uzivatel
2013-11-02 22:20 - 2013-11-02 22:20 - 00000300 _____ C:\Windows\PFRO.log
2013-11-02 20:54 - 2010-04-15 07:22 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-10-29 18:04 - 2013-10-29 18:00 - 00000000 ____D C:\ProgramData\34d35070391cfe90
2013-10-29 18:02 - 2013-10-29 18:02 - 00000000 ____D C:\ProgramData\WinterSoft
2013-10-29 18:02 - 2013-10-29 18:00 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-29 17:56 - 2010-09-08 15:30 - 00000000 ___RD C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-29 17:13 - 2010-04-15 06:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-29 16:29 - 2013-10-29 16:29 - 00003140 _____ C:\Windows\System32\Tasks\{85ECEA2B-53B5-4492-A5AA-0936653D03D7}
2013-10-29 08:40 - 2011-04-28 16:28 - 00000000 ____D C:\Windows\Minidump
2013-10-28 18:23 - 2013-03-15 19:35 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\BitTorrent
2013-10-28 15:33 - 2010-11-10 10:16 - 00000000 ____D C:\Users\Public\Documents\Škola
2013-10-23 19:05 - 2011-03-26 20:17 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\Google
2013-10-23 16:05 - 2010-11-12 18:49 - 00000648 _____ C:\Windows\SysWOW64\ealregsnapshot1.reg
2013-10-21 06:53 - 2013-10-21 06:53 - 00007601 _____ C:\Users\Uzivatel\AppData\Local\recently-used.xbel
2013-10-16 13:21 - 2013-10-16 13:21 - 00003694 _____ C:\Windows\System32\Tasks\Adobe online update program
2013-10-16 01:53 - 2013-04-14 10:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-16 01:53 - 2013-04-14 10:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-16 01:53 - 2012-10-17 17:22 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-14 21:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-14 07:33 - 2009-07-14 05:45 - 00446488 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 07:32 - 2012-05-10 14:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-14 07:19 - 2013-08-31 20:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 07:17 - 2012-05-10 14:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-14 07:07 - 2013-08-31 20:25 - 00000000 ____D C:\Windows\system32\MRT
2013-10-14 07:05 - 2010-10-14 16:16 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 19:06 - 2012-06-06 13:11 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 19:06 - 2012-04-10 22:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 19:06 - 2011-05-20 16:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 13:45 - 2013-10-08 13:44 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2013-10-08 12:37 - 2010-09-08 15:35 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\VirtualStore
2013-10-08 12:33 - 2013-10-08 12:29 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

Some content of TEMP:
====================
C:\Users\Uzivatel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-24 21:35




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (WINDOWS) (Fixed) (Total:232.73 GB) (Free:170.78 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.64 GB) (Free:225.17 GB) NTFS

Available physical RAM: 2736.71 MB
Total physical RAM: 4090.9 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 009D9EE5)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Uzivatel\Desktop" je 9322 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Je to nepríjemné, ale som na intráku, to pripojenie je momentálne biedne, takže často musím aj 5 ráz skúšať, kým mi odošle správu. :roll:
Nahoru
gromo
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 28 bře 2010 16:45

Re: Spomalený nábeh systému

#8 Příspěvek od gromo »

V príkazovom riadku FRSTLauncher.exe mi napíše 1 file moved, nabehne sken a log je ten, čo som dal. Je niekde chyba? Iný sken nemám.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Spomalený nábeh systému

#9 Příspěvek od vyosek »

:arrow: Nyni je jiz log OK, je tam pridana i skece vytvorena Launcherem

:arrow: Dejte mi par minutek nez napisu opravny skipt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Spomalený nábeh systému

#10 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
AppInit_DLLs: [97280 2009-07-14] ()
AppInit_DLLs-x32: [0 ] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute: 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x11ADBF5632C0CE01
SearchScopes: HKLM - DefaultScope {2378B474-10FD-44DC-8113-66AE3D2A9120} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {149360C1-3F2F-469F-A273-6CF58F3CCF93} URL = http://rover.ebay.com/rover/1/710-71511 ... 4?satitle={searchTerms}
SearchScopes: HKCU - {29752C35-3424-481B-AE70-F6FF55BFC5B6} URL =
SearchScopes: HKCU - {CBA3014C-B02A-4F1C-8D9A-9FB9E3BD7455} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
BHO: HDvid Codec V1 - {11111111-1111-1111-1111-110311431162} - No File

FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST64.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
gromo
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 28 bře 2010 16:45

Re: Spomalený nábeh systému

#11 Příspěvek od gromo »

Pridávam log, dík.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
Ran by Uzivatel at 2013-11-05 13:18:08 Run:1
Running from C:\Users\Uzivatel\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
AppInit_DLLs: [97280 2009-07-14] ()
AppInit_DLLs-x32: [0 ] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute:

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x11ADBF5632C0CE01
SearchScopes: HKLM - DefaultScope {2378B474-10FD-44DC-8113-66AE3D2A9120} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {149360C1-3F2F-469F-A273-6CF58F3CCF93} URL = http://rover.ebay.com/rover/1/710-71511 ... 4?satitle={searchTerms}
SearchScopes: HKCU - {29752C35-3424-481B-AE70-F6FF55BFC5B6} URL =
SearchScopes: HKCU - {CBA3014C-B02A-4F1C-8D9A-9FB9E3BD7455} URL = http://www.amazon.co.uk/gp/search?ie=UT ... nkCode=ur2
BHO: HDvid Codec V1 - {11111111-1111-1111-1111-110311431162} - No File

FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:

End
*****************

HKU\Default User\Software\Microsoft\Windows\CurrentVersion\Run\\TOSHIBA Online Product Information => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk => Moved successfully.
C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{149360C1-3F2F-469F-A273-6CF58F3CCF93} => Key deleted successfully.
HKCR\CLSID\{149360C1-3F2F-469F-A273-6CF58F3CCF93} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{29752C35-3424-481B-AE70-F6FF55BFC5B6} => Key deleted successfully.
HKCR\CLSID\{29752C35-3424-481B-AE70-F6FF55BFC5B6} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CBA3014C-B02A-4F1C-8D9A-9FB9E3BD7455} => Key deleted successfully.
HKCR\CLSID\{CBA3014C-B02A-4F1C-8D9A-9FB9E3BD7455} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110311431162} => Key deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Spomalený nábeh systému

#12 Příspěvek od vyosek »

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Doporucuji provest defragmentaci disku
  • Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
    • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
    • prepnete se do zalozky Nastroje
    • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
    • Toto provedte se vsemi disky
  • Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
    • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
    • Kliknete na Analyzovat
    • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
    • Postup provedte se vsemi disky
  • Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
    • Vyhodou programku je, ze se neinstaluje
    • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
    • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
    • Probehne analyza disku a nasledne i defragmentace
:arrow: Napiste, jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
gromo
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 28 bře 2010 16:45

Re: Spomalený nábeh systému

#13 Příspěvek od gromo »

Štart Windowsu je svižnejší, trochu sa to prečistilo, zaujímalo by ma, či je momentálne dostupný nejaký free antivírus, ktorý by poskytol lepšiu ochranu ako MSE v kombinácii s ESET Online Scanerom. Ďakujem za radu. :wink:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Spomalený nábeh systému

#14 Příspěvek od vyosek »

:arrow: Z bezplatnych bezpecnosnich produktu mohu doporucit Avast Free nebo BItDefender Free
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
gromo
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 28 bře 2010 16:45

Re: Spomalený nábeh systému

#15 Příspěvek od gromo »

Dobre, ďakujem za pomoc a rady, môžete to zamknúť.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“