Ahoj, problemy nemam, dneska se mi to znenadani vypnulo.. Ale běží..
Díky za kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2014-10-30 11:16:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 215 GB (51%) free of 420 GB
Total RAM: 6088 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:16:05, on 30.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Users\Tom\Downloads\Core Temp.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tom.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.2:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [QIP2005] C:\Program Files (x86)\QIP\qip.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12152 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 27480368
\??\C:\windows\system32\conhost.exe "-1811428013-2031564297-1360933595-1457721541-1812279070-1191816954823728113-1794540399
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {1F895832-61AB-455E-A117-E01A70B03D11}
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\windows\system32\msiexec.exe /V
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
taskeng.exe {F3D72692-63BF-46DF-8027-2FB6BD424FF6}
"C:\Users\Tom\Downloads\Core Temp.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
WLIDSvcM.exe 2916
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
taskeng.exe {39A7D21A-E86C-450E-BD5F-6AC7BBB6EB0F}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 6e4940cb-3f6f-4bee-9dca-270d052f5950 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "-1000835295156703233624145886418377467211908081751843793714695230024-2039170733
\??\C:\windows\system32\conhost.exe "-2005596464925624956715036219-1554760832-460112813-13362755712107663992-1151134613
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="828.0.771653002\985833280" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0126 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.2.1013512656\1593469018" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.6.1814556126\941140198" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.7.1072515101\34270413" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.8.1038451780\1954289229" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.9.1848122522\735448060" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.10.1707795986\621920186" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.11.106781887\367197384" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.12.165483273\1718318621" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="828.13.1728031923\1117292743" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.15.823303843\1292846554" /prefetch:673131151
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="828.16.926123543\1472886848" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Users\Tom\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\x4w1knen.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-02-24 12452456]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-05-02 1935120]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-28 2841896]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-05-19 789920]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2012-05-19 206176]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-05-19 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-05-19 5908928]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-09-17 2799784]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2013-11-07 171992]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2013-11-07 399832]
"Persistence"=C:\windows\system32\igfxpers.exe [2013-11-07 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"QIP2005"=C:\Program Files (x86)\QIP\qip.exe [2010-10-29 3330560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\windows\inf\ntvdm.vbe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-12 283160]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-05-19 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2013-11-07 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-30 11:16:02 ----D---- C:\rsit
2014-10-23 17:24:51 ----D---- C:\windows\SYSWOW64\NV
2014-10-23 17:24:51 ----D---- C:\windows\system32\NV
2014-10-23 16:34:31 ----A---- C:\windows\system32\nvvsvc.exe
2014-10-23 16:34:31 ----A---- C:\windows\system32\nvsvcr.dll
2014-10-23 16:34:31 ----A---- C:\windows\system32\nvsvc64.dll
2014-10-23 16:34:31 ----A---- C:\windows\system32\nvshext.dll
2014-10-23 16:34:31 ----A---- C:\windows\system32\nvmctray.dll
2014-10-23 16:34:31 ----A---- C:\windows\system32\nvcpl.dll
2014-10-23 16:34:31 ----A---- C:\windows\system32\nv3dappshextr.dll
2014-10-23 16:34:31 ----A---- C:\windows\system32\nv3dappshext.dll
2014-10-23 16:34:30 ----A---- C:\windows\SYSWOW64\oemdspif.dll
2014-10-23 16:34:12 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2014-10-23 16:34:12 ----A---- C:\windows\system32\OpenCL.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvumdshim.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvinit.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvd3dum.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2014-10-23 16:32:44 ----A---- C:\windows\SYSWOW64\nvapi.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvwgf2umx.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvumdshimx.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvopencl.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvoglv64.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvoglshim64.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvinitx.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\NvIFR64.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\NvFBC64.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvdispgenco6434448.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvdispco6434448.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvd3dumx.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvcuvid.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvcuda.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvcompiler.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\nvapi64.dll
2014-10-23 16:32:44 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2014-10-23 16:32:44 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2014-10-16 12:57:55 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 07:18:02 ----A---- C:\windows\system32\win32k.sys
2014-10-15 07:18:01 ----A---- C:\windows\SYSWOW64\mscorier.dll
2014-10-15 07:18:01 ----A---- C:\windows\system32\mscorier.dll
2014-10-15 07:18:00 ----A---- C:\windows\SYSWOW64\mscories.dll
2014-10-15 07:18:00 ----A---- C:\windows\SYSWOW64\dfshim.dll
2014-10-15 07:18:00 ----A---- C:\windows\system32\mscories.dll
2014-10-15 07:18:00 ----A---- C:\windows\system32\dfshim.dll
2014-10-15 07:17:52 ----A---- C:\windows\SYSWOW64\blackbox.dll
2014-10-15 07:17:52 ----A---- C:\windows\system32\blackbox.dll
2014-10-15 07:17:51 ----A---- C:\windows\SYSWOW64\drmv2clt.dll
2014-10-15 07:17:51 ----A---- C:\windows\system32\drmv2clt.dll
2014-10-15 07:17:49 ----A---- C:\windows\system32\wmp.dll
2014-10-15 07:17:48 ----A---- C:\windows\system32\wmdrmsdk.dll
2014-10-15 07:17:48 ----A---- C:\windows\system32\mf.dll
2014-10-15 07:17:47 ----A---- C:\windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 07:17:47 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-10-15 07:17:46 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-10-15 07:17:44 ----A---- C:\windows\SYSWOW64\mf.dll
2014-10-15 07:17:44 ----A---- C:\windows\SYSWOW64\drmmgrtn.dll
2014-10-15 07:17:44 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 07:17:44 ----A---- C:\windows\system32\drmmgrtn.dll
2014-10-15 07:17:44 ----A---- C:\windows\system32\drivers\PEAuth.sys
2014-10-15 07:17:44 ----A---- C:\windows\system32\ci.dll
2014-10-15 07:17:43 ----A---- C:\windows\system32\winload.exe
2014-10-15 07:17:43 ----A---- C:\windows\system32\quartz.dll
2014-10-15 07:17:43 ----A---- C:\windows\system32\AudioEng.dll
2014-10-15 07:17:42 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 07:17:42 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-10-15 07:17:42 ----A---- C:\windows\system32\wintrust.dll
2014-10-15 07:17:42 ----A---- C:\windows\system32\winresume.exe
2014-10-15 07:17:42 ----A---- C:\windows\system32\ntoskrnl.exe
2014-10-15 07:17:42 ----A---- C:\windows\system32\evr.dll
2014-10-15 07:17:42 ----A---- C:\windows\system32\cryptsvc.dll
2014-10-15 07:17:41 ----A---- C:\windows\system32\EncDump.dll
2014-10-15 07:17:41 ----A---- C:\windows\system32\crypt32.dll
2014-10-15 07:17:40 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-10-15 07:17:40 ----A---- C:\windows\SYSWOW64\quartz.dll
2014-10-15 07:17:40 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-10-15 07:17:40 ----A---- C:\windows\SYSWOW64\evr.dll
2014-10-15 07:17:40 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2014-10-15 07:17:40 ----A---- C:\windows\system32\mfplat.dll
2014-10-15 07:17:40 ----A---- C:\windows\system32\cryptui.dll
2014-10-15 07:17:40 ----A---- C:\windows\system32\audiosrv.dll
2014-10-15 07:17:40 ----A---- C:\windows\system32\AudioSes.dll
2014-10-15 07:17:39 ----A---- C:\windows\SYSWOW64\mfplat.dll
2014-10-15 07:17:39 ----A---- C:\windows\SYSWOW64\cryptui.dll
2014-10-15 07:17:39 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-10-15 07:17:39 ----A---- C:\windows\system32\srcore.dll
2014-10-15 07:17:39 ----A---- C:\windows\system32\pcasvc.dll
2014-10-15 07:17:38 ----A---- C:\windows\SYSWOW64\msscp.dll
2014-10-15 07:17:38 ----A---- C:\windows\SYSWOW64\cryptsp.dll
2014-10-15 07:17:38 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-10-15 07:17:38 ----A---- C:\windows\system32\rstrui.exe
2014-10-15 07:17:38 ----A---- C:\windows\system32\msscp.dll
2014-10-15 07:17:38 ----A---- C:\windows\system32\msnetobj.dll
2014-10-15 07:17:38 ----A---- C:\windows\system32\cryptsp.dll
2014-10-15 07:17:38 ----A---- C:\windows\system32\audiodg.exe
2014-10-15 07:17:38 ----A---- C:\windows\system32\appidsvc.dll
2014-10-15 07:17:38 ----A---- C:\windows\system32\appidapi.dll
2014-10-15 07:17:37 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2014-10-15 07:17:37 ----A---- C:\windows\SYSWOW64\msnetobj.dll
2014-10-15 07:17:37 ----A---- C:\windows\SYSWOW64\mfps.dll
2014-10-15 07:17:37 ----A---- C:\windows\SYSWOW64\appidapi.dll
2014-10-15 07:17:37 ----A---- C:\windows\system32\rrinstaller.exe
2014-10-15 07:17:37 ----A---- C:\windows\system32\mfps.dll
2014-10-15 07:17:37 ----A---- C:\windows\system32\mfpmp.exe
2014-10-15 07:17:37 ----A---- C:\windows\system32\drivers\appid.sys
2014-10-15 07:17:37 ----A---- C:\windows\system32\appidpolicyconverter.exe
2014-10-15 07:17:36 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-10-15 07:17:36 ----A---- C:\windows\SYSWOW64\srclient.dll
2014-10-15 07:17:36 ----A---- C:\windows\SYSWOW64\spwmp.dll
2014-10-15 07:17:36 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2014-10-15 07:17:36 ----A---- C:\windows\SYSWOW64\mferror.dll
2014-10-15 07:17:36 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2014-10-15 07:17:36 ----A---- C:\windows\system32\wmploc.DLL
2014-10-15 07:17:36 ----A---- C:\windows\system32\srclient.dll
2014-10-15 07:17:36 ----A---- C:\windows\system32\spwmp.dll
2014-10-15 07:17:36 ----A---- C:\windows\system32\setbcdlocale.dll
2014-10-15 07:17:36 ----A---- C:\windows\system32\mferror.dll
2014-10-15 07:17:36 ----A---- C:\windows\system32\dxmasf.dll
2014-10-15 07:17:36 ----A---- C:\windows\system32\appidcertstorecheck.exe
2014-10-15 07:17:29 ----A---- C:\windows\system32\generaltel.dll
2014-10-15 07:17:29 ----A---- C:\windows\system32\aepdu.dll
2014-10-15 07:17:28 ----A---- C:\windows\system32\aeinv.dll
2014-10-15 07:17:27 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-10-15 07:17:27 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-10-15 07:17:27 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 07:17:26 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-10-15 07:17:26 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-10-15 07:17:26 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-10-15 07:17:26 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:17:26 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-10-15 07:17:26 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-10-15 07:17:26 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:17:26 ----A---- C:\windows\system32\iernonce.dll
2014-10-15 07:17:26 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-10-15 07:17:26 ----A---- C:\windows\system32\ie4uinit.exe
2014-10-15 07:17:25 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-10-15 07:17:24 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-10-15 07:17:24 ----A---- C:\windows\system32\iedkcs32.dll
2014-10-15 07:17:23 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-10-15 07:17:23 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-10-15 07:17:23 ----A---- C:\windows\system32\urlmon.dll
2014-10-15 07:17:23 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-10-15 07:17:22 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-10-15 07:17:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-10-15 07:17:22 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-10-15 07:17:22 ----A---- C:\windows\system32\msfeeds.dll
2014-10-15 07:17:22 ----A---- C:\windows\system32\ieetwcollector.exe
2014-10-15 07:17:22 ----A---- C:\windows\system32\dxtmsft.dll
2014-10-15 07:17:21 ----A---- C:\windows\system32\iesetup.dll
2014-10-15 07:17:20 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-10-15 07:17:20 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 07:17:20 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-10-15 07:17:20 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-10-15 07:17:20 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-10-15 07:17:20 ----A---- C:\windows\system32\iertutil.dll
2014-10-15 07:17:19 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-10-15 07:17:19 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-10-15 07:17:19 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-10-15 07:17:19 ----A---- C:\windows\system32\jsproxy.dll
2014-10-15 07:17:18 ----A---- C:\windows\system32\ieui.dll
2014-10-15 07:17:18 ----A---- C:\windows\system32\ieframe.dll
2014-10-15 07:17:18 ----A---- C:\windows\system32\dxtrans.dll
2014-10-15 07:17:17 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-10-15 07:17:17 ----A---- C:\windows\system32\mshtmled.dll
2014-10-15 07:17:17 ----A---- C:\windows\system32\jscript9diag.dll
2014-10-15 07:17:17 ----A---- C:\windows\system32\ieUnatt.exe
2014-10-15 07:17:16 ----A---- C:\windows\system32\wininet.dll
2014-10-15 07:17:16 ----A---- C:\windows\system32\vbscript.dll
2014-10-15 07:17:16 ----A---- C:\windows\system32\jscript9.dll
2014-10-15 07:17:16 ----A---- C:\windows\system32\ieapfltr.dll
2014-10-15 07:17:15 ----A---- C:\windows\system32\msrating.dll
2014-10-15 07:17:15 ----A---- C:\windows\system32\MshtmlDac.dll
2014-10-15 07:17:14 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:17:14 ----A---- C:\windows\system32\mshtml.dll
2014-10-15 07:15:54 ----A---- C:\windows\system32\msi.dll
2014-10-15 07:15:53 ----A---- C:\windows\SYSWOW64\msi.dll
2014-10-15 07:15:44 ----A---- C:\windows\system32\rdpcorets.dll
2014-10-15 07:15:40 ----A---- C:\windows\system32\rastls.dll
2014-10-15 07:15:39 ----A---- C:\windows\SYSWOW64\rastls.dll
2014-10-15 07:15:35 ----A---- C:\windows\system32\winsta.dll
2014-10-15 07:15:35 ----A---- C:\windows\system32\termsrv.dll
2014-10-15 07:15:34 ----A---- C:\windows\SYSWOW64\winsta.dll
2014-10-15 07:15:34 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-10-15 07:15:34 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-10-15 07:15:34 ----A---- C:\windows\system32\winlogon.exe
2014-10-15 07:15:34 ----A---- C:\windows\system32\TSpkg.dll
2014-10-15 07:15:34 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-10-15 07:15:34 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2014-10-15 07:15:34 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-10-15 07:15:34 ----A---- C:\windows\system32\credssp.dll
2014-10-15 07:15:26 ----A---- C:\windows\system32\mstscax.dll
2014-10-15 07:15:25 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-10-15 07:15:24 ----A---- C:\windows\SYSWOW64\packager.dll
2014-10-15 07:15:24 ----A---- C:\windows\system32\packager.dll
2014-10-01 10:32:11 ----A---- C:\windows\system32\qdvd.dll
2014-10-01 10:32:10 ----A---- C:\windows\SYSWOW64\qdvd.dll
======List of files/folders modified in the last 1 month======
2014-10-30 11:16:05 ----D---- C:\windows\Temp
2014-10-30 11:16:05 ----D---- C:\windows\Prefetch
2014-10-30 11:16:03 ----D---- C:\Program Files\trend micro
2014-10-30 11:13:30 ----A---- C:\windows\SYSWOW64\log.txt
2014-10-30 11:11:26 ----D---- C:\windows\system32\config
2014-10-30 11:11:18 ----D---- C:\ProgramData\VeriFace
2014-10-30 11:05:23 ----SHD---- C:\System Volume Information
2014-10-30 11:04:52 ----SHD---- C:\windows\Installer
2014-10-30 09:14:50 ----D---- C:\windows\System32
2014-10-30 09:14:50 ----D---- C:\windows\inf
2014-10-30 09:14:50 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-10-29 09:56:07 ----D---- C:\windows\system32\NDF
2014-10-27 19:57:23 ----D---- C:\Users\Tom\AppData\Roaming\vlc
2014-10-25 10:39:53 ----D---- C:\Users\Tom\AppData\Roaming\Audacity
2014-10-23 17:24:51 ----D---- C:\windows\SysWOW64
2014-10-23 17:24:49 ----D---- C:\ProgramData\NVIDIA
2014-10-23 16:34:47 ----D---- C:\windows\system32\DriverStore
2014-10-23 16:34:30 ----D---- C:\windows\Help
2014-10-23 16:34:30 ----D---- C:\Program Files\NVIDIA Corporation
2014-10-23 16:34:06 ----D---- C:\ProgramData\NVIDIA Corporation
2014-10-23 16:34:00 ----D---- C:\windows\system32\drivers
2014-10-23 16:33:56 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-10-23 16:33:53 ----D---- C:\windows\system32\catroot2
2014-10-20 15:43:07 ----D---- C:\windows\winsxs
2014-10-20 15:33:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-20 15:24:37 ----D---- C:\Program Files\CCleaner
2014-10-20 13:05:32 ----RD---- C:\Program Files (x86)
2014-10-20 13:05:28 ----D---- C:\windows\Tasks
2014-10-19 10:42:15 ----D---- C:\windows\Microsoft.NET
2014-10-16 12:57:58 ----RSD---- C:\windows\assembly
2014-10-16 10:10:51 ----D---- C:\windows\rescache
2014-10-15 21:44:27 ----D---- C:\windows\SYSWOW64\Dism
2014-10-15 21:44:27 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-10-15 21:44:27 ----D---- C:\windows\system32\Dism
2014-10-15 21:44:27 ----D---- C:\Program Files\Windows Media Player
2014-10-15 21:44:27 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 21:44:26 ----SD---- C:\windows\system32\CompatTel
2014-10-15 21:44:26 ----D---- C:\windows\SYSWOW64\en-US
2014-10-15 21:44:26 ----D---- C:\windows\system32\en-US
2014-10-15 21:44:26 ----D---- C:\windows\system32\cs-CZ
2014-10-15 21:44:26 ----D---- C:\windows\system32\CodeIntegrity
2014-10-15 21:44:26 ----D---- C:\windows\system32\Boot
2014-10-15 21:44:26 ----D---- C:\Program Files\Internet Explorer
2014-10-15 21:44:25 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 19:48:58 ----D---- C:\windows\system32\MRT
2014-10-15 19:42:14 ----A---- C:\windows\system32\MRT.exe
2014-10-15 07:11:42 ----D---- C:\windows\system32\catroot
2014-10-02 14:53:02 ----N---- C:\windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2012-05-19 57952]
R0 fltsrv;Acronis Storage Filter Management; C:\windows\system32\DRIVERS\fltsrv.sys [2012-08-30 132704]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-05-19 39008]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-10-16 30408]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2012-05-19 13408]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2012-05-19 29792]
R3 ALSysIO;ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-09-29 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2011-05-13 437288]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2011-05-13 150568]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2011-05-13 164392]
R3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2011-05-13 89640]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-05-13 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2011-05-13 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 DelayMan;ACPI DelayMan Filter Service; C:\windows\system32\DRIVERS\delayman.sys [2012-05-19 20064]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-02-24 4756200]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2010-12-13 174168]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2011-05-09 425000]
R3 LgBttPort;LGE Bluetooth TransPort; C:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-10-28 398896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wdkmd;Intel WiDi KMD; C:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
S3 AF15BDA;AF9015 BDA Device; C:\windows\system32\DRIVERS\AF15BDA.sys [2014-05-19 507392]
S3 Andbus;LGE Android Platform Composite USB Device; C:\windows\system32\DRIVERS\lgandbus64.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\windows\system32\DRIVERS\lganddiag64.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\windows\system32\DRIVERS\lgandgps64.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\windows\system32\DRIVERS\lgandmodem64.sys []
S3 andnetadb;ADB Interface DriverNet; C:\windows\System32\Drivers\lgandnetadb.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2013-04-18 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2011-05-12 970016]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1148744]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19439944]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-10-16 933064]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2014-04-17 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-29 115608]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-10-21 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-08-29 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka
Zdravim 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/,
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/,
- ukoncete vsechny programy,
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem),
- kliknete na Scan, pote na Clean,
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka
Děkuji
# AdwCleaner v3.311 - Report created 30/10/2014 at 18:04:38
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tom - TOMES-PC
# Running from : C:\Users\Tom\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v20.0.1 (cs)
[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\m9m09avg.default-1355659429358\prefs.js ]
[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\x4w1knen.default\prefs.js ]
-\\ Google Chrome v38.0.2125.111
[ File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1170 octets] - [30/10/2014 18:03:22]
AdwCleaner[S1].txt - [1095 octets] - [30/10/2014 18:04:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1155 octets] ##########
# AdwCleaner v3.311 - Report created 30/10/2014 at 18:04:38
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tom - TOMES-PC
# Running from : C:\Users\Tom\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v20.0.1 (cs)
[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\m9m09avg.default-1355659429358\prefs.js ]
[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\x4w1knen.default\prefs.js ]
-\\ Google Chrome v38.0.2125.111
[ File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1170 octets] - [30/10/2014 18:03:22]
AdwCleaner[S1].txt - [1095 octets] - [30/10/2014 18:04:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1155 octets] ##########
Re: Preventivka
Dejte log FRST, prilozte i Addition.txt http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014
Ran by Tom (administrator) on TOMES-PC on 30-10-2014 19:29:00
Running from C:\Users\Tom\Desktop
Loaded Profile: Tom (Available profiles: Tom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Users\Tom\Downloads\Core Temp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-24] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2012-05-19] (Lenovo)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-05-19] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2012-05-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-05-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-05-19] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\Run: [QIP2005] => C:\Program Files (x86)\QIP\qip.exe [3330560 2010-10-29] (The Author of QIP)
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {8609fcba-f0df-11e1-9295-c01885f051f1} - G:\autorun.exe
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {86af0d3d-07de-11e3-ab6e-c01885f051f1} - I:\LaunchU3.exe -a
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {e43abdfa-ad06-11e2-9267-c01885f051f1} - H:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156840 2014-10-16] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: 192.168.2.2:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... lz=1I7LENN
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\x4w1knen.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\x4w1knen.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-28]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-08-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/", "hxxp://google.cz/"
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-29]
CHR Extension: (Převod měn) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2014-08-29]
CHR Extension: (Peněženka Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [970016 2011-05-12] (Broadcom Corporation.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2014-04-17] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) [File not signed]
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-13] (Broadcom Corporation.)
R3 DelayMan; C:\Windows\System32\DRIVERS\delayman.sys [20064 2012-05-19] (Ensurebit Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R1 winioex; C:\Windows\System32\drivers\winioex.sys [15456 2012-05-19] (Ensurebit Inc.)
R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-30 19:29 - 2014-10-30 19:29 - 00018140 _____ () C:\Users\Tom\Desktop\FRST.txt
2014-10-30 19:28 - 2014-10-30 19:29 - 00000000 ____D () C:\FRST
2014-10-30 19:23 - 2014-10-30 19:24 - 00112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2014-10-30 19:23 - 2014-10-30 19:23 - 02113536 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2014-10-30 18:05 - 2014-10-30 18:05 - 00000314 _____ () C:\windows\PFRO.log
2014-10-30 18:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-10-30 18:02 - 2014-10-30 18:04 - 00000000 ____D () C:\AdwCleaner
2014-10-30 18:01 - 2014-10-30 18:01 - 01375089 _____ () C:\Users\Tom\Desktop\adwcleaner_3.311.exe
2014-10-30 11:16 - 2014-10-30 11:16 - 00000000 ____D () C:\rsit
2014-10-29 14:53 - 2014-10-29 14:53 - 00000000 ____D () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_video
2014-10-29 14:53 - 2014-10-29 14:53 - 00000000 ____D () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_II
2014-10-29 14:53 - 2014-10-29 14:53 - 00000000 ____D () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_I
2014-10-29 14:40 - 2014-10-29 14:47 - 89643911 _____ () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_I.7z
2014-10-29 14:40 - 2014-10-29 14:46 - 100578699 _____ () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_II.7z
2014-10-29 14:40 - 2014-10-29 14:44 - 76594182 _____ () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_video.7z
2014-10-26 14:37 - 2014-10-26 14:37 - 01553408 _____ () C:\Users\Tom\Downloads\Celebrity v mládí.pps
2014-10-25 12:04 - 2014-10-25 12:04 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2014-10-24 19:37 - 2014-10-24 20:12 - 00000000 ____D () C:\Users\Tom\Desktop\pariž2014
2014-10-23 17:24 - 2014-10-23 17:24 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-10-23 17:24 - 2014-10-23 17:24 - 00000000 ____D () C:\windows\system32\NV
2014-10-23 16:34 - 2014-10-16 17:54 - 00072904 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2014-10-23 16:34 - 2014-10-16 17:54 - 00060560 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 06883136 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 03533632 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 02559808 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 01089736 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 00933064 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2014-10-23 16:34 - 2014-10-16 15:11 - 00623936 _____ (NVIDIA Corporation) C:\windows\SysWOW64\oemdspif.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 00384200 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 00067072 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 00061640 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2014-10-23 16:34 - 2014-10-15 01:48 - 04047877 _____ () C:\windows\system32\nvcoproc.bin
2014-10-23 16:32 - 2014-10-16 17:54 - 31890064 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 24555840 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 20968040 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 20922696 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 19966856 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 18499648 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 17260864 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 16886168 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 14029400 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 13942368 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 13190288 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-10-23 16:32 - 2014-10-16 17:54 - 11395672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 11333848 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 04289856 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 04009672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 03237528 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 02849224 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434448.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434448.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00987008 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00962376 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00931984 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00921928 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00895176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00870112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00352016 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00303600 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00174856 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00156840 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00030408 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-10-23 16:32 - 2014-10-16 17:54 - 00027024 _____ () C:\windows\system32\nvinfo.pb
2014-10-20 17:03 - 2014-10-20 17:03 - 00086648 _____ () C:\Users\Tom\Downloads\LFS-0.6B-Unlocker-&-IP-Patch.rar
2014-10-20 15:20 - 2014-10-20 15:21 - 04965896 _____ (Piriform Ltd) C:\Users\Tom\Downloads\ccsetup418.exe
2014-10-16 12:57 - 2014-10-16 12:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 07:18 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 07:18 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 07:17 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 07:17 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 07:17 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 07:17 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 07:17 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 07:17 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 07:17 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 07:17 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 07:17 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 07:17 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 07:17 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 07:17 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 07:17 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 07:17 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 07:17 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 07:17 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 07:17 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 07:17 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 07:17 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 07:17 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 07:17 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 07:17 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 07:17 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 07:17 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 07:17 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 07:17 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 07:17 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 07:17 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 07:17 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 07:17 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:17 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 07:17 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 07:17 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:17 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 07:17 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 07:17 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 07:17 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:17 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 07:17 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:17 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 07:17 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 07:17 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 07:17 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 07:17 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 07:17 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 07:17 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 07:17 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 07:17 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 07:17 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 07:17 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:17 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 07:17 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 07:17 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 07:17 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:17 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 07:17 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 07:17 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 07:17 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 07:17 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 07:17 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-15 07:17 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-10-15 07:17 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-10-15 07:17 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-10-15 07:17 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2014-10-15 07:17 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2014-10-15 07:17 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2014-10-15 07:17 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2014-10-15 07:17 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2014-10-15 07:17 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2014-10-15 07:17 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2014-10-15 07:17 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-10-15 07:17 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-10-15 07:17 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-10-15 07:17 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-10-15 07:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-10-15 07:17 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-10-15 07:17 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-10-15 07:17 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-10-15 07:17 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-10-15 07:17 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-10-15 07:17 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-10-15 07:17 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-10-15 07:17 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-10-15 07:17 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-10-15 07:17 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-10-15 07:17 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-10-15 07:17 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:17 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:17 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-10-15 07:17 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-10-15 07:17 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-10-15 07:17 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-15 07:17 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-10-15 07:17 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-10-15 07:15 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 07:15 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 07:15 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 07:15 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 07:15 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 07:15 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 07:15 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 07:15 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 07:15 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 07:15 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 07:15 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 07:15 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 07:15 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 07:15 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 07:15 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-13 18:40 - 2014-10-13 18:40 - 01222144 _____ () C:\Users\Tom\Downloads\RSITx64.exe
2014-10-06 13:57 - 2014-10-06 13:57 - 00000546 _____ () C:\Users\Tom\Desktop\LFS – zástupce.lnk
2014-10-01 10:32 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-01 10:32 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-30 14:36 - 2014-10-20 15:30 - 00000000 ____D () C:\Users\Tom\AppData\Local\Ubisoft Game Launcher
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-30 19:10 - 2013-10-12 14:19 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 18:13 - 2012-05-19 11:33 - 01465832 _____ () C:\windows\WindowsUpdate.log
2014-10-30 18:13 - 2009-07-14 05:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-30 18:13 - 2009-07-14 05:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-30 18:06 - 2014-08-02 13:51 - 00034157 _____ () C:\windows\setupact.log
2014-10-30 18:06 - 2012-05-19 12:36 - 00149816 _____ () C:\windows\system32\fastboot.set
2014-10-30 18:06 - 2012-05-19 12:29 - 00000000 ____D () C:\ProgramData\VeriFace
2014-10-30 18:05 - 2013-10-12 14:19 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 18:05 - 2012-08-28 08:10 - 03732794 _____ () C:\FaceProv.log
2014-10-30 18:05 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-30 12:09 - 2013-03-24 15:38 - 00000000 ____D () C:\Users\Tom\Desktop\Složky z plochy
2014-10-30 11:16 - 2013-08-30 22:13 - 00000000 ____D () C:\Program Files\trend micro
2014-10-30 09:14 - 2012-05-19 03:13 - 00669070 _____ () C:\windows\system32\perfh005.dat
2014-10-30 09:14 - 2012-05-19 03:13 - 00141696 _____ () C:\windows\system32\perfc005.dat
2014-10-30 09:14 - 2009-07-14 06:13 - 01584368 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-29 10:11 - 2012-05-19 12:36 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-29 09:58 - 2013-09-06 19:47 - 00000000 ____D () C:\Users\Tom\Desktop\LG-P970
2014-10-29 09:56 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-10-27 19:57 - 2012-09-17 20:01 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\vlc
2014-10-25 10:39 - 2013-01-25 16:32 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Audacity
2014-10-25 09:19 - 2013-09-19 20:24 - 00001221 _____ () C:\Users\Tom\Downloads\CoreTemp.ini
2014-10-23 17:24 - 2012-05-19 11:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-23 16:34 - 2012-05-19 11:46 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-23 16:34 - 2012-05-19 11:46 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-23 16:34 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Help
2014-10-23 16:33 - 2012-05-19 11:46 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-20 15:33 - 2012-05-19 11:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-20 15:24 - 2012-09-07 08:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-20 13:05 - 2012-05-19 12:35 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 13:05 - 2012-05-19 12:35 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 10:10 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-15 21:46 - 2009-07-14 05:45 - 00380064 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-15 21:44 - 2014-04-30 06:36 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-15 21:44 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-10-15 21:44 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2014-10-15 19:48 - 2013-07-20 23:41 - 00000000 ____D () C:\windows\system32\MRT
2014-10-15 19:42 - 2012-08-29 10:51 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-13 14:15 - 2014-07-04 18:28 - 00000278 _____ () C:\Users\Tom\Desktop\firethigt.txt
2014-10-11 09:55 - 2012-08-29 11:40 - 00000000 ____D () C:\Users\Tom\Documents\Youcam
2014-10-04 22:01 - 2014-05-30 19:39 - 00000000 ____D () C:\Users\Tom\Desktop\kdo přežije
2014-10-02 14:53 - 2010-11-21 04:27 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Tom\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tom\Desktop" je 76005 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
C:\windows\inf\ntvdm.vbe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Tom (administrator) on TOMES-PC on 30-10-2014 19:29:00
Running from C:\Users\Tom\Desktop
Loaded Profile: Tom (Available profiles: Tom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Users\Tom\Downloads\Core Temp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-24] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2012-05-19] (Lenovo)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-05-19] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2012-05-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-05-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-05-19] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\Run: [QIP2005] => C:\Program Files (x86)\QIP\qip.exe [3330560 2010-10-29] (The Author of QIP)
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {8609fcba-f0df-11e1-9295-c01885f051f1} - G:\autorun.exe
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {86af0d3d-07de-11e3-ab6e-c01885f051f1} - I:\LaunchU3.exe -a
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {e43abdfa-ad06-11e2-9267-c01885f051f1} - H:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156840 2014-10-16] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: 192.168.2.2:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=i ... lz=1I7LENN
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\x4w1knen.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\x4w1knen.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-28]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-08-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/", "hxxp://google.cz/"
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-29]
CHR Extension: (Převod měn) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2014-08-29]
CHR Extension: (Peněženka Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [970016 2011-05-12] (Broadcom Corporation.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2014-04-17] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) [File not signed]
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-13] (Broadcom Corporation.)
R3 DelayMan; C:\Windows\System32\DRIVERS\delayman.sys [20064 2012-05-19] (Ensurebit Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R1 winioex; C:\Windows\System32\drivers\winioex.sys [15456 2012-05-19] (Ensurebit Inc.)
R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-30 19:29 - 2014-10-30 19:29 - 00018140 _____ () C:\Users\Tom\Desktop\FRST.txt
2014-10-30 19:28 - 2014-10-30 19:29 - 00000000 ____D () C:\FRST
2014-10-30 19:23 - 2014-10-30 19:24 - 00112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2014-10-30 19:23 - 2014-10-30 19:23 - 02113536 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2014-10-30 18:05 - 2014-10-30 18:05 - 00000314 _____ () C:\windows\PFRO.log
2014-10-30 18:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-10-30 18:02 - 2014-10-30 18:04 - 00000000 ____D () C:\AdwCleaner
2014-10-30 18:01 - 2014-10-30 18:01 - 01375089 _____ () C:\Users\Tom\Desktop\adwcleaner_3.311.exe
2014-10-30 11:16 - 2014-10-30 11:16 - 00000000 ____D () C:\rsit
2014-10-29 14:53 - 2014-10-29 14:53 - 00000000 ____D () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_video
2014-10-29 14:53 - 2014-10-29 14:53 - 00000000 ____D () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_II
2014-10-29 14:53 - 2014-10-29 14:53 - 00000000 ____D () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_I
2014-10-29 14:40 - 2014-10-29 14:47 - 89643911 _____ () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_I.7z
2014-10-29 14:40 - 2014-10-29 14:46 - 100578699 _____ () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_II.7z
2014-10-29 14:40 - 2014-10-29 14:44 - 76594182 _____ () C:\Users\Tom\Downloads\Rokytnice_O_H_rijen_2014_video.7z
2014-10-26 14:37 - 2014-10-26 14:37 - 01553408 _____ () C:\Users\Tom\Downloads\Celebrity v mládí.pps
2014-10-25 12:04 - 2014-10-25 12:04 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2014-10-24 19:37 - 2014-10-24 20:12 - 00000000 ____D () C:\Users\Tom\Desktop\pariž2014
2014-10-23 17:24 - 2014-10-23 17:24 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-10-23 17:24 - 2014-10-23 17:24 - 00000000 ____D () C:\windows\system32\NV
2014-10-23 16:34 - 2014-10-16 17:54 - 00072904 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2014-10-23 16:34 - 2014-10-16 17:54 - 00060560 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 06883136 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 03533632 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 02559808 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 01089736 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 00933064 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2014-10-23 16:34 - 2014-10-16 15:11 - 00623936 _____ (NVIDIA Corporation) C:\windows\SysWOW64\oemdspif.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 00384200 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 00067072 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2014-10-23 16:34 - 2014-10-16 15:11 - 00061640 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2014-10-23 16:34 - 2014-10-15 01:48 - 04047877 _____ () C:\windows\system32\nvcoproc.bin
2014-10-23 16:32 - 2014-10-16 17:54 - 31890064 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 24555840 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 20968040 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 20922696 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 19966856 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 18499648 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 17260864 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 16886168 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 14029400 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 13942368 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 13190288 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-10-23 16:32 - 2014-10-16 17:54 - 11395672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 11333848 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 04289856 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 04009672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 03237528 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 02849224 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434448.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434448.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00987008 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00962376 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00931984 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00921928 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00895176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00870112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00352016 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00303600 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00174856 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00156840 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2014-10-23 16:32 - 2014-10-16 17:54 - 00030408 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-10-23 16:32 - 2014-10-16 17:54 - 00027024 _____ () C:\windows\system32\nvinfo.pb
2014-10-20 17:03 - 2014-10-20 17:03 - 00086648 _____ () C:\Users\Tom\Downloads\LFS-0.6B-Unlocker-&-IP-Patch.rar
2014-10-20 15:20 - 2014-10-20 15:21 - 04965896 _____ (Piriform Ltd) C:\Users\Tom\Downloads\ccsetup418.exe
2014-10-16 12:57 - 2014-10-16 12:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 07:18 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-15 07:18 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-15 07:18 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-15 07:17 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-15 07:17 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-15 07:17 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-15 07:17 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-15 07:17 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-15 07:17 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-15 07:17 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-15 07:17 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-15 07:17 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-15 07:17 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-15 07:17 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-15 07:17 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-15 07:17 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-15 07:17 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-15 07:17 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-15 07:17 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-15 07:17 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-15 07:17 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-15 07:17 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-15 07:17 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-15 07:17 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-15 07:17 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-15 07:17 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-15 07:17 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-15 07:17 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-15 07:17 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-15 07:17 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-15 07:17 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-15 07:17 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-15 07:17 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:17 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-15 07:17 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-15 07:17 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:17 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-15 07:17 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-15 07:17 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-15 07:17 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:17 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-15 07:17 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:17 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-15 07:17 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-15 07:17 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-15 07:17 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-15 07:17 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-15 07:17 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-15 07:17 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-15 07:17 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-15 07:17 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-15 07:17 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-15 07:17 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:17 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-15 07:17 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-15 07:17 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-15 07:17 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:17 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-15 07:17 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-15 07:17 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-15 07:17 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-15 07:17 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-15 07:17 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-15 07:17 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-10-15 07:17 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-10-15 07:17 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-10-15 07:17 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2014-10-15 07:17 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2014-10-15 07:17 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2014-10-15 07:17 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2014-10-15 07:17 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2014-10-15 07:17 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2014-10-15 07:17 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2014-10-15 07:17 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-10-15 07:17 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-10-15 07:17 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-10-15 07:17 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-10-15 07:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-10-15 07:17 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-10-15 07:17 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-10-15 07:17 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-10-15 07:17 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-10-15 07:17 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-10-15 07:17 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-10-15 07:17 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-10-15 07:17 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-10-15 07:17 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-10-15 07:17 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2014-10-15 07:17 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2014-10-15 07:17 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2014-10-15 07:17 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-10-15 07:17 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:17 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:17 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-10-15 07:17 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-10-15 07:17 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-10-15 07:17 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-15 07:17 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-10-15 07:17 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-10-15 07:15 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-15 07:15 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-15 07:15 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-15 07:15 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 07:15 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-15 07:15 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-15 07:15 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 07:15 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 07:15 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-15 07:15 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-15 07:15 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-15 07:15 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-15 07:15 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-15 07:15 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-15 07:15 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-15 07:15 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-13 18:40 - 2014-10-13 18:40 - 01222144 _____ () C:\Users\Tom\Downloads\RSITx64.exe
2014-10-06 13:57 - 2014-10-06 13:57 - 00000546 _____ () C:\Users\Tom\Desktop\LFS – zástupce.lnk
2014-10-01 10:32 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-01 10:32 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-30 14:36 - 2014-10-20 15:30 - 00000000 ____D () C:\Users\Tom\AppData\Local\Ubisoft Game Launcher
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-30 19:10 - 2013-10-12 14:19 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 18:13 - 2012-05-19 11:33 - 01465832 _____ () C:\windows\WindowsUpdate.log
2014-10-30 18:13 - 2009-07-14 05:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-30 18:13 - 2009-07-14 05:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-30 18:06 - 2014-08-02 13:51 - 00034157 _____ () C:\windows\setupact.log
2014-10-30 18:06 - 2012-05-19 12:36 - 00149816 _____ () C:\windows\system32\fastboot.set
2014-10-30 18:06 - 2012-05-19 12:29 - 00000000 ____D () C:\ProgramData\VeriFace
2014-10-30 18:05 - 2013-10-12 14:19 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 18:05 - 2012-08-28 08:10 - 03732794 _____ () C:\FaceProv.log
2014-10-30 18:05 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-30 12:09 - 2013-03-24 15:38 - 00000000 ____D () C:\Users\Tom\Desktop\Složky z plochy
2014-10-30 11:16 - 2013-08-30 22:13 - 00000000 ____D () C:\Program Files\trend micro
2014-10-30 09:14 - 2012-05-19 03:13 - 00669070 _____ () C:\windows\system32\perfh005.dat
2014-10-30 09:14 - 2012-05-19 03:13 - 00141696 _____ () C:\windows\system32\perfc005.dat
2014-10-30 09:14 - 2009-07-14 06:13 - 01584368 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-29 10:11 - 2012-05-19 12:36 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-29 09:58 - 2013-09-06 19:47 - 00000000 ____D () C:\Users\Tom\Desktop\LG-P970
2014-10-29 09:56 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-10-27 19:57 - 2012-09-17 20:01 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\vlc
2014-10-25 10:39 - 2013-01-25 16:32 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Audacity
2014-10-25 09:19 - 2013-09-19 20:24 - 00001221 _____ () C:\Users\Tom\Downloads\CoreTemp.ini
2014-10-23 17:24 - 2012-05-19 11:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-23 16:34 - 2012-05-19 11:46 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-10-23 16:34 - 2012-05-19 11:46 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-23 16:34 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Help
2014-10-23 16:33 - 2012-05-19 11:46 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-20 15:33 - 2012-05-19 11:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-20 15:24 - 2012-09-07 08:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-20 13:05 - 2012-05-19 12:35 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 13:05 - 2012-05-19 12:35 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 10:10 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-15 21:46 - 2009-07-14 05:45 - 00380064 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-15 21:44 - 2014-04-30 06:36 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-15 21:44 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-10-15 21:44 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2014-10-15 19:48 - 2013-07-20 23:41 - 00000000 ____D () C:\windows\system32\MRT
2014-10-15 19:42 - 2012-08-29 10:51 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-13 14:15 - 2014-07-04 18:28 - 00000278 _____ () C:\Users\Tom\Desktop\firethigt.txt
2014-10-11 09:55 - 2012-08-29 11:40 - 00000000 ____D () C:\Users\Tom\Documents\Youcam
2014-10-04 22:01 - 2014-05-30 19:39 - 00000000 ____D () C:\Users\Tom\Desktop\kdo přežije
2014-10-02 14:53 - 2010-11-21 04:27 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Tom\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tom\Desktop" je 76005 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
C:\windows\inf\ntvdm.vbe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (9.44 KiB) Staženo 38 x
Re: Preventivka
Pokud mate legalni ESET NOD32 Antivirus, trvale vypnete Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7 Snizte velikost adresare C:\Users\Tom\Desktop. Velikost plochy by nemela presahovat 200 MB, protoze pak se znacne snizuje rychlost startu PC. - Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {8609fcba-f0df-11e1-9295-c01885f051f1} - G:\autorun.exe HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {86af0d3d-07de-11e3-ab6e-c01885f051f1} - I:\LaunchU3.exe -a HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {e43abdfa-ad06-11e2-9267-c01885f051f1} - H:\HTC_Sync_Manager_PC.exe Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] S3 Andbus; system32\DRIVERS\lgandbus64.sys [X] S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X] S3 AndGps; system32\DRIVERS\lgandgps64.sys [X] S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X] S3 andnetadb; System32\Drivers\lgandnetadb.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X] U3 BcmSqlStartupSvc; No ImagePath U2 CLKMSVC10_3A60B698; No ImagePath U2 CLKMSVC10_C3B3B687; No ImagePath U2 DriverService; No ImagePath U2 iATAgentService; No ImagePath U2 idealife Update Service; No ImagePath U3 IGRS; No ImagePath U2 IviRegMgr; No ImagePath U2 Oasis2Service; No ImagePath U2 PCCarerService; No ImagePath U2 ReadyComm.DirectRouter; No ImagePath U2 RichVideo; No ImagePath U2 RtLedService; No ImagePath U2 SeaPort; No ImagePath U2 SoftwareService; No ImagePath U3 SQLWriter; No ImagePath Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f C:\windows\inf\ntvdm.vbe Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2014
Jo o té ploše vím
Snažím se to umravnit, mám vcelku blbě rozdělené oddíly, ale poperu se s tím.
Log mi po restartu nevyskočil, ale na ploše jsem ho našel
Ran by Tom at 2014-10-31 13:06:59 Run:1
Running from C:\Users\Tom\Desktop
Loaded Profile: Tom (Available profiles: Tom)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {8609fcba-f0df-11e1-9295-c01885f051f1} - G:\autorun.exe
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {86af0d3d-07de-11e3-ab6e-c01885f051f1} - I:\LaunchU3.exe -a
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {e43abdfa-ad06-11e2-9267-c01885f051f1} - H:\HTC_Sync_Manager_PC.exe
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f
C:\windows\inf\ntvdm.vbe
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdatePRCShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
"HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8609fcba-f0df-11e1-9295-c01885f051f1}" => Key deleted successfully.
"HKCR\CLSID\{8609fcba-f0df-11e1-9295-c01885f051f1}" => Key not found.
"HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86af0d3d-07de-11e3-ab6e-c01885f051f1}" => Key deleted successfully.
"HKCR\CLSID\{86af0d3d-07de-11e3-ab6e-c01885f051f1}" => Key not found.
"HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e43abdfa-ad06-11e2-9267-c01885f051f1}" => Key deleted successfully.
"HKCR\CLSID\{e43abdfa-ad06-11e2-9267-c01885f051f1}" => Key not found.
"HKCR\PROTOCOLS\Filter\text/xml" => Key deleted successfully.
"HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
ALSysIO => Service stopped successfully.
ALSysIO => Service deleted successfully.
Andbus => Service deleted successfully.
AndDiag => Service deleted successfully.
AndGps => Service deleted successfully.
ANDModem => Service deleted successfully.
andnetadb => Service deleted successfully.
ANDNetModem => Service deleted successfully.
BcmSqlStartupSvc => Service deleted successfully.
CLKMSVC10_3A60B698 => Service deleted successfully.
CLKMSVC10_C3B3B687 => Service deleted successfully.
DriverService => Service deleted successfully.
iATAgentService => Service deleted successfully.
idealife Update Service => Service deleted successfully.
IGRS => Service deleted successfully.
IviRegMgr => Service deleted successfully.
Oasis2Service => Service deleted successfully.
PCCarerService => Service deleted successfully.
ReadyComm.DirectRouter => Service deleted successfully.
RichVideo => Service deleted successfully.
RtLedService => Service deleted successfully.
SeaPort => Service deleted successfully.
SoftwareService => Service deleted successfully.
SQLWriter => Service deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\windows\inf\ntvdm.vbe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 991.9 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Jo o té ploše vím
Snažím se to umravnit, mám vcelku blbě rozdělené oddíly, ale poperu se s tím. Log mi po restartu nevyskočil, ale na ploše jsem ho našel
Ran by Tom at 2014-10-31 13:06:59 Run:1
Running from C:\Users\Tom\Desktop
Loaded Profile: Tom (Available profiles: Tom)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {8609fcba-f0df-11e1-9295-c01885f051f1} - G:\autorun.exe
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {86af0d3d-07de-11e3-ab6e-c01885f051f1} - I:\LaunchU3.exe -a
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\MountPoints2: {e43abdfa-ad06-11e2-9267-c01885f051f1} - H:\HTC_Sync_Manager_PC.exe
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
R3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f
C:\windows\inf\ntvdm.vbe
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdatePRCShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
"HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8609fcba-f0df-11e1-9295-c01885f051f1}" => Key deleted successfully.
"HKCR\CLSID\{8609fcba-f0df-11e1-9295-c01885f051f1}" => Key not found.
"HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86af0d3d-07de-11e3-ab6e-c01885f051f1}" => Key deleted successfully.
"HKCR\CLSID\{86af0d3d-07de-11e3-ab6e-c01885f051f1}" => Key not found.
"HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e43abdfa-ad06-11e2-9267-c01885f051f1}" => Key deleted successfully.
"HKCR\CLSID\{e43abdfa-ad06-11e2-9267-c01885f051f1}" => Key not found.
"HKCR\PROTOCOLS\Filter\text/xml" => Key deleted successfully.
"HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
ALSysIO => Service stopped successfully.
ALSysIO => Service deleted successfully.
Andbus => Service deleted successfully.
AndDiag => Service deleted successfully.
AndGps => Service deleted successfully.
ANDModem => Service deleted successfully.
andnetadb => Service deleted successfully.
ANDNetModem => Service deleted successfully.
BcmSqlStartupSvc => Service deleted successfully.
CLKMSVC10_3A60B698 => Service deleted successfully.
CLKMSVC10_C3B3B687 => Service deleted successfully.
DriverService => Service deleted successfully.
iATAgentService => Service deleted successfully.
idealife Update Service => Service deleted successfully.
IGRS => Service deleted successfully.
IviRegMgr => Service deleted successfully.
Oasis2Service => Service deleted successfully.
PCCarerService => Service deleted successfully.
ReadyComm.DirectRouter => Service deleted successfully.
RichVideo => Service deleted successfully.
RtLedService => Service deleted successfully.
SeaPort => Service deleted successfully.
SoftwareService => Service deleted successfully.
SQLWriter => Service deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\windows\inf\ntvdm.vbe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 991.9 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: Preventivka
Takze jeste uklidime.
Vlakno nechame jeste nejakou dobu otevrene, kdyby se problemy vratily.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Vlakno nechame jeste nejakou dobu otevrene, kdyby se problemy vratily.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka
# DelFix v10.8 - Logfile created 31/10/2014 at 21:28:02
# Updated 29/07/2014 by Xplode
# Username : Tom - TOMES-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Tom\Desktop\adwcleaner_3.311.exe
Deleted : C:\Users\Tom\Desktop\Fixlog.txt
Deleted : C:\Users\Tom\Desktop\FRST64.exe
Deleted : C:\Users\Tom\Desktop\FRSTLauncher.exe
Deleted : C:\Users\Tom\Downloads\RSITx64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
########## - EOF - ##########
Díky, problemy nejsou. Na ploše mi ještě zustal soubor LM.bat, mužu také odstranit?
# Updated 29/07/2014 by Xplode
# Username : Tom - TOMES-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Tom\Desktop\adwcleaner_3.311.exe
Deleted : C:\Users\Tom\Desktop\Fixlog.txt
Deleted : C:\Users\Tom\Desktop\FRST64.exe
Deleted : C:\Users\Tom\Desktop\FRSTLauncher.exe
Deleted : C:\Users\Tom\Downloads\RSITx64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
########## - EOF - ##########
Díky, problemy nejsou. Na ploše mi ještě zustal soubor LM.bat, mužu také odstranit?
Re: Preventivka
Ano, LM.bat i tento log muzete smazat.
Muzeme tema povazovat za vyresene a uzamknout? V pripade, ze se problemy vrati, napiste nekteremu z moderatoru e-mail s zadosti o znovuotevreni.
Muzeme tema povazovat za vyresene a uzamknout? V pripade, ze se problemy vrati, napiste nekteremu z moderatoru e-mail s zadosti o znovuotevreni.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka
Ano všechno, děkuji vám moc 
mužem zamknout
mužem zamknout Re: Preventivka
Nemate zac, rad jsem pomohl 
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?