Logfile of random's system information tool 1.08 (written by random/random)
Run by radka at 2014-01-04 14:53:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 237 GB (55%) free of 432 GB
Total RAM: 2814 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:53:46, on 4.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files\trend micro\radka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLATOR\WEBIE.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12086 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atibtmon.exe Global\Ati_VariBrightMonitorEvent
C:\windows\system32\WLANExt.exe 4720176
\??\C:\windows\system32\conhost.exe "616884521-1528508142-1562879552-46525628216575434942772388911380923383-107760498
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {7EB201E3-60D0-46BE-85FB-16F7FA9A96EB}
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
System32\TPHDEXLG64.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2880
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cfbdca64-6a29-4c22-b54a-79a981f0e057 -SystemEventPortName:HostProcess-955f8f96-07f2-494f-b5b9-a65a663e4af3 -IoCancelEventPortName:HostProcess-1138502c-e318-4187-82e4-a56440915948 -NonStateChangingEventPortName:HostProcess-6c885532-3af0-4f2b-9fdb-8a2ac37cd76c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cd0643e4-6dbf-4428-a9c7-fd78c7d8e87e -DeviceGroupId:WpdFsGroup
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4884.f61b700.1052765571 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4884 "\\.\pipe\gecko-crash-server-pipe.4884" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash4132.6FC563D8.16487 --host-broker-channel=Flash4132.6FC563D8.4141 --host-pid=4132 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=2008.0058F8A0.740302139 --proxy-stub-channel=Flash4132.6FC563D8.16487 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Users\radka\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-04 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-02 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-02 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLATOR\WEBIE.DLL [2011-03-09 114688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-20 10151968]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-04-20 908320]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"TpShocks"=C:\Windows\System32\TpShocks.exe [2010-03-15 231328]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-04-12 4462496]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-18 7056800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2010-10-20 3122528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-03-02 171104]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-13 98304]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2010-01-15 536576]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2014-01-04 14:53:17 ----D---- C:\rsit
2013-12-25 10:56:04 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-25 10:56:01 ----A---- C:\windows\system32\ieui.dll
2013-12-25 10:56:00 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-25 10:56:00 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-25 10:56:00 ----A---- C:\windows\system32\jsproxy.dll
2013-12-25 10:55:59 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-25 10:55:58 ----A---- C:\windows\system32\iesetup.dll
2013-12-25 10:55:58 ----A---- C:\windows\system32\iernonce.dll
2013-12-25 10:55:58 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-25 10:55:57 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-25 10:55:56 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-25 10:55:55 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-25 10:55:55 ----A---- C:\windows\system32\mshtml.dll
2013-12-25 10:55:55 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-25 10:55:54 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-25 10:55:53 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-25 10:55:52 ----A---- C:\windows\system32\iertutil.dll
2013-12-25 10:55:51 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-25 10:55:51 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-25 10:55:50 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-25 10:55:50 ----A---- C:\windows\system32\wininet.dll
2013-12-25 10:55:49 ----A---- C:\windows\system32\urlmon.dll
2013-12-25 10:55:45 ----A---- C:\windows\system32\ieframe.dll
2013-12-25 10:55:43 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-25 10:55:42 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-25 10:55:41 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-25 10:55:40 ----A---- C:\windows\system32\jscript9.dll
2013-12-24 12:08:34 ----A---- C:\windows\system32\IEUDINIT.EXE
2013-12-24 11:57:58 ----A---- C:\windows\SYSWOW64\elshyph.dll
2013-12-24 11:57:58 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\msrating.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\msls31.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-24 11:57:48 ----A---- C:\windows\system32\elshyph.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\wextract.exe
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\webcheck.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\url.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\inseng.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iexpress.exe
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\icardie.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\occache.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\mshta.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\imgutil.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\iepeers.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2013-12-24 11:57:44 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 11:57:44 ----A---- C:\windows\system32\msls31.dll
2013-12-24 11:57:44 ----A---- C:\windows\system32\jsIntl.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 11:57:43 ----A---- C:\windows\system32\msrating.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\mshtmler.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\msfeedssync.exe
2013-12-24 11:57:43 ----A---- C:\windows\system32\msfeedsbs.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\iesysprep.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\IEAdvpack.dll
2013-12-24 11:57:42 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\webcheck.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\url.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\licmgr10.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\iedkcs32.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\icardie.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\dxtrans.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\dxtmsft.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\wextract.exe
2013-12-24 11:57:40 ----A---- C:\windows\system32\vbscript.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\pngfilt.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\occache.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\mshtmled.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\msfeeds.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\inseng.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\iexpress.exe
2013-12-24 11:57:39 ----A---- C:\windows\system32\MshtmlDac.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\mshta.exe
2013-12-24 11:57:39 ----A---- C:\windows\system32\jscript.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\imgutil.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\iepeers.dll
2013-12-13 16:00:11 ----A---- C:\windows\system32\wmploc.DLL
2013-12-13 16:00:08 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2013-12-13 16:00:07 ----A---- C:\windows\SYSWOW64\wmp.dll
2013-12-13 16:00:02 ----A---- C:\windows\system32\wmp.dll
2013-12-11 08:46:51 ----A---- C:\windows\SYSWOW64\msieftp.dll
2013-12-11 08:46:51 ----A---- C:\windows\system32\msieftp.dll
2013-12-11 08:46:49 ----A---- C:\windows\system32\win32k.sys
2013-12-11 08:46:48 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-12-11 08:46:48 ----A---- C:\windows\system32\WMPhoto.dll
2013-12-11 08:46:46 ----A---- C:\windows\system32\imagehlp.dll
2013-12-11 08:46:45 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2013-12-11 08:46:30 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-12-11 08:46:30 ----A---- C:\windows\system32\tzres.dll
2013-12-11 08:45:48 ----A---- C:\windows\system32\drivers\portcls.sys
2013-12-11 08:45:48 ----A---- C:\windows\system32\drivers\drmk.sys
2013-12-11 08:45:46 ----A---- C:\windows\SYSWOW64\wscript.exe
2013-12-11 08:45:46 ----A---- C:\windows\system32\scrrun.dll
2013-12-11 08:45:46 ----A---- C:\windows\system32\cscript.exe
2013-12-11 08:45:45 ----A---- C:\windows\SYSWOW64\scrrun.dll
2013-12-11 08:45:45 ----A---- C:\windows\SYSWOW64\cscript.exe
2013-12-11 08:45:45 ----A---- C:\windows\system32\wscript.exe
2013-12-08 16:59:35 ----D---- C:\Program Files (x86)\CCleaner
2013-12-08 16:08:52 ----D---- C:\Users\radka\AppData\Roaming\calibre
2013-12-08 16:04:19 ----D---- C:\Program Files\Calibre2
2013-12-05 00:37:45 ----D---- C:\AdwCleaner
======List of files/folders modified in the last 1 months======
2014-01-04 14:53:46 ----D---- C:\Program Files\trend micro
2014-01-04 14:52:39 ----D---- C:\windows\Temp
2014-01-04 14:51:49 ----D---- C:\Users\radka\AppData\Roaming\Skype
2014-01-04 14:26:46 ----D---- C:\windows\system32\config
2014-01-04 14:04:23 ----D---- C:\Windows
2014-01-03 21:48:24 ----D---- C:\Users\radka\AppData\Roaming\vlc
2014-01-03 19:39:48 ----D---- C:\Radka
2014-01-03 19:25:14 ----D---- C:\Users\radka\AppData\Roaming\Media Player Classic
2014-01-03 17:18:20 ----D---- C:\windows\System32
2014-01-03 17:18:20 ----D---- C:\windows\inf
2014-01-03 17:18:20 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-01 20:06:37 ----SHD---- C:\System Volume Information
2014-01-01 09:18:10 ----D---- C:\windows\system32\catroot2
2013-12-30 21:06:03 ----SHD---- C:\windows\Installer
2013-12-28 09:58:38 ----D---- C:\windows\Prefetch
2013-12-25 11:07:51 ----D---- C:\windows\winsxs
2013-12-25 11:06:38 ----D---- C:\windows\SysWOW64
2013-12-25 11:06:38 ----D---- C:\Program Files\Internet Explorer
2013-12-25 11:06:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-25 10:57:06 ----D---- C:\windows\system32\catroot
2013-12-24 13:55:46 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-12-24 13:55:46 ----D---- C:\windows\system32\cs-CZ
2013-12-24 13:55:42 ----D---- C:\windows\SYSWOW64\migration
2013-12-24 13:55:41 ----D---- C:\windows\SYSWOW64\en-US
2013-12-24 13:55:37 ----D---- C:\windows\system32\migration
2013-12-24 13:55:37 ----D---- C:\windows\PolicyDefinitions
2013-12-24 13:55:35 ----D---- C:\windows\system32\en-US
2013-12-24 12:08:34 ----D---- C:\windows\Logs
2013-12-16 23:15:16 ----D---- C:\windows\debug
2013-12-14 22:24:16 ----D---- C:\windows\system32\MRT
2013-12-14 22:07:00 ----A---- C:\windows\system32\MRT.exe
2013-12-13 16:19:19 ----D---- C:\Program Files\Windows Media Player
2013-12-13 16:19:19 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-13 16:19:15 ----D---- C:\windows\system32\DriverStore
2013-12-13 16:19:14 ----D---- C:\windows\system32\drivers
2013-12-13 15:54:21 ----D---- C:\ProgramData\Microsoft Help
2013-12-11 11:07:47 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 10:08:18 ----D---- C:\windows\Tasks
2013-12-08 16:59:35 ----RD---- C:\Program Files (x86)
2013-12-08 16:04:19 ----RD---- C:\Program Files
2013-12-05 23:13:02 ----D---- C:\windows\system32\drivers\etc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Shockprf;Shockprf; C:\windows\System32\DRIVERS\Apsx64.sys [2009-12-09 135264]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-03-15 564824]
R0 TPDIGIMN;TPDIGIMN; C:\windows\System32\DRIVERS\ApsHM64.sys [2009-12-09 23648]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-18 28176]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atipmdag.sys [2010-01-13 6327296]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-01-13 185344]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-02-02 3058168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-04-20 2350240]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2010-01-26 214912]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-15 79376]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-13 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-13 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-27 80384]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-14 98344]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2010-01-14 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-14 21288]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2012-11-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-13 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-13 158720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-28 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-01-13 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-04-20 903456]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\windows\System32\TPHDEXLG64.exe [2009-12-09 47712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-16 182768]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 IGRS;IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-11 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-19 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-02 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu - zpomaleny ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosim o kontrolu - zpomaleny ntb
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosim o kontrolu - zpomaleny ntb
tak tady je:
# AdwCleaner v3.016 - Report created 04/01/2014 at 15:25:01
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : radka - RADKA-PC
# Running from : C:\Users\radka\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v12.0 (cs)
[ File : C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\prefs.js ]
Line Found : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Found : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Found : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Found : user_pref("extensions.helperbar.Visibility", false);
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1171 octets] - [04/01/2014 15:25:01]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1231 octets] ##########
# AdwCleaner v3.016 - Report created 04/01/2014 at 15:25:01
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : radka - RADKA-PC
# Running from : C:\Users\radka\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v12.0 (cs)
[ File : C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\prefs.js ]
Line Found : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Found : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Found : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Found : user_pref("extensions.helperbar.Visibility", false);
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1171 octets] - [04/01/2014 15:25:01]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1231 octets] ##########
Re: prosim o kontrolu - zpomaleny ntb
Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosim o kontrolu - zpomaleny ntb
# AdwCleaner v3.016 - Report created 04/01/2014 at 15:46:32
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : radka - RADKA-PC
# Running from : C:\Users\radka\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v12.0 (cs)
[ File : C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\prefs.js ]
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1311 octets] - [04/01/2014 15:25:01]
AdwCleaner[S1].txt - [1242 octets] - [04/01/2014 15:46:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1302 octets] ##########
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : radka - RADKA-PC
# Running from : C:\Users\radka\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v12.0 (cs)
[ File : C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\prefs.js ]
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1311 octets] - [04/01/2014 15:25:01]
AdwCleaner[S1].txt - [1242 octets] - [04/01/2014 15:46:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1302 octets] ##########
Re: prosim o kontrolu - zpomaleny ntb
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/01/04 15:53:29
-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- HITACHI HTS545050B9A300 ATA Device
- ATA Channel 1 (1) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ ABQWG7W0 IDE Controller [SCSI]
- MBQXWJ 8DA70PMJGL SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) HITACHI HTS545050B9A300 : 500,1 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) HITACHI HTS545050B9A300
----------------------------------------------------------------------------
Model : HITACHI HTS545050B9A300
Firmware : PB4ZC61H
Serial Number : 101005PBN40317K77V8E
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 7208 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/150
Power On Hours : 5118 hod.
Power On Count : 5453 krát
Temparature : 37 C (98 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 139 139 _33 001600000002 Čas na roztočení ploten
04 _97 _97 __0 000000001552 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _89 _89 __0 0000000013FE Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 00000000154D Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000FFFF0019 Počet vypnutí disku
C1 _85 _85 __0 00000002683B Počet cyklů načítání/vymazání
C2 148 148 __0 003A00030025 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3130 3130 3035 5042 4E34 3137 3137 4B37 3756 3845
020: 0003 3850 0004 5042 345A 3148 3148 4849 5441 4348
030: 4920 4854 5335 3435 3035 3941 3941 3330 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F02 1F02 0002 004C 0048
080: 01FC 0028 346B 7D09 6123 BC09 BC09 6123 203F 004E
090: 004F 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 4000 4000 8848 5000 CCA5
110: F0ED 9291 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4005 4000
150: 8000 0000 345A 0000 0000 7281 7281 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CCA5
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/01/04 15:53:29
-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- HITACHI HTS545050B9A300 ATA Device
- ATA Channel 1 (1) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ ABQWG7W0 IDE Controller [SCSI]
- MBQXWJ 8DA70PMJGL SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) HITACHI HTS545050B9A300 : 500,1 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) HITACHI HTS545050B9A300
----------------------------------------------------------------------------
Model : HITACHI HTS545050B9A300
Firmware : PB4ZC61H
Serial Number : 101005PBN40317K77V8E
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 7208 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/150
Power On Hours : 5118 hod.
Power On Count : 5453 krát
Temparature : 37 C (98 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 139 139 _33 001600000002 Čas na roztočení ploten
04 _97 _97 __0 000000001552 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _89 _89 __0 0000000013FE Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 00000000154D Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000FFFF0019 Počet vypnutí disku
C1 _85 _85 __0 00000002683B Počet cyklů načítání/vymazání
C2 148 148 __0 003A00030025 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3130 3130 3035 5042 4E34 3137 3137 4B37 3756 3845
020: 0003 3850 0004 5042 345A 3148 3148 4849 5441 4348
030: 4920 4854 5335 3435 3035 3941 3941 3330 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F02 1F02 0002 004C 0048
080: 01FC 0028 346B 7D09 6123 BC09 BC09 6123 203F 004E
090: 004F 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 4000 4000 8848 5000 CCA5
110: F0ED 9291 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4005 4000
150: 8000 0000 345A 0000 0000 7281 7281 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CCA5
Re: prosim o kontrolu - zpomaleny ntb
a zde posledni.
jen pro info - pred zahajenim nebyl deaktivovan antivir + firewall
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.01.04.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
radka :: RADKA-PC [administrátor]
Ochrana: Povolena
4.1.2014 16:07:15
MBAM-log-2014-01-04 (18-47-40).txt
Typ: Kompletní kontrola (C:\|D:\|Q:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 396382
Uplynulý čas: 2 hodin, 34 minut, 27 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: google_fileopenerpro-display-dco-CA-300x250-26901127122 -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard (PUP.Optional.BrowserSafeGuard) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 2
C:\Windows\Installer\ffedf8.msi (PUP.Optional.SmartBar.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard\BrowserSafeguard.lnk (PUP.Optional.BrowserSafeGuard) -> Nebyla provedena žádná instrukce.
(konec)
jen pro info - pred zahajenim nebyl deaktivovan antivir + firewall
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.01.04.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
radka :: RADKA-PC [administrátor]
Ochrana: Povolena
4.1.2014 16:07:15
MBAM-log-2014-01-04 (18-47-40).txt
Typ: Kompletní kontrola (C:\|D:\|Q:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 396382
Uplynulý čas: 2 hodin, 34 minut, 27 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: google_fileopenerpro-display-dco-CA-300x250-26901127122 -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard (PUP.Optional.BrowserSafeGuard) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 2
C:\Windows\Installer\ffedf8.msi (PUP.Optional.SmartBar.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard\BrowserSafeguard.lnk (PUP.Optional.BrowserSafeGuard) -> Nebyla provedena žádná instrukce.
(konec)
Re: prosim o kontrolu - zpomaleny ntb
U tohoto to neadistrata píše:jen pro info - pred zahajenim nebyl deaktivovan antivir + firewall
Vsechny nalezy nechte odstranit, pak MBAM odinstalujte. Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosim o kontrolu - zpomaleny ntb
Zdravim, a posilam dalsi log
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radka [Práva správce]
Mód : Kontrola -- Datum : 01/05/2014 16:03:19
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] VisualBeeRecovery : C:\Users\radka\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe - /s [x] -> NALEZENO
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) HITACHI HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] 6c0a37da5b8ad7ac53135291472ee0de
[BSP] 4aa7b3e28214effc41f8dc5c86c9510c : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 431938 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) SD Card +++++
--- User ---
[MBR] c1366966eeca389a2065850b716ca63e
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
Dokončeno : << RKreport[0]_S_01052014_160319.txt >>
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radka [Práva správce]
Mód : Kontrola -- Datum : 01/05/2014 16:03:19
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] VisualBeeRecovery : C:\Users\radka\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe - /s [x] -> NALEZENO
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) HITACHI HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] 6c0a37da5b8ad7ac53135291472ee0de
[BSP] 4aa7b3e28214effc41f8dc5c86c9510c : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 431938 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) SD Card +++++
--- User ---
[MBR] c1366966eeca389a2065850b716ca63e
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
Dokončeno : << RKreport[0]_S_01052014_160319.txt >>
Re: prosim o kontrolu - zpomaleny ntb
Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosim o kontrolu - zpomaleny ntb
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radka [Práva správce]
Mód : Odebrat -- Datum : 01/06/2014 09:25:09
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) HITACHI HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] 6c0a37da5b8ad7ac53135291472ee0de
[BSP] 4aa7b3e28214effc41f8dc5c86c9510c : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 431938 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) SD Card +++++
--- User ---
[MBR] c1366966eeca389a2065850b716ca63e
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
Dokončeno : << RKreport[0]_D_01062014_092509.txt >>
RKreport[0]_D_01062014_090853.txt;RKreport[0]_S_01062014_091430.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radka [Práva správce]
Mód : Odebrat -- Datum : 01/06/2014 09:25:09
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) HITACHI HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] 6c0a37da5b8ad7ac53135291472ee0de
[BSP] 4aa7b3e28214effc41f8dc5c86c9510c : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 431938 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) SD Card +++++
--- User ---
[MBR] c1366966eeca389a2065850b716ca63e
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )
Dokončeno : << RKreport[0]_D_01062014_092509.txt >>
RKreport[0]_D_01062014_090853.txt;RKreport[0]_S_01062014_091430.txt
Re: prosim o kontrolu - zpomaleny ntb
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radka [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/06/2014 09:27:23
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[0]_H_01062014_092723.txt >>
RKreport[0]_D_01062014_090853.txt;RKreport[0]_D_01062014_092509.txt;RKreport[0]_S_01062014_091430.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : radka [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/06/2014 09:27:23
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[0]_H_01062014_092723.txt >>
RKreport[0]_D_01062014_090853.txt;RKreport[0]_D_01062014_092509.txt;RKreport[0]_S_01062014_091430.txt
Re: prosim o kontrolu - zpomaleny ntb
Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosim o kontrolu - zpomaleny ntb
Logfile of random's system information tool 1.08 (written by random/random)
Run by radka at 2014-01-06 10:56:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 233 GB (54%) free of 432 GB
Total RAM: 2814 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:27, on 6.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files\trend micro\radka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLATOR\WEBIE.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12275 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 3077088
\??\C:\windows\system32\conhost.exe "385183889-456770450-1769358672801284595-745589146-132567653420560128481471663215
"C:\windows\system32\Dwm.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\Explorer.EXE
taskeng.exe {07B42197-3F6A-4152-B6B5-91A0B12E7F96}
"taskhost.exe"
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
System32\TPHDEXLG64.exe
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2820
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-349724b5-1e39-4b07-9d25-5c447a85efbf -SystemEventPortName:HostProcess-081d8d49-65d7-49a6-a89e-5785bef17e47 -IoCancelEventPortName:HostProcess-8c1497a6-ef3d-45c5-a532-d655135671fd -NonStateChangingEventPortName:HostProcess-95977705-1c59-4f46-896b-76728d308599 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bca9da6d-7437-4805-b5b3-48baad78c059 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "C:\Users\radka\Desktop\The War of Art - Steven Pressfield\Pressfield, Steven\War of Art, The\War of Art, The - Steven Pressfield.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=3324.1.1029503409 --type=renderer "C:\Users\radka\Desktop\The War of Art - Steven Pressfield\Pressfield, Steven\War of Art, The\War of Art, The - Steven Pressfield.pdf"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:11.0 /MODE:2
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4244.57d1a00.424676395 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4244 "\\.\pipe\gecko-crash-server-pipe.4244" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash2668.6E9863D8.18523 --host-broker-channel=Flash2668.6E9863D8.24232 --host-pid=2668 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=1656.0033F1A4.714555893 --proxy-stub-channel=Flash2668.6E9863D8.18523 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
C:\windows\system32\atibtmon.exe Global\Ati_VariBrightMonitorEvent
wmiadap.exe /R /T
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe33_ Global\UsGthrCtrlFltPipeMssGthrPipe33 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Users\radka\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-04 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-02 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-02 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLATOR\WEBIE.DLL [2011-03-09 114688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-20 10151968]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-04-20 908320]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"TpShocks"=C:\Windows\System32\TpShocks.exe [2010-03-15 231328]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-04-12 4462496]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-18 7056800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2010-10-20 3122528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-03-02 171104]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-13 98304]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2010-01-15 536576]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2014-01-05 16:03:07 ----A---- C:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-05 16:03:07 ----A---- C:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\wsvd.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\wmilib.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\winusb.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\wimmount.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\WimFltr.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\wfplwf.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\WDMirror.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-05 16:03:04 ----A---- C:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-05 16:03:04 ----A---- C:\windows\system32\drivers\WDBridge.sys.bak
2014-01-05 16:03:04 ----A---- C:\windows\system32\drivers\wd.sys.bak
2014-01-05 16:03:04 ----A---- C:\windows\system32\drivers\watchdog.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\wanarp.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\wacompen.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\vwifimp.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\vwififlt.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\vwifibus.sys.bak
2014-01-05 16:03:02 ----A---- C:\windows\system32\drivers\vsmraid.sys.bak
2014-01-05 16:03:02 ----A---- C:\windows\system32\drivers\volsnap.sys.bak
2014-01-05 16:03:02 ----A---- C:\windows\system32\drivers\volmgrx.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\volmgr.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\vm331avs.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\videoprt.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\viaide.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\vhdmp.sys.bak
2014-01-05 16:03:00 ----A---- C:\windows\system32\drivers\vgapnp.sys.bak
2014-01-05 16:03:00 ----A---- C:\windows\system32\drivers\vga.sys.bak
2014-01-05 16:03:00 ----A---- C:\windows\system32\drivers\vdrvroot.sys.bak
2014-01-05 16:03:00 ----A---- C:\windows\system32\drivers\usbvideo.sys.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\usbuhci.sys.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\usbser_lowerfltx64.sys.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\usbser_lowerfltjx64.sys.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\usbser.sys.bak
2014-01-05 16:02:58 ----A---- C:\windows\system32\drivers\usbrpm.sys.bak
2014-01-05 16:02:58 ----A---- C:\windows\system32\drivers\usbprint.sys.bak
2014-01-05 16:02:58 ----A---- C:\windows\system32\drivers\usbport.sys.bak
2014-01-05 16:02:58 ----A---- C:\windows\system32\drivers\usbohci.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbhub.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbehci.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbd.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbcir.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbccgp.sys.bak
2014-01-05 16:02:56 ----A---- C:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-05 16:02:56 ----A---- C:\windows\system32\drivers\usb8023.sys.bak
2014-01-05 16:02:56 ----A---- C:\windows\system32\drivers\umpass.sys.bak
2014-01-05 16:02:56 ----A---- C:\windows\system32\drivers\umbus.sys.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\udfs.sys.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\tunnel.sys.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-05 16:02:54 ----A---- C:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-05 16:02:54 ----A---- C:\windows\system32\drivers\termdd.sys.bak
2014-01-05 16:02:54 ----A---- C:\windows\system32\drivers\tdx.sys.bak
2014-01-05 16:02:54 ----A---- C:\windows\system32\drivers\tdtcp.sys.bak
2014-01-05 16:02:53 ----A---- C:\windows\system32\drivers\tdpipe.sys.bak
2014-01-05 16:02:53 ----A---- C:\windows\system32\drivers\tdi.sys.bak
2014-01-05 16:02:52 ----A---- C:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-05 16:02:52 ----A---- C:\windows\system32\drivers\tcpip.sys.bak
2014-01-05 16:02:52 ----A---- C:\windows\system32\drivers\tape.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\SynTP.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\swenum.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\stream.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\storport.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\stexstor.sys.bak
2014-01-05 16:02:50 ----A---- C:\windows\system32\drivers\srvnet.sys.bak
2014-01-05 16:02:50 ----A---- C:\windows\system32\drivers\srv2.sys.bak
2014-01-05 16:02:50 ----A---- C:\windows\system32\drivers\srv.sys.bak
2014-01-05 16:02:45 ----A---- C:\windows\system32\drivers\sptd.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\spsys.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\spldr.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\smclib.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\smb.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\sisraid4.sys.bak
2014-01-05 16:02:43 ----A---- C:\windows\system32\drivers\sisraid2.sys.bak
2014-01-05 16:02:43 ----A---- C:\windows\system32\drivers\Sftvollh.sys.bak
2014-01-05 16:02:43 ----A---- C:\windows\system32\drivers\Sftredirlh.sys.bak
2014-01-05 16:02:42 ----A---- C:\windows\system32\drivers\Sftplaylh.sys.bak
2014-01-05 16:02:42 ----A---- C:\windows\system32\drivers\Sftfslh.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sfloppy.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sffdisk.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sermouse.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\serial.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\serenum.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\secdrv.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\scsiport.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\scfilter.sys.bak
2014-01-05 16:02:39 ----A---- C:\windows\system32\drivers\sbp2port.sys.bak
2014-01-05 16:02:38 ----A---- C:\windows\system32\drivers\RtsUStor.sys.bak
2014-01-05 16:02:38 ----A---- C:\windows\system32\drivers\RTKVHD64.sys.bak
2014-01-05 16:02:38 ----A---- C:\windows\system32\drivers\rspndr.sys.bak
2014-01-05 16:02:38 ----A---- C:\windows\system32\drivers\rootmdm.sys.bak
2014-01-05 16:02:37 ----A---- C:\windows\system32\drivers\RNDISMP.sys.bak
2014-01-05 16:02:37 ----A---- C:\windows\system32\drivers\rmcast.sys.bak
2014-01-05 16:02:37 ----A---- C:\windows\system32\drivers\rfcomm.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\rdyboost.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\rdpwd.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\RDPREFMP.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\RDPENCDD.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\RDPCDD.sys.bak
2014-01-05 16:02:35 ----A---- C:\windows\system32\drivers\rdpbus.sys.bak
2014-01-05 16:02:35 ----A---- C:\windows\system32\drivers\rdbss.sys.bak
2014-01-05 16:02:35 ----A---- C:\windows\system32\drivers\rassstp.sys.bak
2014-01-05 16:02:35 ----A---- C:\windows\system32\drivers\raspptp.sys.bak
2014-01-05 16:02:34 ----A---- C:\windows\system32\drivers\raspppoe.sys.bak
2014-01-05 16:02:34 ----A---- C:\windows\system32\drivers\rasl2tp.sys.bak
2014-01-05 16:02:34 ----A---- C:\windows\system32\drivers\rasacd.sys.bak
2014-01-05 16:02:34 ----A---- C:\windows\system32\drivers\qwavedrv.sys.bak
2014-01-05 16:02:33 ----A---- C:\windows\system32\drivers\ql40xx.sys.bak
2014-01-05 16:02:33 ----A---- C:\windows\system32\drivers\ql2300.sys.bak
2014-01-05 16:02:33 ----A---- C:\windows\system32\drivers\processr.sys.bak
2014-01-05 16:02:32 ----A---- C:\windows\system32\drivers\portcls.sys.bak
2014-01-05 16:02:32 ----A---- C:\windows\system32\drivers\PEAuth.sys.bak
2014-01-05 16:02:32 ----A---- C:\windows\system32\drivers\pcw.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pcmcia.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pciidex.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pciide.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pci.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pccsmcfdx64.sys.bak
2014-01-05 16:02:30 ----A---- C:\windows\system32\drivers\partmgr.sys.bak
2014-01-05 16:02:30 ----A---- C:\windows\system32\drivers\parport.sys.bak
2014-01-05 16:02:30 ----A---- C:\windows\system32\drivers\pacer.sys.bak
2014-01-05 16:02:29 ----A---- C:\windows\system32\drivers\ohci1394.sys.bak
2014-01-05 16:02:29 ----A---- C:\windows\system32\drivers\nwifi.sys.bak
2014-01-05 16:02:29 ----A---- C:\windows\system32\drivers\nvstor.sys.bak
2014-01-05 16:02:29 ----A---- C:\windows\system32\drivers\NV_AGP.SYS.bak
2014-01-05 16:02:28 ----A---- C:\windows\system32\drivers\nvraid.sys.bak
2014-01-05 16:02:28 ----A---- C:\windows\system32\drivers\null.sys.bak
2014-01-05 16:02:28 ----A---- C:\windows\system32\drivers\ntfs.sys.bak
2014-01-05 16:02:27 ----A---- C:\windows\system32\drivers\nsiproxy.sys.bak
2014-01-05 16:02:27 ----A---- C:\windows\system32\drivers\npfs.sys.bak
2014-01-05 16:02:27 ----A---- C:\windows\system32\drivers\nmwcdnsux64.sys.bak
2014-01-05 16:02:27 ----A---- C:\windows\system32\drivers\NisDrvWFP.sys.bak
2014-01-05 16:02:25 ----A---- C:\windows\system32\drivers\nfrd960.sys.bak
2014-01-05 16:02:24 ----A---- C:\windows\system32\drivers\netw5v64.sys.bak
2014-01-05 16:02:23 ----A---- C:\windows\system32\drivers\netio.sys.bak
2014-01-05 16:02:23 ----A---- C:\windows\system32\drivers\netbt.sys.bak
2014-01-05 16:02:23 ----A---- C:\windows\system32\drivers\netbios.sys.bak
2014-01-05 16:02:23 ----A---- C:\windows\system32\drivers\ndproxy.sys.bak
2014-01-05 16:02:22 ----A---- C:\windows\system32\drivers\ndiswan.sys.bak
2014-01-05 16:02:22 ----A---- C:\windows\system32\drivers\ndisuio.sys.bak
2014-01-05 16:02:22 ----A---- C:\windows\system32\drivers\ndistapi.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\ndiscap.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\ndis.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\mup.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\MTConfig.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\mstee.sys.bak
2014-01-05 16:02:20 ----A---- C:\windows\system32\drivers\mssmbios.sys.bak
2014-01-05 16:02:20 ----A---- C:\windows\system32\drivers\msrpc.sys.bak
2014-01-05 16:02:20 ----A---- C:\windows\system32\drivers\mspqm.sys.bak
2014-01-05 16:02:20 ----A---- C:\windows\system32\drivers\mspclock.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\mskssrv.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\msiscsi.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\msisadrv.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\mshidkmdf.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\msfs.sys.bak
2014-01-05 16:02:18 ----A---- C:\windows\system32\drivers\msdsm.sys.bak
2014-01-05 16:02:18 ----A---- C:\windows\system32\drivers\msahci.sys.bak
2014-01-05 16:02:18 ----A---- C:\windows\system32\drivers\mrxsmb20.sys.bak
2014-01-05 16:02:18 ----A---- C:\windows\system32\drivers\mrxsmb10.sys.bak
2014-01-05 16:02:17 ----A---- C:\windows\system32\drivers\mrxsmb.sys.bak
2014-01-05 16:02:17 ----A---- C:\windows\system32\drivers\mrxdav.sys.bak
2014-01-05 16:02:17 ----A---- C:\windows\system32\drivers\mpsdrv.sys.bak
2014-01-05 16:02:17 ----A---- C:\windows\system32\drivers\mpio.sys.bak
2014-01-05 16:02:16 ----A---- C:\windows\system32\drivers\MpFilter.sys.bak
2014-01-05 16:02:16 ----A---- C:\windows\system32\drivers\mountmgr.sys.bak
2014-01-05 16:02:16 ----A---- C:\windows\system32\drivers\mouhid.sys.bak
2014-01-05 16:02:16 ----A---- C:\windows\system32\drivers\mouclass.sys.bak
2014-01-05 16:02:15 ----A---- C:\windows\system32\drivers\monitor.sys.bak
2014-01-05 16:02:15 ----A---- C:\windows\system32\drivers\modem.sys.bak
2014-01-05 16:02:15 ----A---- C:\windows\system32\drivers\MegaSR.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\megasas.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\mcd.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\luafv.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\lsi_scsi.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\lsi_sas2.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\lsi_sas.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\lsi_fc.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\lltdio.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\LhdX64.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\L1C62x64.sys.bak
2014-01-05 16:02:12 ----A---- C:\windows\system32\drivers\ksthunk.sys.bak
2014-01-05 16:02:12 ----A---- C:\windows\system32\drivers\ksecpkg.sys.bak
2014-01-05 16:02:12 ----A---- C:\windows\system32\drivers\ksecdd.sys.bak
2014-01-05 16:02:12 ----A---- C:\windows\system32\drivers\ks.sys.bak
2014-01-05 16:02:11 ----A---- C:\windows\system32\drivers\kbdhid.sys.bak
2014-01-05 16:02:11 ----A---- C:\windows\system32\drivers\kbdclass.sys.bak
2014-01-05 16:02:11 ----A---- C:\windows\system32\drivers\k57nd60a.sys.bak
2014-01-05 16:02:11 ----A---- C:\windows\system32\drivers\isapnp.sys.bak
2014-01-05 16:02:10 ----A---- C:\windows\system32\drivers\irenum.sys.bak
2014-01-05 16:02:10 ----A---- C:\windows\system32\drivers\irda.sys.bak
2014-01-05 16:02:10 ----A---- C:\windows\system32\drivers\ipnat.sys.bak
2014-01-05 16:02:10 ----A---- C:\windows\system32\drivers\IPMIDrv.sys.bak
2014-01-05 16:02:09 ----A---- C:\windows\system32\drivers\ipfltdrv.sys.bak
2014-01-05 16:02:09 ----A---- C:\windows\system32\drivers\intelppm.sys.bak
2014-01-05 16:02:09 ----A---- C:\windows\system32\drivers\intelide.sys.bak
2014-01-05 16:02:08 ----A---- C:\windows\system32\drivers\iirsp.sys.bak
2014-01-05 16:02:07 ----A---- C:\windows\system32\drivers\igdkmd64.sys.bak
2014-01-05 16:02:06 ----A---- C:\windows\system32\drivers\iaStorV.sys.bak
2014-01-05 16:02:06 ----A---- C:\windows\system32\drivers\i8042prt.sys.bak
2014-01-05 16:02:06 ----A---- C:\windows\system32\drivers\hwpolicy.sys.bak
2014-01-05 16:02:05 ----A---- C:\windows\system32\drivers\http.sys.bak
2014-01-05 16:02:05 ----A---- C:\windows\system32\drivers\HpSAMD.sys.bak
2014-01-05 16:02:05 ----A---- C:\windows\system32\drivers\hidusb.sys.bak
2014-01-05 16:02:05 ----A---- C:\windows\system32\drivers\hidparse.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\hidir.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\hidclass.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\hidbth.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\hidbatt.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\HdAudio.sys.bak
2014-01-05 16:02:03 ----A---- C:\windows\system32\drivers\hdaudbus.sys.bak
2014-01-05 16:02:03 ----A---- C:\windows\system32\drivers\hcw85cir.sys.bak
2014-01-05 16:02:03 ----A---- C:\windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-05 16:02:03 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-05 16:02:02 ----A---- C:\windows\system32\drivers\fvevol.sys.bak
2014-01-05 16:02:02 ----A---- C:\windows\system32\drivers\fsdepends.sys.bak
2014-01-05 16:02:02 ----A---- C:\windows\system32\drivers\fs_rec.sys.bak
2014-01-05 16:02:02 ----A---- C:\windows\system32\drivers\fltMgr.sys.bak
2014-01-05 16:02:01 ----A---- C:\windows\system32\drivers\flpydisk.sys.bak
2014-01-05 16:02:01 ----A---- C:\windows\system32\drivers\filetrace.sys.bak
2014-01-05 16:02:01 ----A---- C:\windows\system32\drivers\fileinfo.sys.bak
2014-01-05 16:02:01 ----A---- C:\windows\system32\drivers\fdc.sys.bak
2014-01-05 16:02:00 ----A---- C:\windows\system32\drivers\fastfat.sys.bak
2014-01-05 16:02:00 ----A---- C:\windows\system32\drivers\exfat.sys.bak
2014-01-05 16:01:59 ----A---- C:\windows\system32\drivers\evbda.sys.bak
2014-01-05 16:01:59 ----A---- C:\windows\system32\drivers\errdev.sys.bak
2014-01-05 16:01:58 ----A---- C:\windows\system32\drivers\elxstor.sys.bak
2014-01-05 16:01:58 ----A---- C:\windows\system32\drivers\dxgmms1.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\dxgkrnl.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\dxg.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\dxapi.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\dumpfve.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\Dumpata.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\drmkaud.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\drmk.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\Diskdump.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\disk.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\discache.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\dfsc.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\crcdisk.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\crashdmp.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\CompositeBus.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\compbatt.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\cng.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\cmdide.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\CmBatt.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\Classpnp.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\circlass.sys.bak
2014-01-05 16:01:53 ----A---- C:\windows\system32\drivers\cdrom.sys.bak
2014-01-05 16:01:53 ----A---- C:\windows\system32\drivers\cdfs.sys.bak
2014-01-05 16:01:53 ----A---- C:\windows\system32\drivers\ccdcmbx64.sys.bak
2014-01-05 16:01:53 ----A---- C:\windows\system32\drivers\ccdcmbox64.sys.bak
2014-01-05 16:01:52 ----A---- C:\windows\system32\drivers\bxvbda.sys.bak
2014-01-05 16:01:52 ----A---- C:\windows\system32\drivers\btwrchid.sys.bak
2014-01-05 16:01:52 ----A---- C:\windows\system32\drivers\btwl2cap.sys.bak
2014-01-05 16:01:52 ----A---- C:\windows\system32\drivers\btwavdt.sys.bak
2014-01-05 16:01:51 ----A---- C:\windows\system32\drivers\btwaudio.sys.bak
2014-01-05 16:01:51 ----A---- C:\windows\system32\drivers\btusbflt.sys.bak
2014-01-05 16:01:51 ----A---- C:\windows\system32\drivers\BTHUSB.SYS.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\bthport.sys.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\bthpan.sys.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\bthmodem.sys.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\bthenum.sys.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\BrUsbSer.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrSerWdm.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrSerId.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\bridge.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrFiltUp.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrFiltLo.sys.bak
2014-01-05 16:01:48 ----A---- C:\windows\system32\drivers\bowser.sys.bak
2014-01-05 16:01:48 ----A---- C:\windows\system32\drivers\blbdrive.sys.bak
2014-01-05 16:01:47 ----A---- C:\windows\system32\drivers\beep.sys.bak
2014-01-05 16:01:47 ----A---- C:\windows\system32\drivers\BCMWL664.SYS.bak
2014-01-05 16:01:46 ----A---- C:\windows\system32\drivers\battc.sys.bak
2014-01-05 16:01:45 ----A---- C:\windows\system32\drivers\b57nd60a.sys.bak
2014-01-05 16:01:44 ----A---- C:\windows\system32\drivers\atipmdag.sys.bak
2014-01-05 16:01:44 ----A---- C:\windows\system32\drivers\AtiPcie.sys.bak
2014-01-05 16:01:43 ----A---- C:\windows\system32\drivers\atikmpag.sys.bak
2014-01-05 16:01:42 ----A---- C:\windows\system32\drivers\atikmdag.sys.bak
2014-01-05 16:01:41 ----A---- C:\windows\system32\drivers\AtiHdmi.sys.bak
2014-01-05 16:01:41 ----A---- C:\windows\system32\drivers\ataport.sys.bak
2014-01-05 16:01:41 ----A---- C:\windows\system32\drivers\atapi.sys.bak
2014-01-05 16:01:41 ----A---- C:\windows\system32\drivers\asyncmac.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\arcsas.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\arc.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\ApsX64.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\ApsHM64.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\appid.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdxata.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdsbs.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdsata.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdppm.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdk8.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdide.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\aliide.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\AGP440.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\agilevpn.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\afd.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\adpu320.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\adpahci.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\adp94xx.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\AcpiVpc.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\acpipmi.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\acpi.sys.bak
2014-01-05 16:01:36 ----A---- C:\windows\system32\drivers\1394ohci.sys.bak
2014-01-05 16:01:36 ----A---- C:\windows\system32\drivers\1394bus.sys.bak
2014-01-04 16:04:21 ----D---- C:\Users\radka\AppData\Roaming\Malwarebytes
2014-01-04 16:03:54 ----D---- C:\ProgramData\Malwarebytes
2014-01-04 14:53:17 ----D---- C:\rsit
2013-12-25 10:56:04 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-25 10:56:01 ----A---- C:\windows\system32\ieui.dll
2013-12-25 10:56:00 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-25 10:56:00 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-25 10:56:00 ----A---- C:\windows\system32\jsproxy.dll
2013-12-25 10:55:59 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-25 10:55:58 ----A---- C:\windows\system32\iesetup.dll
2013-12-25 10:55:58 ----A---- C:\windows\system32\iernonce.dll
2013-12-25 10:55:58 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-25 10:55:57 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-25 10:55:56 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-25 10:55:55 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-25 10:55:55 ----A---- C:\windows\system32\mshtml.dll
2013-12-25 10:55:55 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-25 10:55:54 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-25 10:55:53 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-25 10:55:52 ----A---- C:\windows\system32\iertutil.dll
2013-12-25 10:55:51 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-25 10:55:51 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-25 10:55:50 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-25 10:55:50 ----A---- C:\windows\system32\wininet.dll
2013-12-25 10:55:49 ----A---- C:\windows\system32\urlmon.dll
2013-12-25 10:55:45 ----A---- C:\windows\system32\ieframe.dll
2013-12-25 10:55:43 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-25 10:55:42 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-25 10:55:41 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-25 10:55:40 ----A---- C:\windows\system32\jscript9.dll
2013-12-24 12:08:34 ----A---- C:\windows\system32\IEUDINIT.EXE
2013-12-24 11:57:58 ----A---- C:\windows\SYSWOW64\elshyph.dll
2013-12-24 11:57:58 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\msrating.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\msls31.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-24 11:57:48 ----A---- C:\windows\system32\elshyph.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\wextract.exe
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\webcheck.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\url.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\inseng.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iexpress.exe
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\icardie.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\occache.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\mshta.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\imgutil.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\iepeers.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2013-12-24 11:57:44 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 11:57:44 ----A---- C:\windows\system32\msls31.dll
2013-12-24 11:57:44 ----A---- C:\windows\system32\jsIntl.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 11:57:43 ----A---- C:\windows\system32\msrating.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\mshtmler.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\msfeedssync.exe
2013-12-24 11:57:43 ----A---- C:\windows\system32\msfeedsbs.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\iesysprep.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\IEAdvpack.dll
2013-12-24 11:57:42 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\webcheck.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\url.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\licmgr10.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\iedkcs32.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\icardie.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\dxtrans.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\dxtmsft.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\wextract.exe
2013-12-24 11:57:40 ----A---- C:\windows\system32\vbscript.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\pngfilt.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\occache.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\mshtmled.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\msfeeds.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\inseng.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\iexpress.exe
2013-12-24 11:57:39 ----A---- C:\windows\system32\MshtmlDac.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\mshta.exe
2013-12-24 11:57:39 ----A---- C:\windows\system32\jscript.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\imgutil.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\iepeers.dll
2013-12-13 16:00:11 ----A---- C:\windows\system32\wmploc.DLL
2013-12-13 16:00:08 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2013-12-13 16:00:07 ----A---- C:\windows\SYSWOW64\wmp.dll
2013-12-13 16:00:02 ----A---- C:\windows\system32\wmp.dll
2013-12-11 08:46:51 ----A---- C:\windows\SYSWOW64\msieftp.dll
2013-12-11 08:46:51 ----A---- C:\windows\system32\msieftp.dll
2013-12-11 08:46:49 ----A---- C:\windows\system32\win32k.sys
2013-12-11 08:46:48 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-12-11 08:46:48 ----A---- C:\windows\system32\WMPhoto.dll
2013-12-11 08:46:46 ----A---- C:\windows\system32\imagehlp.dll
2013-12-11 08:46:45 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2013-12-11 08:46:30 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-12-11 08:46:30 ----A---- C:\windows\system32\tzres.dll
2013-12-11 08:45:48 ----A---- C:\windows\system32\drivers\portcls.sys
2013-12-11 08:45:48 ----A---- C:\windows\system32\drivers\drmk.sys
2013-12-11 08:45:46 ----A---- C:\windows\SYSWOW64\wscript.exe
2013-12-11 08:45:46 ----A---- C:\windows\system32\scrrun.dll
2013-12-11 08:45:46 ----A---- C:\windows\system32\cscript.exe
2013-12-11 08:45:45 ----A---- C:\windows\SYSWOW64\scrrun.dll
2013-12-11 08:45:45 ----A---- C:\windows\SYSWOW64\cscript.exe
2013-12-11 08:45:45 ----A---- C:\windows\system32\wscript.exe
2013-12-08 16:59:35 ----D---- C:\Program Files (x86)\CCleaner
2013-12-08 16:08:52 ----D---- C:\Users\radka\AppData\Roaming\calibre
2013-12-08 16:04:19 ----D---- C:\Program Files\Calibre2
======List of files/folders modified in the last 1 months======
2014-01-06 10:56:26 ----D---- C:\Program Files\trend micro
2014-01-06 10:55:27 ----D---- C:\windows\Temp
2014-01-06 09:14:23 ----D---- C:\windows\system32\drivers
2014-01-06 09:08:52 ----D---- C:\windows\system32\Tasks
2014-01-05 23:40:42 ----D---- C:\Users\radka\AppData\Roaming\vlc
2014-01-05 22:22:43 ----D---- C:\Users\radka\AppData\Roaming\Skype
2014-01-05 16:21:55 ----D---- C:\Users\radka\AppData\Roaming\Media Player Classic
2014-01-05 16:08:26 ----D---- C:\windows\system32\config
2014-01-05 15:53:05 ----RD---- C:\Program Files (x86)
2014-01-05 15:34:42 ----SHD---- C:\System Volume Information
2014-01-05 15:29:06 ----SHD---- C:\windows\Installer
2014-01-04 16:03:54 ----D---- C:\ProgramData
2014-01-04 15:46:39 ----D---- C:\AdwCleaner
2014-01-04 14:04:23 ----D---- C:\Windows
2014-01-03 19:39:48 ----D---- C:\Radka
2014-01-03 17:18:20 ----D---- C:\windows\System32
2014-01-03 17:18:20 ----D---- C:\windows\inf
2014-01-03 17:18:20 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-01 09:18:10 ----D---- C:\windows\system32\catroot2
2013-12-28 09:58:38 ----D---- C:\windows\Prefetch
2013-12-25 11:07:51 ----D---- C:\windows\winsxs
2013-12-25 11:06:38 ----D---- C:\windows\SysWOW64
2013-12-25 11:06:38 ----D---- C:\Program Files\Internet Explorer
2013-12-25 11:06:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-25 10:57:06 ----D---- C:\windows\system32\catroot
2013-12-24 13:55:46 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-12-24 13:55:46 ----D---- C:\windows\system32\cs-CZ
2013-12-24 13:55:42 ----D---- C:\windows\SYSWOW64\migration
2013-12-24 13:55:41 ----D---- C:\windows\SYSWOW64\en-US
2013-12-24 13:55:37 ----D---- C:\windows\system32\migration
2013-12-24 13:55:37 ----D---- C:\windows\PolicyDefinitions
2013-12-24 13:55:35 ----D---- C:\windows\system32\en-US
2013-12-24 12:08:34 ----D---- C:\windows\Logs
2013-12-16 23:15:16 ----D---- C:\windows\debug
2013-12-14 22:24:16 ----D---- C:\windows\system32\MRT
2013-12-14 22:07:00 ----A---- C:\windows\system32\MRT.exe
2013-12-13 16:19:19 ----D---- C:\Program Files\Windows Media Player
2013-12-13 16:19:19 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-13 16:19:15 ----D---- C:\windows\system32\DriverStore
2013-12-13 15:54:21 ----D---- C:\ProgramData\Microsoft Help
2013-12-11 11:07:47 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 10:08:18 ----D---- C:\windows\Tasks
2013-12-08 16:04:19 ----RD---- C:\Program Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Shockprf;Shockprf; C:\windows\System32\DRIVERS\Apsx64.sys [2009-12-09 135264]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-03-15 564824]
R0 TPDIGIMN;TPDIGIMN; C:\windows\System32\DRIVERS\ApsHM64.sys [2009-12-09 23648]
R1 MpKsl8b27fc53;MpKsl8b27fc53; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DBEB3071-A47B-4870-972C-760DAC2D00CB}\MpKsl8b27fc53.sys [2014-01-05 46768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-18 28176]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atipmdag.sys [2010-01-13 6327296]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-01-13 185344]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-02-02 3058168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-04-20 2350240]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2010-01-26 214912]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-15 79376]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-13 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-13 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-27 80384]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-14 98344]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2010-01-14 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-14 21288]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2012-11-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-13 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-13 158720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-28 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-01-13 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-04-20 903456]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\windows\System32\TPHDEXLG64.exe [2009-12-09 47712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-16 182768]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 IGRS;IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-11 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-19 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-02 1255736]
-----------------EOF-----------------
Run by radka at 2014-01-06 10:56:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 233 GB (54%) free of 432 GB
Total RAM: 2814 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:27, on 6.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files\trend micro\radka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLATOR\WEBIE.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLATOR\WEBIE.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12275 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 3077088
\??\C:\windows\system32\conhost.exe "385183889-456770450-1769358672801284595-745589146-132567653420560128481471663215
"C:\windows\system32\Dwm.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\Explorer.EXE
taskeng.exe {07B42197-3F6A-4152-B6B5-91A0B12E7F96}
"taskhost.exe"
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
System32\TPHDEXLG64.exe
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2820
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-349724b5-1e39-4b07-9d25-5c447a85efbf -SystemEventPortName:HostProcess-081d8d49-65d7-49a6-a89e-5785bef17e47 -IoCancelEventPortName:HostProcess-8c1497a6-ef3d-45c5-a532-d655135671fd -NonStateChangingEventPortName:HostProcess-95977705-1c59-4f46-896b-76728d308599 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bca9da6d-7437-4805-b5b3-48baad78c059 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "C:\Users\radka\Desktop\The War of Art - Steven Pressfield\Pressfield, Steven\War of Art, The\War of Art, The - Steven Pressfield.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=3324.1.1029503409 --type=renderer "C:\Users\radka\Desktop\The War of Art - Steven Pressfield\Pressfield, Steven\War of Art, The\War of Art, The - Steven Pressfield.pdf"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:11.0 /MODE:2
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4244.57d1a00.424676395 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4244 "\\.\pipe\gecko-crash-server-pipe.4244" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash2668.6E9863D8.18523 --host-broker-channel=Flash2668.6E9863D8.24232 --host-pid=2668 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=1656.0033F1A4.714555893 --proxy-stub-channel=Flash2668.6E9863D8.18523 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
C:\windows\system32\atibtmon.exe Global\Ati_VariBrightMonitorEvent
wmiadap.exe /R /T
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe33_ Global\UsGthrCtrlFltPipeMssGthrPipe33 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Users\radka\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-04 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-02 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-02 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLATOR\WEBIE.DLL [2011-03-09 114688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-20 10151968]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-04-20 908320]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"TpShocks"=C:\Windows\System32\TpShocks.exe [2010-03-15 231328]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-04-12 4462496]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-18 7056800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2010-10-20 3122528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-03-02 171104]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-13 98304]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2010-01-15 536576]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2014-01-05 16:03:07 ----A---- C:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-05 16:03:07 ----A---- C:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\wsvd.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\wmilib.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-05 16:03:06 ----A---- C:\windows\system32\drivers\winusb.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\wimmount.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\WimFltr.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\wfplwf.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\WDMirror.sys.bak
2014-01-05 16:03:05 ----A---- C:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-05 16:03:04 ----A---- C:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-05 16:03:04 ----A---- C:\windows\system32\drivers\WDBridge.sys.bak
2014-01-05 16:03:04 ----A---- C:\windows\system32\drivers\wd.sys.bak
2014-01-05 16:03:04 ----A---- C:\windows\system32\drivers\watchdog.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\wanarp.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\wacompen.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\vwifimp.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\vwififlt.sys.bak
2014-01-05 16:03:03 ----A---- C:\windows\system32\drivers\vwifibus.sys.bak
2014-01-05 16:03:02 ----A---- C:\windows\system32\drivers\vsmraid.sys.bak
2014-01-05 16:03:02 ----A---- C:\windows\system32\drivers\volsnap.sys.bak
2014-01-05 16:03:02 ----A---- C:\windows\system32\drivers\volmgrx.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\volmgr.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\vm331avs.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\videoprt.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\viaide.sys.bak
2014-01-05 16:03:01 ----A---- C:\windows\system32\drivers\vhdmp.sys.bak
2014-01-05 16:03:00 ----A---- C:\windows\system32\drivers\vgapnp.sys.bak
2014-01-05 16:03:00 ----A---- C:\windows\system32\drivers\vga.sys.bak
2014-01-05 16:03:00 ----A---- C:\windows\system32\drivers\vdrvroot.sys.bak
2014-01-05 16:03:00 ----A---- C:\windows\system32\drivers\usbvideo.sys.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\usbuhci.sys.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\usbser_lowerfltx64.sys.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\usbser_lowerfltjx64.sys.bak
2014-01-05 16:02:59 ----A---- C:\windows\system32\drivers\usbser.sys.bak
2014-01-05 16:02:58 ----A---- C:\windows\system32\drivers\usbrpm.sys.bak
2014-01-05 16:02:58 ----A---- C:\windows\system32\drivers\usbprint.sys.bak
2014-01-05 16:02:58 ----A---- C:\windows\system32\drivers\usbport.sys.bak
2014-01-05 16:02:58 ----A---- C:\windows\system32\drivers\usbohci.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbhub.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbehci.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbd.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbcir.sys.bak
2014-01-05 16:02:57 ----A---- C:\windows\system32\drivers\usbccgp.sys.bak
2014-01-05 16:02:56 ----A---- C:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-05 16:02:56 ----A---- C:\windows\system32\drivers\usb8023.sys.bak
2014-01-05 16:02:56 ----A---- C:\windows\system32\drivers\umpass.sys.bak
2014-01-05 16:02:56 ----A---- C:\windows\system32\drivers\umbus.sys.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\udfs.sys.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\tunnel.sys.bak
2014-01-05 16:02:55 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-05 16:02:54 ----A---- C:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-05 16:02:54 ----A---- C:\windows\system32\drivers\termdd.sys.bak
2014-01-05 16:02:54 ----A---- C:\windows\system32\drivers\tdx.sys.bak
2014-01-05 16:02:54 ----A---- C:\windows\system32\drivers\tdtcp.sys.bak
2014-01-05 16:02:53 ----A---- C:\windows\system32\drivers\tdpipe.sys.bak
2014-01-05 16:02:53 ----A---- C:\windows\system32\drivers\tdi.sys.bak
2014-01-05 16:02:52 ----A---- C:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-05 16:02:52 ----A---- C:\windows\system32\drivers\tcpip.sys.bak
2014-01-05 16:02:52 ----A---- C:\windows\system32\drivers\tape.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\SynTP.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\swenum.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\stream.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\storport.sys.bak
2014-01-05 16:02:51 ----A---- C:\windows\system32\drivers\stexstor.sys.bak
2014-01-05 16:02:50 ----A---- C:\windows\system32\drivers\srvnet.sys.bak
2014-01-05 16:02:50 ----A---- C:\windows\system32\drivers\srv2.sys.bak
2014-01-05 16:02:50 ----A---- C:\windows\system32\drivers\srv.sys.bak
2014-01-05 16:02:45 ----A---- C:\windows\system32\drivers\sptd.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\spsys.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\spldr.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\smclib.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\smb.sys.bak
2014-01-05 16:02:44 ----A---- C:\windows\system32\drivers\sisraid4.sys.bak
2014-01-05 16:02:43 ----A---- C:\windows\system32\drivers\sisraid2.sys.bak
2014-01-05 16:02:43 ----A---- C:\windows\system32\drivers\Sftvollh.sys.bak
2014-01-05 16:02:43 ----A---- C:\windows\system32\drivers\Sftredirlh.sys.bak
2014-01-05 16:02:42 ----A---- C:\windows\system32\drivers\Sftplaylh.sys.bak
2014-01-05 16:02:42 ----A---- C:\windows\system32\drivers\Sftfslh.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sfloppy.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sffdisk.sys.bak
2014-01-05 16:02:41 ----A---- C:\windows\system32\drivers\sermouse.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\serial.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\serenum.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\secdrv.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\scsiport.sys.bak
2014-01-05 16:02:40 ----A---- C:\windows\system32\drivers\scfilter.sys.bak
2014-01-05 16:02:39 ----A---- C:\windows\system32\drivers\sbp2port.sys.bak
2014-01-05 16:02:38 ----A---- C:\windows\system32\drivers\RtsUStor.sys.bak
2014-01-05 16:02:38 ----A---- C:\windows\system32\drivers\RTKVHD64.sys.bak
2014-01-05 16:02:38 ----A---- C:\windows\system32\drivers\rspndr.sys.bak
2014-01-05 16:02:38 ----A---- C:\windows\system32\drivers\rootmdm.sys.bak
2014-01-05 16:02:37 ----A---- C:\windows\system32\drivers\RNDISMP.sys.bak
2014-01-05 16:02:37 ----A---- C:\windows\system32\drivers\rmcast.sys.bak
2014-01-05 16:02:37 ----A---- C:\windows\system32\drivers\rfcomm.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\rdyboost.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\rdpwd.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\RDPREFMP.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\RDPENCDD.sys.bak
2014-01-05 16:02:36 ----A---- C:\windows\system32\drivers\RDPCDD.sys.bak
2014-01-05 16:02:35 ----A---- C:\windows\system32\drivers\rdpbus.sys.bak
2014-01-05 16:02:35 ----A---- C:\windows\system32\drivers\rdbss.sys.bak
2014-01-05 16:02:35 ----A---- C:\windows\system32\drivers\rassstp.sys.bak
2014-01-05 16:02:35 ----A---- C:\windows\system32\drivers\raspptp.sys.bak
2014-01-05 16:02:34 ----A---- C:\windows\system32\drivers\raspppoe.sys.bak
2014-01-05 16:02:34 ----A---- C:\windows\system32\drivers\rasl2tp.sys.bak
2014-01-05 16:02:34 ----A---- C:\windows\system32\drivers\rasacd.sys.bak
2014-01-05 16:02:34 ----A---- C:\windows\system32\drivers\qwavedrv.sys.bak
2014-01-05 16:02:33 ----A---- C:\windows\system32\drivers\ql40xx.sys.bak
2014-01-05 16:02:33 ----A---- C:\windows\system32\drivers\ql2300.sys.bak
2014-01-05 16:02:33 ----A---- C:\windows\system32\drivers\processr.sys.bak
2014-01-05 16:02:32 ----A---- C:\windows\system32\drivers\portcls.sys.bak
2014-01-05 16:02:32 ----A---- C:\windows\system32\drivers\PEAuth.sys.bak
2014-01-05 16:02:32 ----A---- C:\windows\system32\drivers\pcw.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pcmcia.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pciidex.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pciide.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pci.sys.bak
2014-01-05 16:02:31 ----A---- C:\windows\system32\drivers\pccsmcfdx64.sys.bak
2014-01-05 16:02:30 ----A---- C:\windows\system32\drivers\partmgr.sys.bak
2014-01-05 16:02:30 ----A---- C:\windows\system32\drivers\parport.sys.bak
2014-01-05 16:02:30 ----A---- C:\windows\system32\drivers\pacer.sys.bak
2014-01-05 16:02:29 ----A---- C:\windows\system32\drivers\ohci1394.sys.bak
2014-01-05 16:02:29 ----A---- C:\windows\system32\drivers\nwifi.sys.bak
2014-01-05 16:02:29 ----A---- C:\windows\system32\drivers\nvstor.sys.bak
2014-01-05 16:02:29 ----A---- C:\windows\system32\drivers\NV_AGP.SYS.bak
2014-01-05 16:02:28 ----A---- C:\windows\system32\drivers\nvraid.sys.bak
2014-01-05 16:02:28 ----A---- C:\windows\system32\drivers\null.sys.bak
2014-01-05 16:02:28 ----A---- C:\windows\system32\drivers\ntfs.sys.bak
2014-01-05 16:02:27 ----A---- C:\windows\system32\drivers\nsiproxy.sys.bak
2014-01-05 16:02:27 ----A---- C:\windows\system32\drivers\npfs.sys.bak
2014-01-05 16:02:27 ----A---- C:\windows\system32\drivers\nmwcdnsux64.sys.bak
2014-01-05 16:02:27 ----A---- C:\windows\system32\drivers\NisDrvWFP.sys.bak
2014-01-05 16:02:25 ----A---- C:\windows\system32\drivers\nfrd960.sys.bak
2014-01-05 16:02:24 ----A---- C:\windows\system32\drivers\netw5v64.sys.bak
2014-01-05 16:02:23 ----A---- C:\windows\system32\drivers\netio.sys.bak
2014-01-05 16:02:23 ----A---- C:\windows\system32\drivers\netbt.sys.bak
2014-01-05 16:02:23 ----A---- C:\windows\system32\drivers\netbios.sys.bak
2014-01-05 16:02:23 ----A---- C:\windows\system32\drivers\ndproxy.sys.bak
2014-01-05 16:02:22 ----A---- C:\windows\system32\drivers\ndiswan.sys.bak
2014-01-05 16:02:22 ----A---- C:\windows\system32\drivers\ndisuio.sys.bak
2014-01-05 16:02:22 ----A---- C:\windows\system32\drivers\ndistapi.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\ndiscap.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\ndis.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\mup.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\MTConfig.sys.bak
2014-01-05 16:02:21 ----A---- C:\windows\system32\drivers\mstee.sys.bak
2014-01-05 16:02:20 ----A---- C:\windows\system32\drivers\mssmbios.sys.bak
2014-01-05 16:02:20 ----A---- C:\windows\system32\drivers\msrpc.sys.bak
2014-01-05 16:02:20 ----A---- C:\windows\system32\drivers\mspqm.sys.bak
2014-01-05 16:02:20 ----A---- C:\windows\system32\drivers\mspclock.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\mskssrv.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\msiscsi.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\msisadrv.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\mshidkmdf.sys.bak
2014-01-05 16:02:19 ----A---- C:\windows\system32\drivers\msfs.sys.bak
2014-01-05 16:02:18 ----A---- C:\windows\system32\drivers\msdsm.sys.bak
2014-01-05 16:02:18 ----A---- C:\windows\system32\drivers\msahci.sys.bak
2014-01-05 16:02:18 ----A---- C:\windows\system32\drivers\mrxsmb20.sys.bak
2014-01-05 16:02:18 ----A---- C:\windows\system32\drivers\mrxsmb10.sys.bak
2014-01-05 16:02:17 ----A---- C:\windows\system32\drivers\mrxsmb.sys.bak
2014-01-05 16:02:17 ----A---- C:\windows\system32\drivers\mrxdav.sys.bak
2014-01-05 16:02:17 ----A---- C:\windows\system32\drivers\mpsdrv.sys.bak
2014-01-05 16:02:17 ----A---- C:\windows\system32\drivers\mpio.sys.bak
2014-01-05 16:02:16 ----A---- C:\windows\system32\drivers\MpFilter.sys.bak
2014-01-05 16:02:16 ----A---- C:\windows\system32\drivers\mountmgr.sys.bak
2014-01-05 16:02:16 ----A---- C:\windows\system32\drivers\mouhid.sys.bak
2014-01-05 16:02:16 ----A---- C:\windows\system32\drivers\mouclass.sys.bak
2014-01-05 16:02:15 ----A---- C:\windows\system32\drivers\monitor.sys.bak
2014-01-05 16:02:15 ----A---- C:\windows\system32\drivers\modem.sys.bak
2014-01-05 16:02:15 ----A---- C:\windows\system32\drivers\MegaSR.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\megasas.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\mcd.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\luafv.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\lsi_scsi.sys.bak
2014-01-05 16:02:14 ----A---- C:\windows\system32\drivers\lsi_sas2.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\lsi_sas.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\lsi_fc.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\lltdio.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\LhdX64.sys.bak
2014-01-05 16:02:13 ----A---- C:\windows\system32\drivers\L1C62x64.sys.bak
2014-01-05 16:02:12 ----A---- C:\windows\system32\drivers\ksthunk.sys.bak
2014-01-05 16:02:12 ----A---- C:\windows\system32\drivers\ksecpkg.sys.bak
2014-01-05 16:02:12 ----A---- C:\windows\system32\drivers\ksecdd.sys.bak
2014-01-05 16:02:12 ----A---- C:\windows\system32\drivers\ks.sys.bak
2014-01-05 16:02:11 ----A---- C:\windows\system32\drivers\kbdhid.sys.bak
2014-01-05 16:02:11 ----A---- C:\windows\system32\drivers\kbdclass.sys.bak
2014-01-05 16:02:11 ----A---- C:\windows\system32\drivers\k57nd60a.sys.bak
2014-01-05 16:02:11 ----A---- C:\windows\system32\drivers\isapnp.sys.bak
2014-01-05 16:02:10 ----A---- C:\windows\system32\drivers\irenum.sys.bak
2014-01-05 16:02:10 ----A---- C:\windows\system32\drivers\irda.sys.bak
2014-01-05 16:02:10 ----A---- C:\windows\system32\drivers\ipnat.sys.bak
2014-01-05 16:02:10 ----A---- C:\windows\system32\drivers\IPMIDrv.sys.bak
2014-01-05 16:02:09 ----A---- C:\windows\system32\drivers\ipfltdrv.sys.bak
2014-01-05 16:02:09 ----A---- C:\windows\system32\drivers\intelppm.sys.bak
2014-01-05 16:02:09 ----A---- C:\windows\system32\drivers\intelide.sys.bak
2014-01-05 16:02:08 ----A---- C:\windows\system32\drivers\iirsp.sys.bak
2014-01-05 16:02:07 ----A---- C:\windows\system32\drivers\igdkmd64.sys.bak
2014-01-05 16:02:06 ----A---- C:\windows\system32\drivers\iaStorV.sys.bak
2014-01-05 16:02:06 ----A---- C:\windows\system32\drivers\i8042prt.sys.bak
2014-01-05 16:02:06 ----A---- C:\windows\system32\drivers\hwpolicy.sys.bak
2014-01-05 16:02:05 ----A---- C:\windows\system32\drivers\http.sys.bak
2014-01-05 16:02:05 ----A---- C:\windows\system32\drivers\HpSAMD.sys.bak
2014-01-05 16:02:05 ----A---- C:\windows\system32\drivers\hidusb.sys.bak
2014-01-05 16:02:05 ----A---- C:\windows\system32\drivers\hidparse.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\hidir.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\hidclass.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\hidbth.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\hidbatt.sys.bak
2014-01-05 16:02:04 ----A---- C:\windows\system32\drivers\HdAudio.sys.bak
2014-01-05 16:02:03 ----A---- C:\windows\system32\drivers\hdaudbus.sys.bak
2014-01-05 16:02:03 ----A---- C:\windows\system32\drivers\hcw85cir.sys.bak
2014-01-05 16:02:03 ----A---- C:\windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-05 16:02:03 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-05 16:02:02 ----A---- C:\windows\system32\drivers\fvevol.sys.bak
2014-01-05 16:02:02 ----A---- C:\windows\system32\drivers\fsdepends.sys.bak
2014-01-05 16:02:02 ----A---- C:\windows\system32\drivers\fs_rec.sys.bak
2014-01-05 16:02:02 ----A---- C:\windows\system32\drivers\fltMgr.sys.bak
2014-01-05 16:02:01 ----A---- C:\windows\system32\drivers\flpydisk.sys.bak
2014-01-05 16:02:01 ----A---- C:\windows\system32\drivers\filetrace.sys.bak
2014-01-05 16:02:01 ----A---- C:\windows\system32\drivers\fileinfo.sys.bak
2014-01-05 16:02:01 ----A---- C:\windows\system32\drivers\fdc.sys.bak
2014-01-05 16:02:00 ----A---- C:\windows\system32\drivers\fastfat.sys.bak
2014-01-05 16:02:00 ----A---- C:\windows\system32\drivers\exfat.sys.bak
2014-01-05 16:01:59 ----A---- C:\windows\system32\drivers\evbda.sys.bak
2014-01-05 16:01:59 ----A---- C:\windows\system32\drivers\errdev.sys.bak
2014-01-05 16:01:58 ----A---- C:\windows\system32\drivers\elxstor.sys.bak
2014-01-05 16:01:58 ----A---- C:\windows\system32\drivers\dxgmms1.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\dxgkrnl.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\dxg.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\dxapi.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\dumpfve.sys.bak
2014-01-05 16:01:57 ----A---- C:\windows\system32\drivers\Dumpata.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\drmkaud.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\drmk.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\Diskdump.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\disk.sys.bak
2014-01-05 16:01:56 ----A---- C:\windows\system32\drivers\discache.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\dfsc.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\crcdisk.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\crashdmp.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\CompositeBus.sys.bak
2014-01-05 16:01:55 ----A---- C:\windows\system32\drivers\compbatt.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\cng.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\cmdide.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\CmBatt.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\Classpnp.sys.bak
2014-01-05 16:01:54 ----A---- C:\windows\system32\drivers\circlass.sys.bak
2014-01-05 16:01:53 ----A---- C:\windows\system32\drivers\cdrom.sys.bak
2014-01-05 16:01:53 ----A---- C:\windows\system32\drivers\cdfs.sys.bak
2014-01-05 16:01:53 ----A---- C:\windows\system32\drivers\ccdcmbx64.sys.bak
2014-01-05 16:01:53 ----A---- C:\windows\system32\drivers\ccdcmbox64.sys.bak
2014-01-05 16:01:52 ----A---- C:\windows\system32\drivers\bxvbda.sys.bak
2014-01-05 16:01:52 ----A---- C:\windows\system32\drivers\btwrchid.sys.bak
2014-01-05 16:01:52 ----A---- C:\windows\system32\drivers\btwl2cap.sys.bak
2014-01-05 16:01:52 ----A---- C:\windows\system32\drivers\btwavdt.sys.bak
2014-01-05 16:01:51 ----A---- C:\windows\system32\drivers\btwaudio.sys.bak
2014-01-05 16:01:51 ----A---- C:\windows\system32\drivers\btusbflt.sys.bak
2014-01-05 16:01:51 ----A---- C:\windows\system32\drivers\BTHUSB.SYS.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\bthport.sys.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\bthpan.sys.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\bthmodem.sys.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\bthenum.sys.bak
2014-01-05 16:01:50 ----A---- C:\windows\system32\drivers\BrUsbSer.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrSerWdm.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrSerId.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\bridge.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrFiltUp.sys.bak
2014-01-05 16:01:49 ----A---- C:\windows\system32\drivers\BrFiltLo.sys.bak
2014-01-05 16:01:48 ----A---- C:\windows\system32\drivers\bowser.sys.bak
2014-01-05 16:01:48 ----A---- C:\windows\system32\drivers\blbdrive.sys.bak
2014-01-05 16:01:47 ----A---- C:\windows\system32\drivers\beep.sys.bak
2014-01-05 16:01:47 ----A---- C:\windows\system32\drivers\BCMWL664.SYS.bak
2014-01-05 16:01:46 ----A---- C:\windows\system32\drivers\battc.sys.bak
2014-01-05 16:01:45 ----A---- C:\windows\system32\drivers\b57nd60a.sys.bak
2014-01-05 16:01:44 ----A---- C:\windows\system32\drivers\atipmdag.sys.bak
2014-01-05 16:01:44 ----A---- C:\windows\system32\drivers\AtiPcie.sys.bak
2014-01-05 16:01:43 ----A---- C:\windows\system32\drivers\atikmpag.sys.bak
2014-01-05 16:01:42 ----A---- C:\windows\system32\drivers\atikmdag.sys.bak
2014-01-05 16:01:41 ----A---- C:\windows\system32\drivers\AtiHdmi.sys.bak
2014-01-05 16:01:41 ----A---- C:\windows\system32\drivers\ataport.sys.bak
2014-01-05 16:01:41 ----A---- C:\windows\system32\drivers\atapi.sys.bak
2014-01-05 16:01:41 ----A---- C:\windows\system32\drivers\asyncmac.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\arcsas.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\arc.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\ApsX64.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\ApsHM64.sys.bak
2014-01-05 16:01:40 ----A---- C:\windows\system32\drivers\appid.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdxata.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdsbs.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdsata.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdppm.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdk8.sys.bak
2014-01-05 16:01:39 ----A---- C:\windows\system32\drivers\amdide.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\aliide.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\AGP440.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\agilevpn.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\afd.sys.bak
2014-01-05 16:01:38 ----A---- C:\windows\system32\drivers\adpu320.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\adpahci.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\adp94xx.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\AcpiVpc.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\acpipmi.sys.bak
2014-01-05 16:01:37 ----A---- C:\windows\system32\drivers\acpi.sys.bak
2014-01-05 16:01:36 ----A---- C:\windows\system32\drivers\1394ohci.sys.bak
2014-01-05 16:01:36 ----A---- C:\windows\system32\drivers\1394bus.sys.bak
2014-01-04 16:04:21 ----D---- C:\Users\radka\AppData\Roaming\Malwarebytes
2014-01-04 16:03:54 ----D---- C:\ProgramData\Malwarebytes
2014-01-04 14:53:17 ----D---- C:\rsit
2013-12-25 10:56:04 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-25 10:56:01 ----A---- C:\windows\system32\ieui.dll
2013-12-25 10:56:00 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-25 10:56:00 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-25 10:56:00 ----A---- C:\windows\system32\jsproxy.dll
2013-12-25 10:55:59 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-25 10:55:58 ----A---- C:\windows\system32\iesetup.dll
2013-12-25 10:55:58 ----A---- C:\windows\system32\iernonce.dll
2013-12-25 10:55:58 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-25 10:55:57 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-25 10:55:56 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-25 10:55:55 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-25 10:55:55 ----A---- C:\windows\system32\mshtml.dll
2013-12-25 10:55:55 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-25 10:55:54 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-25 10:55:53 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-25 10:55:52 ----A---- C:\windows\system32\iertutil.dll
2013-12-25 10:55:51 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-25 10:55:51 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-25 10:55:50 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-25 10:55:50 ----A---- C:\windows\system32\wininet.dll
2013-12-25 10:55:49 ----A---- C:\windows\system32\urlmon.dll
2013-12-25 10:55:45 ----A---- C:\windows\system32\ieframe.dll
2013-12-25 10:55:43 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-25 10:55:42 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-25 10:55:41 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-25 10:55:40 ----A---- C:\windows\system32\jscript9.dll
2013-12-24 12:08:34 ----A---- C:\windows\system32\IEUDINIT.EXE
2013-12-24 11:57:58 ----A---- C:\windows\SYSWOW64\elshyph.dll
2013-12-24 11:57:58 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\msrating.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\msls31.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2013-12-24 11:57:48 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-24 11:57:48 ----A---- C:\windows\system32\elshyph.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\wextract.exe
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\webcheck.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\url.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\inseng.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iexpress.exe
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\icardie.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2013-12-24 11:57:47 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\occache.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\mshta.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\imgutil.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\iepeers.dll
2013-12-24 11:57:46 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-12-24 11:57:45 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2013-12-24 11:57:44 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 11:57:44 ----A---- C:\windows\system32\msls31.dll
2013-12-24 11:57:44 ----A---- C:\windows\system32\jsIntl.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 11:57:43 ----A---- C:\windows\system32\msrating.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\mshtmler.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\msfeedssync.exe
2013-12-24 11:57:43 ----A---- C:\windows\system32\msfeedsbs.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\iesysprep.dll
2013-12-24 11:57:43 ----A---- C:\windows\system32\IEAdvpack.dll
2013-12-24 11:57:42 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\webcheck.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\url.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\licmgr10.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\iedkcs32.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\icardie.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\dxtrans.dll
2013-12-24 11:57:41 ----A---- C:\windows\system32\dxtmsft.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\wextract.exe
2013-12-24 11:57:40 ----A---- C:\windows\system32\vbscript.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\pngfilt.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\occache.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\mshtmled.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\msfeeds.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\inseng.dll
2013-12-24 11:57:40 ----A---- C:\windows\system32\iexpress.exe
2013-12-24 11:57:39 ----A---- C:\windows\system32\MshtmlDac.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\mshta.exe
2013-12-24 11:57:39 ----A---- C:\windows\system32\jscript.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\imgutil.dll
2013-12-24 11:57:39 ----A---- C:\windows\system32\iepeers.dll
2013-12-13 16:00:11 ----A---- C:\windows\system32\wmploc.DLL
2013-12-13 16:00:08 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2013-12-13 16:00:07 ----A---- C:\windows\SYSWOW64\wmp.dll
2013-12-13 16:00:02 ----A---- C:\windows\system32\wmp.dll
2013-12-11 08:46:51 ----A---- C:\windows\SYSWOW64\msieftp.dll
2013-12-11 08:46:51 ----A---- C:\windows\system32\msieftp.dll
2013-12-11 08:46:49 ----A---- C:\windows\system32\win32k.sys
2013-12-11 08:46:48 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-12-11 08:46:48 ----A---- C:\windows\system32\WMPhoto.dll
2013-12-11 08:46:46 ----A---- C:\windows\system32\imagehlp.dll
2013-12-11 08:46:45 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2013-12-11 08:46:30 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-12-11 08:46:30 ----A---- C:\windows\system32\tzres.dll
2013-12-11 08:45:48 ----A---- C:\windows\system32\drivers\portcls.sys
2013-12-11 08:45:48 ----A---- C:\windows\system32\drivers\drmk.sys
2013-12-11 08:45:46 ----A---- C:\windows\SYSWOW64\wscript.exe
2013-12-11 08:45:46 ----A---- C:\windows\system32\scrrun.dll
2013-12-11 08:45:46 ----A---- C:\windows\system32\cscript.exe
2013-12-11 08:45:45 ----A---- C:\windows\SYSWOW64\scrrun.dll
2013-12-11 08:45:45 ----A---- C:\windows\SYSWOW64\cscript.exe
2013-12-11 08:45:45 ----A---- C:\windows\system32\wscript.exe
2013-12-08 16:59:35 ----D---- C:\Program Files (x86)\CCleaner
2013-12-08 16:08:52 ----D---- C:\Users\radka\AppData\Roaming\calibre
2013-12-08 16:04:19 ----D---- C:\Program Files\Calibre2
======List of files/folders modified in the last 1 months======
2014-01-06 10:56:26 ----D---- C:\Program Files\trend micro
2014-01-06 10:55:27 ----D---- C:\windows\Temp
2014-01-06 09:14:23 ----D---- C:\windows\system32\drivers
2014-01-06 09:08:52 ----D---- C:\windows\system32\Tasks
2014-01-05 23:40:42 ----D---- C:\Users\radka\AppData\Roaming\vlc
2014-01-05 22:22:43 ----D---- C:\Users\radka\AppData\Roaming\Skype
2014-01-05 16:21:55 ----D---- C:\Users\radka\AppData\Roaming\Media Player Classic
2014-01-05 16:08:26 ----D---- C:\windows\system32\config
2014-01-05 15:53:05 ----RD---- C:\Program Files (x86)
2014-01-05 15:34:42 ----SHD---- C:\System Volume Information
2014-01-05 15:29:06 ----SHD---- C:\windows\Installer
2014-01-04 16:03:54 ----D---- C:\ProgramData
2014-01-04 15:46:39 ----D---- C:\AdwCleaner
2014-01-04 14:04:23 ----D---- C:\Windows
2014-01-03 19:39:48 ----D---- C:\Radka
2014-01-03 17:18:20 ----D---- C:\windows\System32
2014-01-03 17:18:20 ----D---- C:\windows\inf
2014-01-03 17:18:20 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-01 09:18:10 ----D---- C:\windows\system32\catroot2
2013-12-28 09:58:38 ----D---- C:\windows\Prefetch
2013-12-25 11:07:51 ----D---- C:\windows\winsxs
2013-12-25 11:06:38 ----D---- C:\windows\SysWOW64
2013-12-25 11:06:38 ----D---- C:\Program Files\Internet Explorer
2013-12-25 11:06:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-25 10:57:06 ----D---- C:\windows\system32\catroot
2013-12-24 13:55:46 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-12-24 13:55:46 ----D---- C:\windows\system32\cs-CZ
2013-12-24 13:55:42 ----D---- C:\windows\SYSWOW64\migration
2013-12-24 13:55:41 ----D---- C:\windows\SYSWOW64\en-US
2013-12-24 13:55:37 ----D---- C:\windows\system32\migration
2013-12-24 13:55:37 ----D---- C:\windows\PolicyDefinitions
2013-12-24 13:55:35 ----D---- C:\windows\system32\en-US
2013-12-24 12:08:34 ----D---- C:\windows\Logs
2013-12-16 23:15:16 ----D---- C:\windows\debug
2013-12-14 22:24:16 ----D---- C:\windows\system32\MRT
2013-12-14 22:07:00 ----A---- C:\windows\system32\MRT.exe
2013-12-13 16:19:19 ----D---- C:\Program Files\Windows Media Player
2013-12-13 16:19:19 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-13 16:19:15 ----D---- C:\windows\system32\DriverStore
2013-12-13 15:54:21 ----D---- C:\ProgramData\Microsoft Help
2013-12-11 11:07:47 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 10:08:18 ----D---- C:\windows\Tasks
2013-12-08 16:04:19 ----RD---- C:\Program Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Shockprf;Shockprf; C:\windows\System32\DRIVERS\Apsx64.sys [2009-12-09 135264]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-03-15 564824]
R0 TPDIGIMN;TPDIGIMN; C:\windows\System32\DRIVERS\ApsHM64.sys [2009-12-09 23648]
R1 MpKsl8b27fc53;MpKsl8b27fc53; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DBEB3071-A47B-4870-972C-760DAC2D00CB}\MpKsl8b27fc53.sys [2014-01-05 46768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-18 28176]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atipmdag.sys [2010-01-13 6327296]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-01-13 185344]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-02-02 3058168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-04-20 2350240]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2010-01-26 214912]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-15 79376]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-13 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-13 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-27 80384]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-14 98344]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2010-01-14 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-14 21288]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2012-11-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-13 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-13 158720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-28 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-01-13 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-04-20 903456]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\windows\System32\TPHDEXLG64.exe [2009-12-09 47712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-16 182768]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 IGRS;IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-11 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-19 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-02 1255736]
-----------------EOF-----------------
Re: prosim o kontrolu - zpomaleny ntb
Jeste jeden sken a budem mazat.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?