Přátelé, kamarádi, jsem naprostej nepolíbenej panic (teda co se virů, spyware a malware týče). Povedlo se mi zatáhnout si do noťasu nějakou potvoru jménem Radio Canyon. Zpomaluje to počítač a ve Firefoxu to generuje pop upy reklamy. V Exploreru zatím dobrý. Žádným prográmkem jsem tu svini zatím pryč nedostal. Zkoušel jsem Spybot, Eset detector a Spyware terminator. Nenašli nic. Pomůžete mi, než se zblázním a laptop roztřískám na kousky a vrátím se k abaku?
Díky za váš čas
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Promiňte, že obtěžuju, ale můj noťas a já máme problém
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
Zdravim 
Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786 a zkusime s tim neco udelat
Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786 a zkusime s tim neco udelat
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
Děkuji moc za ochotu, tady to je:
info.txt logfile of random's system information tool 1.10 2014-11-08 11:51:51
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A283DB1AE2D2D802021000736061B00080000004006000036071B07EFFFFF0048060000D09E0B000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
-->C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 15 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.09) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
AnyBurn-->"C:\Program Files\AnyBurn\uninstall.exe"
Ashampoo Burning Studio 6 FREE v.6.80-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Google Chrome-->"C:\Program Files\Google\Chrome\Application\38.0.2125.111\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) TV Wizard-->C:\Windows\system32\TVWizudlg.exe -uninstall
IrfanView (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
Java 7 Update 71-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217071FF}
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
K-Lite Codec Pack 10.8.0 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lenovo Power Management Driver-->RunDll32.exe tpinspm.dll,Uninstall
Lenovo System Interface Driver-->RunDll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NTx86 130 C:\Program Files\Lenovo\SMIIF\lnvsmi.inf
Lenovo System Update-->MsiExec.exe /X{25C64847-B900-48AD-A164-1B4F9B774650}
LibreOffice 4.3.2.2-->MsiExec.exe /I{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}
Metric Collection SDK-->MsiExec.exe /X{DDAA788F-52E6-44EA-ADB8-92837B11BF26}
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}
Microsoft Security Client-->MsiExec.exe /X{107F27B7-8EE4-4B3A-9CE5-497B120369DC}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Mozilla Firefox 33.0.3 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
On Screen Display-->rundll32.exe "C:\Program Files\Lenovo\HOTKEY\cleanup.dll",InfUninstallEx DefaultUninstall.LH C:\Program Files\Lenovo\HOTKEY\tphk_tp.inf
Optimizer Pro v3.2-->"C:\Program Files\Optimizer Pro\unins000.exe" /VERYSILENT
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {1531A92E-2552-384F-B942-06A5D18DFA13}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {054F96E9-E89B-3DDB-AA70-A65194B921B4}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {CBD8D84A-257A-3A60-9819-5DF166F9CD25}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {4DC3F78D-5CCF-37B9-9A05-EDDC456F4F20}
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {1863F765-CBE8-3EB3-B434-CA6B6DF2561E}
Settings Manager-->C:\Program Files\Settings Manager\smdmf\Uninstall.exe /browser=all
Skype™ 6.21-->MsiExec.exe /X{1845470B-EB14-4ABC-835B-E36C693DC07D}
SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0009 -removeonly
Spyware Terminator 2012-->"C:\Program Files\Spyware Terminator\unins000.exe"
ThinkPad FullScreen Magnifier-->rundll32.exe "C:\Program Files\Lenovo\ZOOM\cleanup.dll",InfUninstall DefaultUninstall 132 C:\Program Files\Lenovo\Zoom\TpScrex.inf
ThinkPad UltraNav Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ThinkPad UltraNav Utility-->"C:\Program Files\InstallShield Installation Information\{17CBC505-D1AE-459D-B445-3D2000A85842}\setup.exe" -runfromtemp -l0x0009 /zUNINSTALL -removeonly
ThinkVantage Fingerprint Software-->MsiExec.exe /I{479016BF-5B8D-445F-BE15-A187F25D81C8}
VLC media player-->C:\Program Files\VideoLAN\VLC\uninstall.exe
======System event log======
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 10041
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.664602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Media Center.
Record Number: 10040
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.644602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Key Management Service.
Record Number: 10039
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.624602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Internet Explorer.
Record Number: 10038
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.594602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 10037
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.544602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
=====Application event log=====
Computer Name: Lenovo-PC
Event Code: 753
Message: Služba Modul blokového zálohování byla úspěšně spuštěna.
Record Number: 2515
Source Name: Microsoft-Windows-Backup
Time Written: 20141105223507.143832-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Lenovo-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 2514
Source Name: Microsoft-Windows-Winlogon
Time Written: 20141105222039.000000-000
Event Type: Informace
User:
Computer Name: Lenovo-PC
Event Code: 4101
Message: Byla ověřena platnost licence systému Windows.
Record Number: 2513
Source Name: Microsoft-Windows-Winlogon
Time Written: 20141105222039.000000-000
Event Type: Informace
User:
Computer Name: Lenovo-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 2512
Source Name: Microsoft-Windows-Winlogon
Time Written: 20141105222035.000000-000
Event Type: Informace
User:
Computer Name: Lenovo-PC
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 2511
Source Name: Desktop Window Manager
Time Written: 20141105222035.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Lenovo-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENOVO-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 2
Nové přihlášení:
ID zabezpečení: S-1-5-21-2460066736-3750192466-2843583314-1001
Název účtu: Lenovo
Doména účtu: Lenovo-PC
ID přihlášení: 0x2eb43b
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1710
Název procesu: C:\Windows\System32\winlogon.exe
Informace o síti:
Název pracovní stanice: LENOVO-PC
Adresa zdrojové sítě 127.0.0.1
Zdrojový port: 0
Podrobné informace o ověření:
Proces přihlášení: User32
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3682
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141105222039.341779-000
Event Type: Úspěšný audit
User:
Computer Name: Lenovo-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENOVO-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 2
Nové přihlášení:
ID zabezpečení: S-1-5-21-2460066736-3750192466-2843583314-1001
Název účtu: Lenovo
Doména účtu: Lenovo-PC
ID přihlášení: 0x2eb423
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1710
Název procesu: C:\Windows\System32\winlogon.exe
Informace o síti:
Název pracovní stanice: LENOVO-PC
Adresa zdrojové sítě 127.0.0.1
Zdrojový port: 0
Podrobné informace o ověření:
Proces přihlášení: User32
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3681
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141105222039.341779-000
Event Type: Úspěšný audit
User:
Computer Name: Lenovo-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENOVO-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: Lenovo
Doména účtu: Lenovo-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: localhost
Další informace: localhost
Informace o procesu:
ID procesu: 0x1710
Název procesu: C:\Windows\System32\winlogon.exe
Informace o síti:
Síťová adresa: 127.0.0.1
Port: 0
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 3680
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141105222039.341779-000
Event Type: Úspěšný audit
User:
Computer Name: Lenovo-PC
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:
Předmět:
ID zabezpečení: S-1-5-21-2460066736-3750192466-2843583314-1001
Název účtu: Lenovo
Doména účtu: Lenovo-PC
ID přihlášení: 0x19a16
Tato událost je generována, pokud je spuštěno odhlášení. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 3679
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141105222035.067371-000
Event Type: Úspěšný audit
User:
Computer Name: Lenovo-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2460066736-3750192466-2843583314-1001
Název účtu: Lenovo
Název domény: Lenovo-PC
ID přihlášení: 0x199ad
Record Number: 3678
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.434602-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%systemroot%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"configsetroot"=%SystemRoot%\ConfigSetRoot
"TVT"=C:\Program Files\Lenovo
"TSMPATH"=C:\Program Files\ThinkPad\UltraNav Utility
"TFS_DIR"=C:\Program Files\ThinkVantage Fingerprint Software\
-----------------EOF-----------------
a
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2014-11-08 11:51:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 62 GB (65%) free of 95 GB
Total RAM: 2022 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:51:46, on 8.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Lenovo\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Lenovo\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WUGTFZ7L\RSIT.exe
C:\Program Files\trend micro\Lenovo.exe
C:\Windows\eHome\EhTray.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SmdmF Service (SmdmFService) - Unknown owner - C:\Program Files\Settings Manager\smdmf\SmdmFService.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
--
End of file - 6570 bytes
======Scheduled tasks folder======
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default\extensions\
1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default\searchplugins\
bing.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-21 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2011-09-21 55624]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-11-04 3681656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-10-01 22058080]
"Pokki"=C:\Users\Lenovo\AppData\Local\Pokki\Engine\Launcher.dll [2013-12-05 1271064]
"Web Companion"=C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2011-09-21 100680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-08 11:51:35 ----D---- C:\rsit
2014-11-08 11:51:35 ----D---- C:\Program Files\trend micro
2014-11-08 00:06:32 ----SHD---- C:\Config.Msi
2014-11-08 00:01:43 ----D---- C:\Users\Lenovo\AppData\Roaming\LavasoftStatistics
2014-11-08 00:01:02 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-08 00:01:02 ----A---- C:\Windows\system32\LavasoftTcpService.ini
2014-11-08 00:00:44 ----A---- C:\Windows\system32\LavasoftTcpService.dll
2014-11-07 23:54:21 ----D---- C:\ProgramData\Lavasoft
2014-11-07 22:48:59 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2014-11-07 22:48:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Spyware Terminator
2014-11-07 22:48:56 ----D---- C:\ProgramData\Spyware Terminator
2014-11-07 22:48:22 ----D---- C:\Program Files\Spyware Terminator
2014-11-07 13:20:55 ----D---- C:\Program Files\Mozilla Firefox
2014-11-06 16:49:17 ----D---- C:\Program Files\ESET
2014-11-06 11:56:11 ----A---- C:\Windows\wininit.ini
2014-11-05 23:17:22 ----D---- C:\Windows\ERUNT
2014-11-05 22:56:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-11-05 22:56:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-11-05 21:55:00 ----D---- C:\Users\Lenovo\AppData\Roaming\FirefoxToolbar
2014-11-05 21:54:43 ----D---- C:\Program Files\Settings Manager
2014-11-05 21:54:33 ----D---- C:\ProgramData\smdmf
2014-11-05 21:50:33 ----D---- C:\Users\Lenovo\AppData\Roaming\AVG
2014-11-05 21:50:09 ----D---- C:\ProgramData\AVG
2014-11-05 21:49:54 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-11-05 21:49:53 ----HD---- C:\ProgramData\Common Files
2014-11-05 21:40:13 ----D---- C:\Users\Lenovo\AppData\Roaming\RVLGames
2014-11-05 16:37:18 ----D---- C:\Users\Lenovo\AppData\Roaming\DominiGames
2014-11-04 20:17:23 ----D---- C:\Users\Lenovo\AppData\Roaming\TOMI3
2014-11-04 16:20:32 ----D---- C:\Users\Lenovo\AppData\Roaming\GO Games
2014-11-04 14:33:58 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-11-04 14:26:26 ----D---- C:\Users\Lenovo\AppData\Roaming\GirlsWithSecretsAdventure
2014-11-04 14:26:23 ----D---- C:\Users\Lenovo\AppData\Roaming\Tape_Worm
2014-11-04 14:26:17 ----D---- C:\Users\Lenovo\AppData\Roaming\ToomkyGames.com
2014-11-04 13:22:11 ----D---- C:\Program Files\ToomkyGames.com
2014-11-04 13:06:20 ----D---- C:\ProgramData\Norton
2014-11-04 13:06:15 ----D---- C:\ProgramData\NortonInstaller
2014-11-04 13:04:12 ----HDC---- C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
2014-10-30 19:50:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Awem
2014-10-28 20:03:50 ----AS---- C:\Windows\system32\lcpmnctufjvj.exe
2014-10-28 20:03:50 ----AS---- C:\Windows\system32\dcgmnctufjvj.exe
2014-10-28 20:03:49 ----AS---- C:\Windows\system32\acumnctufjvj.exe
2014-10-28 19:54:30 ----AS---- C:\Windows\system32\lcpmncteog.exe
2014-10-28 19:54:30 ----AS---- C:\Windows\system32\dcgmncteog.exe
2014-10-28 19:54:28 ----D---- C:\Windows\system32\bitstreams
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\zlib1.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\ssleay32.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\pthreadVC2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\pthreadGC2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libssh2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\librtmp.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libidn-11.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libeay32.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\acumncteog.exe
2014-10-28 19:54:27 ----AS---- C:\Windows\system32\libcurl-4.dll
2014-10-28 19:54:27 ----AS---- C:\Windows\system32\cudart32_50_35.dll
2014-10-28 12:45:13 ----D---- C:\Users\Lenovo\AppData\Roaming\Orneon
2014-10-28 12:44:17 ----D---- C:\Games
2014-10-27 00:24:37 ----D---- C:\Windows\Minidump
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-26 11:44:18 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-25 20:56:44 ----SD---- C:\Windows\system32\CompatTel
2014-10-25 19:49:15 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-25 19:33:32 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-25 19:33:24 ----A---- C:\Windows\system32\icardres.dll
2014-10-25 19:33:10 ----A---- C:\Windows\system32\icardagt.exe
2014-10-25 19:32:49 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-25 18:50:20 ----D---- C:\Users\Lenovo\AppData\Roaming\anyburn
2014-10-25 18:48:26 ----D---- C:\Program Files\AnyBurn
2014-10-25 18:34:48 ----D---- C:\Users\Lenovo\AppData\Roaming\Opera Software
2014-10-25 18:34:39 ----D---- C:\Program Files\Opera
2014-10-25 16:55:21 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-25 16:55:05 ----A---- C:\Windows\system32\kerberos.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\termsrv.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\schannel.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-25 16:55:03 ----A---- C:\Windows\system32\winsta.dll
2014-10-25 16:55:03 ----A---- C:\Windows\system32\winlogon.exe
2014-10-25 16:55:03 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\wdigest.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\ncrypt.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\msv1_0.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-25 16:55:01 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-25 16:55:01 ----A---- C:\Windows\system32\credssp.dll
2014-10-25 16:52:11 ----A---- C:\Windows\system32\generaltel.dll
2014-10-25 16:52:08 ----A---- C:\Windows\system32\aepdu.dll
2014-10-25 16:52:07 ----A---- C:\Windows\system32\aeinv.dll
2014-10-25 16:51:50 ----A---- C:\Windows\system32\spoolsv.exe
2014-10-25 16:51:47 ----A---- C:\Windows\system32\win32k.sys
2014-10-25 16:51:24 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-25 16:51:20 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-25 16:51:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-25 16:51:20 ----A---- C:\Windows\system32\cdd.dll
2014-10-25 16:48:07 ----A---- C:\Windows\system32\gdi32.dll
2014-10-25 16:47:07 ----A---- C:\Windows\system32\rastls.dll
2014-10-25 16:46:23 ----A---- C:\Windows\system32\qdvd.dll
2014-10-25 16:46:19 ----A---- C:\Windows\system32\osk.exe
2014-10-25 16:45:51 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-25 16:45:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-25 16:45:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-25 16:45:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-25 16:45:49 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\vbscript.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-25 16:45:48 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-25 16:45:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-25 16:45:46 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-25 16:45:45 ----A---- C:\Windows\system32\ieui.dll
2014-10-25 16:45:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-25 16:45:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-25 16:45:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-25 16:45:43 ----A---- C:\Windows\system32\iertutil.dll
2014-10-25 16:45:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-25 16:45:40 ----A---- C:\Windows\system32\jscript9.dll
2014-10-25 16:45:39 ----A---- C:\Windows\system32\mshtml.dll
2014-10-25 16:45:36 ----A---- C:\Windows\system32\iernonce.dll
2014-10-25 16:45:36 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-25 16:45:35 ----A---- C:\Windows\system32\urlmon.dll
2014-10-25 16:45:34 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-25 16:45:34 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-25 16:45:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-25 16:45:31 ----A---- C:\Windows\system32\msrating.dll
2014-10-25 16:45:31 ----A---- C:\Windows\system32\iesetup.dll
2014-10-25 16:45:30 ----A---- C:\Windows\system32\ieframe.dll
2014-10-25 16:41:13 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-25 16:40:49 ----A---- C:\Windows\explorer.exe
2014-10-25 16:40:22 ----A---- C:\Windows\system32\qedit.dll
2014-10-25 16:40:17 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-25 16:35:43 ----A---- C:\Windows\system32\drivers\afd.sys
2014-10-25 16:35:40 ----A---- C:\Windows\system32\mscorier.dll
2014-10-25 16:35:40 ----A---- C:\Windows\system32\dfshim.dll
2014-10-25 16:35:39 ----A---- C:\Windows\system32\mscories.dll
2014-10-25 16:34:40 ----A---- C:\Windows\system32\mstscax.dll
2014-10-25 16:33:14 ----A---- C:\Windows\system32\msi.dll
2014-10-25 16:33:13 ----A---- C:\Windows\system32\msihnd.dll
2014-10-25 16:33:13 ----A---- C:\Windows\system32\consent.exe
2014-10-25 16:33:13 ----A---- C:\Windows\system32\authui.dll
2014-10-25 16:27:54 ----A---- C:\Windows\system32\packager.dll
2014-10-25 16:27:49 ----A---- C:\Windows\system32\shell32.dll
2014-10-25 16:27:39 ----A---- C:\Windows\system32\tzres.dll
2014-10-25 16:27:19 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-24 17:32:34 ----D---- C:\Users\Lenovo\AppData\Roaming\Elephant Games
2014-10-24 17:32:34 ----D---- C:\ProgramData\Elephant Games
2014-10-24 16:05:13 ----D---- C:\Users\Lenovo\AppData\Roaming\vlc
2014-10-24 15:33:41 ----D---- C:\ProgramData\Canneverbe Limited
2014-10-24 15:30:32 ----AD---- C:\ProgramData\TEMP
2014-10-24 15:30:16 ----D---- C:\ProgramData\Big Fish
2014-10-24 15:27:09 ----D---- C:\BigFishCache
2014-10-24 15:26:05 ----D---- C:\Users\Lenovo\AppData\Roaming\Macromedia
2014-10-24 15:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-10-24 15:21:15 ----D---- C:\Windows\system32\Macromed
2014-10-24 14:39:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Ashampoo
2014-10-24 14:15:46 ----D---- C:\Users\Lenovo\AppData\Roaming\MPC-HC
2014-10-24 08:54:00 ----D---- C:\Users\Lenovo\AppData\Roaming\Mozilla
2014-10-23 17:46:08 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2014-10-21 11:08:58 ----D---- C:\Program Files\Microsoft Security Client
2014-10-21 11:08:55 ----D---- C:\Users\Lenovo\AppData\Roaming\Canneverbe Limited
2014-10-21 11:08:07 ----D---- C:\Program Files\LibreOffice 4
2014-10-21 11:06:26 ----D---- C:\Program Files\Common Files\Adobe
2014-10-21 11:06:26 ----D---- C:\Program Files\Adobe
2014-10-21 11:03:10 ----RD---- C:\Program Files\Skype
2014-10-21 11:03:10 ----D---- C:\Program Files\Common Files\Skype
2014-10-21 11:03:07 ----D---- C:\ProgramData\Skype
2014-10-21 11:02:56 ----D---- C:\Program Files\VideoLAN
2014-10-21 11:02:22 ----D---- C:\Program Files\Google
2014-10-21 11:02:19 ----D---- C:\Users\Lenovo\AppData\Roaming\IrfanView
2014-10-21 11:02:18 ----D---- C:\Program Files\IrfanView
2014-10-21 11:02:17 ----D---- C:\Program Files\7-Zip
2014-10-21 11:02:13 ----D---- C:\Program Files\Common Files\Java
2014-10-21 11:02:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wups.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wudriver.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wuapi.dll
2014-10-21 11:00:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-21 11:00:18 ----A---- C:\Windows\system32\wuapp.exe
2014-10-21 11:00:12 ----D---- C:\ProgramData\Mozilla
2014-10-21 11:00:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wups2.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wucltux.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-21 10:49:56 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
2014-10-21 10:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Identities
2014-10-21 10:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Adobe
2014-10-21 10:48:18 ----SHD---- C:\Recovery
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Šablony
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Plocha
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Oblíbené položky
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Nabídka Start
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Dokumenty
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Data aplikací
======List of files/folders modified in the last 1 month======
2014-11-08 11:51:35 ----RD---- C:\Program Files
2014-11-08 11:51:28 ----D---- C:\Windows\Temp
2014-11-08 11:48:52 ----D---- C:\Windows\system32\config
2014-11-08 00:26:52 ----SHD---- C:\System Volume Information
2014-11-08 00:26:52 ----D---- C:\Windows\Logs
2014-11-08 00:08:00 ----SHD---- C:\Windows\Installer
2014-11-08 00:06:53 ----D---- C:\Program Files\Common Files
2014-11-08 00:06:35 ----D---- C:\Windows\system32\drivers
2014-11-08 00:01:02 ----D---- C:\Windows\System32
2014-11-07 23:54:21 ----HD---- C:\ProgramData
2014-11-06 17:15:22 ----D---- C:\Windows\inf
2014-11-06 13:19:37 ----D---- C:\Windows
2014-11-06 11:56:25 ----SD---- C:\ProgramData\Microsoft
2014-11-06 11:17:54 ----D---- C:\Windows\system32\Tasks
2014-11-06 11:15:48 ----D---- C:\Windows\Panther
2014-11-06 11:15:46 ----D---- C:\Windows\debug
2014-11-05 22:10:04 ----D---- C:\Windows\Tasks
2014-11-04 13:05:37 ----D---- C:\Windows\Prefetch
2014-11-03 14:46:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-02 11:04:27 ----D---- C:\Windows\winsxs
2014-11-02 10:57:48 ----D---- C:\Windows\system32\catroot2
2014-11-02 10:57:48 ----D---- C:\Windows\system32\catroot
2014-11-02 09:38:43 ----D---- C:\Windows\rescache
2014-11-02 02:12:08 ----D---- C:\Program Files\Windows Sidebar
2014-11-02 02:12:07 ----D---- C:\Windows\servicing
2014-11-02 02:12:07 ----D---- C:\Windows\en-US
2014-11-02 02:12:07 ----D---- C:\Windows\ehome
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Photo Viewer
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Media Player
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Mail
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Journal
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Defender
2014-11-02 02:12:07 ----D---- C:\Program Files\Common Files\System
2014-11-02 02:12:06 ----D---- C:\Windows\system32\oobe
2014-11-02 02:12:06 ----D---- C:\Windows\system32\migwiz
2014-11-02 02:12:06 ----D---- C:\Windows\system32\en
2014-11-02 02:12:05 ----D---- C:\Windows\system32\sysprep
2014-11-02 02:12:05 ----D---- C:\Windows\system32\slmgr
2014-11-02 02:12:05 ----D---- C:\Windows\system32\sk-SK
2014-11-02 02:12:05 ----D---- C:\Windows\system32\Boot
2014-11-02 02:12:02 ----D---- C:\Windows\system32\en-US
2014-11-02 02:12:02 ----D---- C:\Windows\system32\drivers\en-US
2014-11-02 02:11:56 ----D---- C:\Windows\system32\WCN
2014-11-02 02:11:56 ----D---- C:\Windows\system32\DriverStore
2014-11-02 02:11:56 ----D---- C:\Windows\system32\Dism
2014-11-02 02:11:55 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2014-11-02 02:11:40 ----D---- C:\Windows\Speech
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-26 19:29:29 ----D---- C:\Windows\system32\wdi
2014-10-26 16:23:13 ----D---- C:\Windows\Microsoft.NET
2014-10-26 14:49:15 ----RSD---- C:\Windows\Fonts
2014-10-26 14:28:50 ----RSD---- C:\Windows\assembly
2014-10-25 21:01:49 ----D---- C:\Windows\system32\LogFiles
2014-10-25 20:56:43 ----D---- C:\Windows\system32\cs-CZ
2014-10-25 20:56:40 ----D---- C:\Windows\PolicyDefinitions
2014-10-25 20:56:40 ----D---- C:\Program Files\Internet Explorer
2014-10-25 19:46:05 ----D---- C:\Windows\system32\MRT
2014-10-24 20:20:51 ----D---- C:\Windows\LiveKernelReports
2014-10-21 11:06:26 ----D---- C:\ProgramData\Adobe
2014-10-21 11:05:39 ----D---- C:\Program Files\K-Lite Codec Pack
2014-10-21 11:01:57 ----A---- C:\Windows\system32\javaws.exe
2014-10-21 11:01:57 ----A---- C:\Windows\system32\javaw.exe
2014-10-21 11:01:57 ----A---- C:\Windows\system32\java.exe
2014-10-21 11:01:56 ----D---- C:\Program Files\Java
2014-10-21 10:59:45 ----D---- C:\Windows\SoftwareDistribution
2014-10-21 10:52:08 ----SHD---- C:\$Recycle.Bin
2014-10-21 10:49:56 ----RD---- C:\Users
2014-10-21 10:48:18 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2013-05-22 13680]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 11976]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6232.sys [2011-08-23 231640]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-12-17 45880]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 88832]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SWNC8U01;Sierra Wireless MUX NDIS Driver (UMTS01); C:\Windows\system32\DRIVERS\SWNC8U01.sys [2007-01-12 102144]
R3 SWUMX01;Sierra Wireless USB MUX Driver (UMTS01); C:\Windows\system32\DRIVERS\swumx01.sys [2007-01-12 70656]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 348016]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\smdmf\smdmfmgrc2.cfg []
S1 MpKsla8ec128e;MpKsla8ec128e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D8556EC1-A0AE-48E7-922C-A002C8761ADB}\MpKsla8ec128e.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-25 14848]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-25 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-06-25 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-25 26880]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-12-17 56664]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 116208]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-05-27 125488]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 ca82e1a5;Optimizer Pro Crash Monitor; c:\Program Files\Optimizer Pro\OptProCrash.dll,ENT []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-05-27 110128]
S2 SmdmFService;SmdmF Service; C:\Program Files\Settings Manager\smdmf\SmdmFService.exe []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288]
S3 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-25 1343400]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.10 2014-11-08 11:51:51
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A283DB1AE2D2D802021000736061B00080000004006000036071B07EFFFFF0048060000D09E0B000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
-->C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 15 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.09) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
AnyBurn-->"C:\Program Files\AnyBurn\uninstall.exe"
Ashampoo Burning Studio 6 FREE v.6.80-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Google Chrome-->"C:\Program Files\Google\Chrome\Application\38.0.2125.111\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) TV Wizard-->C:\Windows\system32\TVWizudlg.exe -uninstall
IrfanView (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
Java 7 Update 71-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217071FF}
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
K-Lite Codec Pack 10.8.0 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lenovo Power Management Driver-->RunDll32.exe tpinspm.dll,Uninstall
Lenovo System Interface Driver-->RunDll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NTx86 130 C:\Program Files\Lenovo\SMIIF\lnvsmi.inf
Lenovo System Update-->MsiExec.exe /X{25C64847-B900-48AD-A164-1B4F9B774650}
LibreOffice 4.3.2.2-->MsiExec.exe /I{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}
Metric Collection SDK-->MsiExec.exe /X{DDAA788F-52E6-44EA-ADB8-92837B11BF26}
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}
Microsoft Security Client-->MsiExec.exe /X{107F27B7-8EE4-4B3A-9CE5-497B120369DC}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Mozilla Firefox 33.0.3 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
On Screen Display-->rundll32.exe "C:\Program Files\Lenovo\HOTKEY\cleanup.dll",InfUninstallEx DefaultUninstall.LH C:\Program Files\Lenovo\HOTKEY\tphk_tp.inf
Optimizer Pro v3.2-->"C:\Program Files\Optimizer Pro\unins000.exe" /VERYSILENT
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {1531A92E-2552-384F-B942-06A5D18DFA13}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {054F96E9-E89B-3DDB-AA70-A65194B921B4}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {CBD8D84A-257A-3A60-9819-5DF166F9CD25}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {4DC3F78D-5CCF-37B9-9A05-EDDC456F4F20}
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {1863F765-CBE8-3EB3-B434-CA6B6DF2561E}
Settings Manager-->C:\Program Files\Settings Manager\smdmf\Uninstall.exe /browser=all
Skype™ 6.21-->MsiExec.exe /X{1845470B-EB14-4ABC-835B-E36C693DC07D}
SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0009 -removeonly
Spyware Terminator 2012-->"C:\Program Files\Spyware Terminator\unins000.exe"
ThinkPad FullScreen Magnifier-->rundll32.exe "C:\Program Files\Lenovo\ZOOM\cleanup.dll",InfUninstall DefaultUninstall 132 C:\Program Files\Lenovo\Zoom\TpScrex.inf
ThinkPad UltraNav Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ThinkPad UltraNav Utility-->"C:\Program Files\InstallShield Installation Information\{17CBC505-D1AE-459D-B445-3D2000A85842}\setup.exe" -runfromtemp -l0x0009 /zUNINSTALL -removeonly
ThinkVantage Fingerprint Software-->MsiExec.exe /I{479016BF-5B8D-445F-BE15-A187F25D81C8}
VLC media player-->C:\Program Files\VideoLAN\VLC\uninstall.exe
======System event log======
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 10041
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.664602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Media Center.
Record Number: 10040
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.644602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Key Management Service.
Record Number: 10039
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.624602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Internet Explorer.
Record Number: 10038
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.594602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
Computer Name: Lenovo-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 10037
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.544602-000
Event Type: Informace
User: Lenovo-PC\Lenovo
=====Application event log=====
Computer Name: Lenovo-PC
Event Code: 753
Message: Služba Modul blokového zálohování byla úspěšně spuštěna.
Record Number: 2515
Source Name: Microsoft-Windows-Backup
Time Written: 20141105223507.143832-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: Lenovo-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 2514
Source Name: Microsoft-Windows-Winlogon
Time Written: 20141105222039.000000-000
Event Type: Informace
User:
Computer Name: Lenovo-PC
Event Code: 4101
Message: Byla ověřena platnost licence systému Windows.
Record Number: 2513
Source Name: Microsoft-Windows-Winlogon
Time Written: 20141105222039.000000-000
Event Type: Informace
User:
Computer Name: Lenovo-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 2512
Source Name: Microsoft-Windows-Winlogon
Time Written: 20141105222035.000000-000
Event Type: Informace
User:
Computer Name: Lenovo-PC
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 2511
Source Name: Desktop Window Manager
Time Written: 20141105222035.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Lenovo-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENOVO-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 2
Nové přihlášení:
ID zabezpečení: S-1-5-21-2460066736-3750192466-2843583314-1001
Název účtu: Lenovo
Doména účtu: Lenovo-PC
ID přihlášení: 0x2eb43b
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1710
Název procesu: C:\Windows\System32\winlogon.exe
Informace o síti:
Název pracovní stanice: LENOVO-PC
Adresa zdrojové sítě 127.0.0.1
Zdrojový port: 0
Podrobné informace o ověření:
Proces přihlášení: User32
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3682
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141105222039.341779-000
Event Type: Úspěšný audit
User:
Computer Name: Lenovo-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENOVO-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 2
Nové přihlášení:
ID zabezpečení: S-1-5-21-2460066736-3750192466-2843583314-1001
Název účtu: Lenovo
Doména účtu: Lenovo-PC
ID přihlášení: 0x2eb423
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1710
Název procesu: C:\Windows\System32\winlogon.exe
Informace o síti:
Název pracovní stanice: LENOVO-PC
Adresa zdrojové sítě 127.0.0.1
Zdrojový port: 0
Podrobné informace o ověření:
Proces přihlášení: User32
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3681
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141105222039.341779-000
Event Type: Úspěšný audit
User:
Computer Name: Lenovo-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENOVO-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Účet, jehož pověření bylo použito:
Název účtu: Lenovo
Doména účtu: Lenovo-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Cílový server:
Název cílového serveru: localhost
Další informace: localhost
Informace o procesu:
ID procesu: 0x1710
Název procesu: C:\Windows\System32\winlogon.exe
Informace o síti:
Síťová adresa: 127.0.0.1
Port: 0
Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 3680
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141105222039.341779-000
Event Type: Úspěšný audit
User:
Computer Name: Lenovo-PC
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:
Předmět:
ID zabezpečení: S-1-5-21-2460066736-3750192466-2843583314-1001
Název účtu: Lenovo
Doména účtu: Lenovo-PC
ID přihlášení: 0x19a16
Tato událost je generována, pokud je spuštěno odhlášení. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 3679
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141105222035.067371-000
Event Type: Úspěšný audit
User:
Computer Name: Lenovo-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2460066736-3750192466-2843583314-1001
Název účtu: Lenovo
Název domény: Lenovo-PC
ID přihlášení: 0x199ad
Record Number: 3678
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141105221942.434602-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%systemroot%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"configsetroot"=%SystemRoot%\ConfigSetRoot
"TVT"=C:\Program Files\Lenovo
"TSMPATH"=C:\Program Files\ThinkPad\UltraNav Utility
"TFS_DIR"=C:\Program Files\ThinkVantage Fingerprint Software\
-----------------EOF-----------------
a
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2014-11-08 11:51:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 62 GB (65%) free of 95 GB
Total RAM: 2022 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:51:46, on 8.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Lenovo\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Lenovo\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WUGTFZ7L\RSIT.exe
C:\Program Files\trend micro\Lenovo.exe
C:\Windows\eHome\EhTray.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SmdmF Service (SmdmFService) - Unknown owner - C:\Program Files\Settings Manager\smdmf\SmdmFService.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
--
End of file - 6570 bytes
======Scheduled tasks folder======
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default\extensions\
1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default\searchplugins\
bing.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-21 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2011-09-21 55624]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-11-04 3681656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-10-01 22058080]
"Pokki"=C:\Users\Lenovo\AppData\Local\Pokki\Engine\Launcher.dll [2013-12-05 1271064]
"Web Companion"=C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2011-09-21 100680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-08 11:51:35 ----D---- C:\rsit
2014-11-08 11:51:35 ----D---- C:\Program Files\trend micro
2014-11-08 00:06:32 ----SHD---- C:\Config.Msi
2014-11-08 00:01:43 ----D---- C:\Users\Lenovo\AppData\Roaming\LavasoftStatistics
2014-11-08 00:01:02 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-08 00:01:02 ----A---- C:\Windows\system32\LavasoftTcpService.ini
2014-11-08 00:00:44 ----A---- C:\Windows\system32\LavasoftTcpService.dll
2014-11-07 23:54:21 ----D---- C:\ProgramData\Lavasoft
2014-11-07 22:48:59 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2014-11-07 22:48:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Spyware Terminator
2014-11-07 22:48:56 ----D---- C:\ProgramData\Spyware Terminator
2014-11-07 22:48:22 ----D---- C:\Program Files\Spyware Terminator
2014-11-07 13:20:55 ----D---- C:\Program Files\Mozilla Firefox
2014-11-06 16:49:17 ----D---- C:\Program Files\ESET
2014-11-06 11:56:11 ----A---- C:\Windows\wininit.ini
2014-11-05 23:17:22 ----D---- C:\Windows\ERUNT
2014-11-05 22:56:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-11-05 22:56:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-11-05 21:55:00 ----D---- C:\Users\Lenovo\AppData\Roaming\FirefoxToolbar
2014-11-05 21:54:43 ----D---- C:\Program Files\Settings Manager
2014-11-05 21:54:33 ----D---- C:\ProgramData\smdmf
2014-11-05 21:50:33 ----D---- C:\Users\Lenovo\AppData\Roaming\AVG
2014-11-05 21:50:09 ----D---- C:\ProgramData\AVG
2014-11-05 21:49:54 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-11-05 21:49:53 ----HD---- C:\ProgramData\Common Files
2014-11-05 21:40:13 ----D---- C:\Users\Lenovo\AppData\Roaming\RVLGames
2014-11-05 16:37:18 ----D---- C:\Users\Lenovo\AppData\Roaming\DominiGames
2014-11-04 20:17:23 ----D---- C:\Users\Lenovo\AppData\Roaming\TOMI3
2014-11-04 16:20:32 ----D---- C:\Users\Lenovo\AppData\Roaming\GO Games
2014-11-04 14:33:58 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-11-04 14:26:26 ----D---- C:\Users\Lenovo\AppData\Roaming\GirlsWithSecretsAdventure
2014-11-04 14:26:23 ----D---- C:\Users\Lenovo\AppData\Roaming\Tape_Worm
2014-11-04 14:26:17 ----D---- C:\Users\Lenovo\AppData\Roaming\ToomkyGames.com
2014-11-04 13:22:11 ----D---- C:\Program Files\ToomkyGames.com
2014-11-04 13:06:20 ----D---- C:\ProgramData\Norton
2014-11-04 13:06:15 ----D---- C:\ProgramData\NortonInstaller
2014-11-04 13:04:12 ----HDC---- C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
2014-10-30 19:50:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Awem
2014-10-28 20:03:50 ----AS---- C:\Windows\system32\lcpmnctufjvj.exe
2014-10-28 20:03:50 ----AS---- C:\Windows\system32\dcgmnctufjvj.exe
2014-10-28 20:03:49 ----AS---- C:\Windows\system32\acumnctufjvj.exe
2014-10-28 19:54:30 ----AS---- C:\Windows\system32\lcpmncteog.exe
2014-10-28 19:54:30 ----AS---- C:\Windows\system32\dcgmncteog.exe
2014-10-28 19:54:28 ----D---- C:\Windows\system32\bitstreams
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\zlib1.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\ssleay32.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\pthreadVC2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\pthreadGC2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libssh2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\librtmp.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libidn-11.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libeay32.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\acumncteog.exe
2014-10-28 19:54:27 ----AS---- C:\Windows\system32\libcurl-4.dll
2014-10-28 19:54:27 ----AS---- C:\Windows\system32\cudart32_50_35.dll
2014-10-28 12:45:13 ----D---- C:\Users\Lenovo\AppData\Roaming\Orneon
2014-10-28 12:44:17 ----D---- C:\Games
2014-10-27 00:24:37 ----D---- C:\Windows\Minidump
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-26 11:44:18 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-25 20:56:44 ----SD---- C:\Windows\system32\CompatTel
2014-10-25 19:49:15 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-25 19:33:32 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-25 19:33:24 ----A---- C:\Windows\system32\icardres.dll
2014-10-25 19:33:10 ----A---- C:\Windows\system32\icardagt.exe
2014-10-25 19:32:49 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-25 18:50:20 ----D---- C:\Users\Lenovo\AppData\Roaming\anyburn
2014-10-25 18:48:26 ----D---- C:\Program Files\AnyBurn
2014-10-25 18:34:48 ----D---- C:\Users\Lenovo\AppData\Roaming\Opera Software
2014-10-25 18:34:39 ----D---- C:\Program Files\Opera
2014-10-25 16:55:21 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-25 16:55:05 ----A---- C:\Windows\system32\kerberos.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\termsrv.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\schannel.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-25 16:55:03 ----A---- C:\Windows\system32\winsta.dll
2014-10-25 16:55:03 ----A---- C:\Windows\system32\winlogon.exe
2014-10-25 16:55:03 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\wdigest.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\ncrypt.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\msv1_0.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-25 16:55:01 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-25 16:55:01 ----A---- C:\Windows\system32\credssp.dll
2014-10-25 16:52:11 ----A---- C:\Windows\system32\generaltel.dll
2014-10-25 16:52:08 ----A---- C:\Windows\system32\aepdu.dll
2014-10-25 16:52:07 ----A---- C:\Windows\system32\aeinv.dll
2014-10-25 16:51:50 ----A---- C:\Windows\system32\spoolsv.exe
2014-10-25 16:51:47 ----A---- C:\Windows\system32\win32k.sys
2014-10-25 16:51:24 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-25 16:51:20 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-25 16:51:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-25 16:51:20 ----A---- C:\Windows\system32\cdd.dll
2014-10-25 16:48:07 ----A---- C:\Windows\system32\gdi32.dll
2014-10-25 16:47:07 ----A---- C:\Windows\system32\rastls.dll
2014-10-25 16:46:23 ----A---- C:\Windows\system32\qdvd.dll
2014-10-25 16:46:19 ----A---- C:\Windows\system32\osk.exe
2014-10-25 16:45:51 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-25 16:45:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-25 16:45:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-25 16:45:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-25 16:45:49 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\vbscript.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-25 16:45:48 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-25 16:45:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-25 16:45:46 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-25 16:45:45 ----A---- C:\Windows\system32\ieui.dll
2014-10-25 16:45:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-25 16:45:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-25 16:45:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-25 16:45:43 ----A---- C:\Windows\system32\iertutil.dll
2014-10-25 16:45:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-25 16:45:40 ----A---- C:\Windows\system32\jscript9.dll
2014-10-25 16:45:39 ----A---- C:\Windows\system32\mshtml.dll
2014-10-25 16:45:36 ----A---- C:\Windows\system32\iernonce.dll
2014-10-25 16:45:36 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-25 16:45:35 ----A---- C:\Windows\system32\urlmon.dll
2014-10-25 16:45:34 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-25 16:45:34 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-25 16:45:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-25 16:45:31 ----A---- C:\Windows\system32\msrating.dll
2014-10-25 16:45:31 ----A---- C:\Windows\system32\iesetup.dll
2014-10-25 16:45:30 ----A---- C:\Windows\system32\ieframe.dll
2014-10-25 16:41:13 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-25 16:40:49 ----A---- C:\Windows\explorer.exe
2014-10-25 16:40:22 ----A---- C:\Windows\system32\qedit.dll
2014-10-25 16:40:17 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-25 16:35:43 ----A---- C:\Windows\system32\drivers\afd.sys
2014-10-25 16:35:40 ----A---- C:\Windows\system32\mscorier.dll
2014-10-25 16:35:40 ----A---- C:\Windows\system32\dfshim.dll
2014-10-25 16:35:39 ----A---- C:\Windows\system32\mscories.dll
2014-10-25 16:34:40 ----A---- C:\Windows\system32\mstscax.dll
2014-10-25 16:33:14 ----A---- C:\Windows\system32\msi.dll
2014-10-25 16:33:13 ----A---- C:\Windows\system32\msihnd.dll
2014-10-25 16:33:13 ----A---- C:\Windows\system32\consent.exe
2014-10-25 16:33:13 ----A---- C:\Windows\system32\authui.dll
2014-10-25 16:27:54 ----A---- C:\Windows\system32\packager.dll
2014-10-25 16:27:49 ----A---- C:\Windows\system32\shell32.dll
2014-10-25 16:27:39 ----A---- C:\Windows\system32\tzres.dll
2014-10-25 16:27:19 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-24 17:32:34 ----D---- C:\Users\Lenovo\AppData\Roaming\Elephant Games
2014-10-24 17:32:34 ----D---- C:\ProgramData\Elephant Games
2014-10-24 16:05:13 ----D---- C:\Users\Lenovo\AppData\Roaming\vlc
2014-10-24 15:33:41 ----D---- C:\ProgramData\Canneverbe Limited
2014-10-24 15:30:32 ----AD---- C:\ProgramData\TEMP
2014-10-24 15:30:16 ----D---- C:\ProgramData\Big Fish
2014-10-24 15:27:09 ----D---- C:\BigFishCache
2014-10-24 15:26:05 ----D---- C:\Users\Lenovo\AppData\Roaming\Macromedia
2014-10-24 15:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-10-24 15:21:15 ----D---- C:\Windows\system32\Macromed
2014-10-24 14:39:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Ashampoo
2014-10-24 14:15:46 ----D---- C:\Users\Lenovo\AppData\Roaming\MPC-HC
2014-10-24 08:54:00 ----D---- C:\Users\Lenovo\AppData\Roaming\Mozilla
2014-10-23 17:46:08 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2014-10-21 11:08:58 ----D---- C:\Program Files\Microsoft Security Client
2014-10-21 11:08:55 ----D---- C:\Users\Lenovo\AppData\Roaming\Canneverbe Limited
2014-10-21 11:08:07 ----D---- C:\Program Files\LibreOffice 4
2014-10-21 11:06:26 ----D---- C:\Program Files\Common Files\Adobe
2014-10-21 11:06:26 ----D---- C:\Program Files\Adobe
2014-10-21 11:03:10 ----RD---- C:\Program Files\Skype
2014-10-21 11:03:10 ----D---- C:\Program Files\Common Files\Skype
2014-10-21 11:03:07 ----D---- C:\ProgramData\Skype
2014-10-21 11:02:56 ----D---- C:\Program Files\VideoLAN
2014-10-21 11:02:22 ----D---- C:\Program Files\Google
2014-10-21 11:02:19 ----D---- C:\Users\Lenovo\AppData\Roaming\IrfanView
2014-10-21 11:02:18 ----D---- C:\Program Files\IrfanView
2014-10-21 11:02:17 ----D---- C:\Program Files\7-Zip
2014-10-21 11:02:13 ----D---- C:\Program Files\Common Files\Java
2014-10-21 11:02:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wups.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wudriver.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wuapi.dll
2014-10-21 11:00:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-21 11:00:18 ----A---- C:\Windows\system32\wuapp.exe
2014-10-21 11:00:12 ----D---- C:\ProgramData\Mozilla
2014-10-21 11:00:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wups2.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wucltux.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-21 10:49:56 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
2014-10-21 10:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Identities
2014-10-21 10:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Adobe
2014-10-21 10:48:18 ----SHD---- C:\Recovery
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Šablony
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Plocha
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Oblíbené položky
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Nabídka Start
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Dokumenty
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Data aplikací
======List of files/folders modified in the last 1 month======
2014-11-08 11:51:35 ----RD---- C:\Program Files
2014-11-08 11:51:28 ----D---- C:\Windows\Temp
2014-11-08 11:48:52 ----D---- C:\Windows\system32\config
2014-11-08 00:26:52 ----SHD---- C:\System Volume Information
2014-11-08 00:26:52 ----D---- C:\Windows\Logs
2014-11-08 00:08:00 ----SHD---- C:\Windows\Installer
2014-11-08 00:06:53 ----D---- C:\Program Files\Common Files
2014-11-08 00:06:35 ----D---- C:\Windows\system32\drivers
2014-11-08 00:01:02 ----D---- C:\Windows\System32
2014-11-07 23:54:21 ----HD---- C:\ProgramData
2014-11-06 17:15:22 ----D---- C:\Windows\inf
2014-11-06 13:19:37 ----D---- C:\Windows
2014-11-06 11:56:25 ----SD---- C:\ProgramData\Microsoft
2014-11-06 11:17:54 ----D---- C:\Windows\system32\Tasks
2014-11-06 11:15:48 ----D---- C:\Windows\Panther
2014-11-06 11:15:46 ----D---- C:\Windows\debug
2014-11-05 22:10:04 ----D---- C:\Windows\Tasks
2014-11-04 13:05:37 ----D---- C:\Windows\Prefetch
2014-11-03 14:46:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-02 11:04:27 ----D---- C:\Windows\winsxs
2014-11-02 10:57:48 ----D---- C:\Windows\system32\catroot2
2014-11-02 10:57:48 ----D---- C:\Windows\system32\catroot
2014-11-02 09:38:43 ----D---- C:\Windows\rescache
2014-11-02 02:12:08 ----D---- C:\Program Files\Windows Sidebar
2014-11-02 02:12:07 ----D---- C:\Windows\servicing
2014-11-02 02:12:07 ----D---- C:\Windows\en-US
2014-11-02 02:12:07 ----D---- C:\Windows\ehome
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Photo Viewer
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Media Player
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Mail
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Journal
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Defender
2014-11-02 02:12:07 ----D---- C:\Program Files\Common Files\System
2014-11-02 02:12:06 ----D---- C:\Windows\system32\oobe
2014-11-02 02:12:06 ----D---- C:\Windows\system32\migwiz
2014-11-02 02:12:06 ----D---- C:\Windows\system32\en
2014-11-02 02:12:05 ----D---- C:\Windows\system32\sysprep
2014-11-02 02:12:05 ----D---- C:\Windows\system32\slmgr
2014-11-02 02:12:05 ----D---- C:\Windows\system32\sk-SK
2014-11-02 02:12:05 ----D---- C:\Windows\system32\Boot
2014-11-02 02:12:02 ----D---- C:\Windows\system32\en-US
2014-11-02 02:12:02 ----D---- C:\Windows\system32\drivers\en-US
2014-11-02 02:11:56 ----D---- C:\Windows\system32\WCN
2014-11-02 02:11:56 ----D---- C:\Windows\system32\DriverStore
2014-11-02 02:11:56 ----D---- C:\Windows\system32\Dism
2014-11-02 02:11:55 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2014-11-02 02:11:40 ----D---- C:\Windows\Speech
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-26 19:29:29 ----D---- C:\Windows\system32\wdi
2014-10-26 16:23:13 ----D---- C:\Windows\Microsoft.NET
2014-10-26 14:49:15 ----RSD---- C:\Windows\Fonts
2014-10-26 14:28:50 ----RSD---- C:\Windows\assembly
2014-10-25 21:01:49 ----D---- C:\Windows\system32\LogFiles
2014-10-25 20:56:43 ----D---- C:\Windows\system32\cs-CZ
2014-10-25 20:56:40 ----D---- C:\Windows\PolicyDefinitions
2014-10-25 20:56:40 ----D---- C:\Program Files\Internet Explorer
2014-10-25 19:46:05 ----D---- C:\Windows\system32\MRT
2014-10-24 20:20:51 ----D---- C:\Windows\LiveKernelReports
2014-10-21 11:06:26 ----D---- C:\ProgramData\Adobe
2014-10-21 11:05:39 ----D---- C:\Program Files\K-Lite Codec Pack
2014-10-21 11:01:57 ----A---- C:\Windows\system32\javaws.exe
2014-10-21 11:01:57 ----A---- C:\Windows\system32\javaw.exe
2014-10-21 11:01:57 ----A---- C:\Windows\system32\java.exe
2014-10-21 11:01:56 ----D---- C:\Program Files\Java
2014-10-21 10:59:45 ----D---- C:\Windows\SoftwareDistribution
2014-10-21 10:52:08 ----SHD---- C:\$Recycle.Bin
2014-10-21 10:49:56 ----RD---- C:\Users
2014-10-21 10:48:18 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2013-05-22 13680]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 11976]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6232.sys [2011-08-23 231640]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-12-17 45880]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 88832]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SWNC8U01;Sierra Wireless MUX NDIS Driver (UMTS01); C:\Windows\system32\DRIVERS\SWNC8U01.sys [2007-01-12 102144]
R3 SWUMX01;Sierra Wireless USB MUX Driver (UMTS01); C:\Windows\system32\DRIVERS\swumx01.sys [2007-01-12 70656]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 348016]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\smdmf\smdmfmgrc2.cfg []
S1 MpKsla8ec128e;MpKsla8ec128e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D8556EC1-A0AE-48E7-922C-A002C8761ADB}\MpKsla8ec128e.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-25 14848]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-25 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-06-25 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-25 26880]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-12-17 56664]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 116208]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-05-27 125488]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 ca82e1a5;Optimizer Pro Crash Monitor; c:\Program Files\Optimizer Pro\OptProCrash.dll,ENT []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-05-27 110128]
S2 SmdmFService;SmdmF Service; C:\Program Files\Settings Manager\smdmf\SmdmFService.exe []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288]
S3 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-25 1343400]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
A ještě netuším, jestli je rozdíl v rsit spuštěným ve Firefoxu a nebo v Exploreru, možná je to to samé. Takže ten předchozí log byl otevřený, když jsem měl spuštěný Explorer, tento je v Firefoxu
možná jsem to zbytečně zdvojil, jestli ano tak promiňte
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2014-11-08 12:04:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 62 GB (65%) free of 95 GB
Total RAM: 2022 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:44, on 8.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Lenovo\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Lenovo\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lenovo\Downloads\RSIT.exe
C:\Program Files\trend micro\Lenovo.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SmdmF Service (SmdmFService) - Unknown owner - C:\Program Files\Settings Manager\smdmf\SmdmFService.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
--
End of file - 6750 bytes
======Scheduled tasks folder======
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default\extensions\
1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default\searchplugins\
bing.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-21 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2011-09-21 55624]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-11-04 3681656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-10-01 22058080]
"Pokki"=C:\Users\Lenovo\AppData\Local\Pokki\Engine\Launcher.dll [2013-12-05 1271064]
"Web Companion"=C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2011-09-21 100680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-08 11:51:35 ----D---- C:\rsit
2014-11-08 11:51:35 ----D---- C:\Program Files\trend micro
2014-11-08 00:06:32 ----SHD---- C:\Config.Msi
2014-11-08 00:01:43 ----D---- C:\Users\Lenovo\AppData\Roaming\LavasoftStatistics
2014-11-08 00:01:02 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-08 00:01:02 ----A---- C:\Windows\system32\LavasoftTcpService.ini
2014-11-08 00:00:44 ----A---- C:\Windows\system32\LavasoftTcpService.dll
2014-11-07 23:54:21 ----D---- C:\ProgramData\Lavasoft
2014-11-07 22:48:59 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2014-11-07 22:48:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Spyware Terminator
2014-11-07 22:48:56 ----D---- C:\ProgramData\Spyware Terminator
2014-11-07 22:48:22 ----D---- C:\Program Files\Spyware Terminator
2014-11-07 13:20:55 ----D---- C:\Program Files\Mozilla Firefox
2014-11-06 16:49:17 ----D---- C:\Program Files\ESET
2014-11-06 11:56:11 ----A---- C:\Windows\wininit.ini
2014-11-05 23:17:22 ----D---- C:\Windows\ERUNT
2014-11-05 22:56:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-11-05 22:56:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-11-05 21:55:00 ----D---- C:\Users\Lenovo\AppData\Roaming\FirefoxToolbar
2014-11-05 21:54:43 ----D---- C:\Program Files\Settings Manager
2014-11-05 21:54:33 ----D---- C:\ProgramData\smdmf
2014-11-05 21:50:33 ----D---- C:\Users\Lenovo\AppData\Roaming\AVG
2014-11-05 21:50:09 ----D---- C:\ProgramData\AVG
2014-11-05 21:49:54 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-11-05 21:49:53 ----HD---- C:\ProgramData\Common Files
2014-11-05 21:40:13 ----D---- C:\Users\Lenovo\AppData\Roaming\RVLGames
2014-11-05 16:37:18 ----D---- C:\Users\Lenovo\AppData\Roaming\DominiGames
2014-11-04 20:17:23 ----D---- C:\Users\Lenovo\AppData\Roaming\TOMI3
2014-11-04 16:20:32 ----D---- C:\Users\Lenovo\AppData\Roaming\GO Games
2014-11-04 14:33:58 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-11-04 14:26:26 ----D---- C:\Users\Lenovo\AppData\Roaming\GirlsWithSecretsAdventure
2014-11-04 14:26:23 ----D---- C:\Users\Lenovo\AppData\Roaming\Tape_Worm
2014-11-04 14:26:17 ----D---- C:\Users\Lenovo\AppData\Roaming\ToomkyGames.com
2014-11-04 13:22:11 ----D---- C:\Program Files\ToomkyGames.com
2014-11-04 13:06:20 ----D---- C:\ProgramData\Norton
2014-11-04 13:06:15 ----D---- C:\ProgramData\NortonInstaller
2014-11-04 13:04:12 ----HDC---- C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
2014-10-30 19:50:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Awem
2014-10-28 20:03:50 ----AS---- C:\Windows\system32\lcpmnctufjvj.exe
2014-10-28 20:03:50 ----AS---- C:\Windows\system32\dcgmnctufjvj.exe
2014-10-28 20:03:49 ----AS---- C:\Windows\system32\acumnctufjvj.exe
2014-10-28 19:54:30 ----AS---- C:\Windows\system32\lcpmncteog.exe
2014-10-28 19:54:30 ----AS---- C:\Windows\system32\dcgmncteog.exe
2014-10-28 19:54:28 ----D---- C:\Windows\system32\bitstreams
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\zlib1.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\ssleay32.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\pthreadVC2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\pthreadGC2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libssh2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\librtmp.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libidn-11.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libeay32.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\acumncteog.exe
2014-10-28 19:54:27 ----AS---- C:\Windows\system32\libcurl-4.dll
2014-10-28 19:54:27 ----AS---- C:\Windows\system32\cudart32_50_35.dll
2014-10-28 12:45:13 ----D---- C:\Users\Lenovo\AppData\Roaming\Orneon
2014-10-28 12:44:17 ----D---- C:\Games
2014-10-27 00:24:37 ----D---- C:\Windows\Minidump
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-26 11:44:18 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-25 20:56:44 ----SD---- C:\Windows\system32\CompatTel
2014-10-25 19:49:15 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-25 19:33:32 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-25 19:33:24 ----A---- C:\Windows\system32\icardres.dll
2014-10-25 19:33:10 ----A---- C:\Windows\system32\icardagt.exe
2014-10-25 19:32:49 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-25 18:50:20 ----D---- C:\Users\Lenovo\AppData\Roaming\anyburn
2014-10-25 18:48:26 ----D---- C:\Program Files\AnyBurn
2014-10-25 18:34:48 ----D---- C:\Users\Lenovo\AppData\Roaming\Opera Software
2014-10-25 18:34:39 ----D---- C:\Program Files\Opera
2014-10-25 16:55:21 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-25 16:55:05 ----A---- C:\Windows\system32\kerberos.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\termsrv.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\schannel.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-25 16:55:03 ----A---- C:\Windows\system32\winsta.dll
2014-10-25 16:55:03 ----A---- C:\Windows\system32\winlogon.exe
2014-10-25 16:55:03 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\wdigest.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\ncrypt.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\msv1_0.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-25 16:55:01 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-25 16:55:01 ----A---- C:\Windows\system32\credssp.dll
2014-10-25 16:52:11 ----A---- C:\Windows\system32\generaltel.dll
2014-10-25 16:52:08 ----A---- C:\Windows\system32\aepdu.dll
2014-10-25 16:52:07 ----A---- C:\Windows\system32\aeinv.dll
2014-10-25 16:51:50 ----A---- C:\Windows\system32\spoolsv.exe
2014-10-25 16:51:47 ----A---- C:\Windows\system32\win32k.sys
2014-10-25 16:51:24 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-25 16:51:20 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-25 16:51:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-25 16:51:20 ----A---- C:\Windows\system32\cdd.dll
2014-10-25 16:48:07 ----A---- C:\Windows\system32\gdi32.dll
2014-10-25 16:47:07 ----A---- C:\Windows\system32\rastls.dll
2014-10-25 16:46:23 ----A---- C:\Windows\system32\qdvd.dll
2014-10-25 16:46:19 ----A---- C:\Windows\system32\osk.exe
2014-10-25 16:45:51 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-25 16:45:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-25 16:45:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-25 16:45:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-25 16:45:49 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\vbscript.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-25 16:45:48 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-25 16:45:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-25 16:45:46 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-25 16:45:45 ----A---- C:\Windows\system32\ieui.dll
2014-10-25 16:45:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-25 16:45:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-25 16:45:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-25 16:45:43 ----A---- C:\Windows\system32\iertutil.dll
2014-10-25 16:45:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-25 16:45:40 ----A---- C:\Windows\system32\jscript9.dll
2014-10-25 16:45:39 ----A---- C:\Windows\system32\mshtml.dll
2014-10-25 16:45:36 ----A---- C:\Windows\system32\iernonce.dll
2014-10-25 16:45:36 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-25 16:45:35 ----A---- C:\Windows\system32\urlmon.dll
2014-10-25 16:45:34 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-25 16:45:34 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-25 16:45:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-25 16:45:31 ----A---- C:\Windows\system32\msrating.dll
2014-10-25 16:45:31 ----A---- C:\Windows\system32\iesetup.dll
2014-10-25 16:45:30 ----A---- C:\Windows\system32\ieframe.dll
2014-10-25 16:41:13 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-25 16:40:49 ----A---- C:\Windows\explorer.exe
2014-10-25 16:40:22 ----A---- C:\Windows\system32\qedit.dll
2014-10-25 16:40:17 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-25 16:35:43 ----A---- C:\Windows\system32\drivers\afd.sys
2014-10-25 16:35:40 ----A---- C:\Windows\system32\mscorier.dll
2014-10-25 16:35:40 ----A---- C:\Windows\system32\dfshim.dll
2014-10-25 16:35:39 ----A---- C:\Windows\system32\mscories.dll
2014-10-25 16:34:40 ----A---- C:\Windows\system32\mstscax.dll
2014-10-25 16:33:14 ----A---- C:\Windows\system32\msi.dll
2014-10-25 16:33:13 ----A---- C:\Windows\system32\msihnd.dll
2014-10-25 16:33:13 ----A---- C:\Windows\system32\consent.exe
2014-10-25 16:33:13 ----A---- C:\Windows\system32\authui.dll
2014-10-25 16:27:54 ----A---- C:\Windows\system32\packager.dll
2014-10-25 16:27:49 ----A---- C:\Windows\system32\shell32.dll
2014-10-25 16:27:39 ----A---- C:\Windows\system32\tzres.dll
2014-10-25 16:27:19 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-24 17:32:34 ----D---- C:\Users\Lenovo\AppData\Roaming\Elephant Games
2014-10-24 17:32:34 ----D---- C:\ProgramData\Elephant Games
2014-10-24 16:05:13 ----D---- C:\Users\Lenovo\AppData\Roaming\vlc
2014-10-24 15:33:41 ----D---- C:\ProgramData\Canneverbe Limited
2014-10-24 15:30:32 ----AD---- C:\ProgramData\TEMP
2014-10-24 15:30:16 ----D---- C:\ProgramData\Big Fish
2014-10-24 15:27:09 ----D---- C:\BigFishCache
2014-10-24 15:26:05 ----D---- C:\Users\Lenovo\AppData\Roaming\Macromedia
2014-10-24 15:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-10-24 15:21:15 ----D---- C:\Windows\system32\Macromed
2014-10-24 14:39:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Ashampoo
2014-10-24 14:15:46 ----D---- C:\Users\Lenovo\AppData\Roaming\MPC-HC
2014-10-24 08:54:00 ----D---- C:\Users\Lenovo\AppData\Roaming\Mozilla
2014-10-23 17:46:08 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2014-10-21 11:08:58 ----D---- C:\Program Files\Microsoft Security Client
2014-10-21 11:08:55 ----D---- C:\Users\Lenovo\AppData\Roaming\Canneverbe Limited
2014-10-21 11:08:07 ----D---- C:\Program Files\LibreOffice 4
2014-10-21 11:06:26 ----D---- C:\Program Files\Common Files\Adobe
2014-10-21 11:06:26 ----D---- C:\Program Files\Adobe
2014-10-21 11:03:10 ----RD---- C:\Program Files\Skype
2014-10-21 11:03:10 ----D---- C:\Program Files\Common Files\Skype
2014-10-21 11:03:07 ----D---- C:\ProgramData\Skype
2014-10-21 11:02:56 ----D---- C:\Program Files\VideoLAN
2014-10-21 11:02:22 ----D---- C:\Program Files\Google
2014-10-21 11:02:19 ----D---- C:\Users\Lenovo\AppData\Roaming\IrfanView
2014-10-21 11:02:18 ----D---- C:\Program Files\IrfanView
2014-10-21 11:02:17 ----D---- C:\Program Files\7-Zip
2014-10-21 11:02:13 ----D---- C:\Program Files\Common Files\Java
2014-10-21 11:02:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wups.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wudriver.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wuapi.dll
2014-10-21 11:00:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-21 11:00:18 ----A---- C:\Windows\system32\wuapp.exe
2014-10-21 11:00:12 ----D---- C:\ProgramData\Mozilla
2014-10-21 11:00:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wups2.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wucltux.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-21 10:49:56 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
2014-10-21 10:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Identities
2014-10-21 10:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Adobe
2014-10-21 10:48:18 ----SHD---- C:\Recovery
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Šablony
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Plocha
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Oblíbené položky
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Nabídka Start
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Dokumenty
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Data aplikací
======List of files/folders modified in the last 1 month======
2014-11-08 12:02:18 ----D---- C:\Windows\system32\config
2014-11-08 12:02:03 ----D---- C:\Windows\Temp
2014-11-08 11:51:35 ----RD---- C:\Program Files
2014-11-08 00:26:52 ----SHD---- C:\System Volume Information
2014-11-08 00:26:52 ----D---- C:\Windows\Logs
2014-11-08 00:08:00 ----SHD---- C:\Windows\Installer
2014-11-08 00:06:53 ----D---- C:\Program Files\Common Files
2014-11-08 00:06:35 ----D---- C:\Windows\system32\drivers
2014-11-08 00:01:02 ----D---- C:\Windows\System32
2014-11-07 23:54:21 ----HD---- C:\ProgramData
2014-11-06 17:15:22 ----D---- C:\Windows\inf
2014-11-06 13:19:37 ----D---- C:\Windows
2014-11-06 11:56:25 ----SD---- C:\ProgramData\Microsoft
2014-11-06 11:17:54 ----D---- C:\Windows\system32\Tasks
2014-11-06 11:15:48 ----D---- C:\Windows\Panther
2014-11-06 11:15:46 ----D---- C:\Windows\debug
2014-11-05 22:10:04 ----D---- C:\Windows\Tasks
2014-11-04 13:05:37 ----D---- C:\Windows\Prefetch
2014-11-03 14:46:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-02 11:04:27 ----D---- C:\Windows\winsxs
2014-11-02 10:57:48 ----D---- C:\Windows\system32\catroot2
2014-11-02 10:57:48 ----D---- C:\Windows\system32\catroot
2014-11-02 09:38:43 ----D---- C:\Windows\rescache
2014-11-02 02:12:08 ----D---- C:\Program Files\Windows Sidebar
2014-11-02 02:12:07 ----D---- C:\Windows\servicing
2014-11-02 02:12:07 ----D---- C:\Windows\en-US
2014-11-02 02:12:07 ----D---- C:\Windows\ehome
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Photo Viewer
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Media Player
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Mail
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Journal
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Defender
2014-11-02 02:12:07 ----D---- C:\Program Files\Common Files\System
2014-11-02 02:12:06 ----D---- C:\Windows\system32\oobe
2014-11-02 02:12:06 ----D---- C:\Windows\system32\migwiz
2014-11-02 02:12:06 ----D---- C:\Windows\system32\en
2014-11-02 02:12:05 ----D---- C:\Windows\system32\sysprep
2014-11-02 02:12:05 ----D---- C:\Windows\system32\slmgr
2014-11-02 02:12:05 ----D---- C:\Windows\system32\sk-SK
2014-11-02 02:12:05 ----D---- C:\Windows\system32\Boot
2014-11-02 02:12:02 ----D---- C:\Windows\system32\en-US
2014-11-02 02:12:02 ----D---- C:\Windows\system32\drivers\en-US
2014-11-02 02:11:56 ----D---- C:\Windows\system32\WCN
2014-11-02 02:11:56 ----D---- C:\Windows\system32\DriverStore
2014-11-02 02:11:56 ----D---- C:\Windows\system32\Dism
2014-11-02 02:11:55 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2014-11-02 02:11:40 ----D---- C:\Windows\Speech
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-26 19:29:29 ----D---- C:\Windows\system32\wdi
2014-10-26 16:23:13 ----D---- C:\Windows\Microsoft.NET
2014-10-26 14:49:15 ----RSD---- C:\Windows\Fonts
2014-10-26 14:28:50 ----RSD---- C:\Windows\assembly
2014-10-25 21:01:49 ----D---- C:\Windows\system32\LogFiles
2014-10-25 20:56:43 ----D---- C:\Windows\system32\cs-CZ
2014-10-25 20:56:40 ----D---- C:\Windows\PolicyDefinitions
2014-10-25 20:56:40 ----D---- C:\Program Files\Internet Explorer
2014-10-25 19:46:05 ----D---- C:\Windows\system32\MRT
2014-10-24 20:20:51 ----D---- C:\Windows\LiveKernelReports
2014-10-21 11:06:26 ----D---- C:\ProgramData\Adobe
2014-10-21 11:05:39 ----D---- C:\Program Files\K-Lite Codec Pack
2014-10-21 11:01:57 ----A---- C:\Windows\system32\javaws.exe
2014-10-21 11:01:57 ----A---- C:\Windows\system32\javaw.exe
2014-10-21 11:01:57 ----A---- C:\Windows\system32\java.exe
2014-10-21 11:01:56 ----D---- C:\Program Files\Java
2014-10-21 10:59:45 ----D---- C:\Windows\SoftwareDistribution
2014-10-21 10:52:08 ----SHD---- C:\$Recycle.Bin
2014-10-21 10:49:56 ----RD---- C:\Users
2014-10-21 10:48:18 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2013-05-22 13680]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 11976]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6232.sys [2011-08-23 231640]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-12-17 45880]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 88832]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SWNC8U01;Sierra Wireless MUX NDIS Driver (UMTS01); C:\Windows\system32\DRIVERS\SWNC8U01.sys [2007-01-12 102144]
R3 SWUMX01;Sierra Wireless USB MUX Driver (UMTS01); C:\Windows\system32\DRIVERS\swumx01.sys [2007-01-12 70656]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 348016]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\smdmf\smdmfmgrc2.cfg []
S1 MpKsla8ec128e;MpKsla8ec128e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D8556EC1-A0AE-48E7-922C-A002C8761ADB}\MpKsla8ec128e.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-25 14848]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-25 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-06-25 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-25 26880]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-12-17 56664]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 116208]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-05-27 125488]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 ca82e1a5;Optimizer Pro Crash Monitor; c:\Program Files\Optimizer Pro\OptProCrash.dll,ENT []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-05-27 110128]
S2 SmdmFService;SmdmF Service; C:\Program Files\Settings Manager\smdmf\SmdmFService.exe []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288]
S3 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-25 1343400]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
možná jsem to zbytečně zdvojil, jestli ano tak promiňte
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2014-11-08 12:04:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 62 GB (65%) free of 95 GB
Total RAM: 2022 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:44, on 8.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Lenovo\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Lenovo\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lenovo\Downloads\RSIT.exe
C:\Program Files\trend micro\Lenovo.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [Web Companion] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SmdmF Service (SmdmFService) - Unknown owner - C:\Program Files\Settings Manager\smdmf\SmdmFService.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
--
End of file - 6750 bytes
======Scheduled tasks folder======
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default\extensions\
1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\yxfmxi49.default\searchplugins\
bing.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-21 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2011-09-21 55624]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-11-04 3681656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-10-01 22058080]
"Pokki"=C:\Users\Lenovo\AppData\Local\Pokki\Engine\Launcher.dll [2013-12-05 1271064]
"Web Companion"=C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2011-09-21 100680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-08 11:51:35 ----D---- C:\rsit
2014-11-08 11:51:35 ----D---- C:\Program Files\trend micro
2014-11-08 00:06:32 ----SHD---- C:\Config.Msi
2014-11-08 00:01:43 ----D---- C:\Users\Lenovo\AppData\Roaming\LavasoftStatistics
2014-11-08 00:01:02 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-08 00:01:02 ----A---- C:\Windows\system32\LavasoftTcpService.ini
2014-11-08 00:00:44 ----A---- C:\Windows\system32\LavasoftTcpService.dll
2014-11-07 23:54:21 ----D---- C:\ProgramData\Lavasoft
2014-11-07 22:48:59 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2014-11-07 22:48:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Spyware Terminator
2014-11-07 22:48:56 ----D---- C:\ProgramData\Spyware Terminator
2014-11-07 22:48:22 ----D---- C:\Program Files\Spyware Terminator
2014-11-07 13:20:55 ----D---- C:\Program Files\Mozilla Firefox
2014-11-06 16:49:17 ----D---- C:\Program Files\ESET
2014-11-06 11:56:11 ----A---- C:\Windows\wininit.ini
2014-11-05 23:17:22 ----D---- C:\Windows\ERUNT
2014-11-05 22:56:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-11-05 22:56:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-11-05 21:55:00 ----D---- C:\Users\Lenovo\AppData\Roaming\FirefoxToolbar
2014-11-05 21:54:43 ----D---- C:\Program Files\Settings Manager
2014-11-05 21:54:33 ----D---- C:\ProgramData\smdmf
2014-11-05 21:50:33 ----D---- C:\Users\Lenovo\AppData\Roaming\AVG
2014-11-05 21:50:09 ----D---- C:\ProgramData\AVG
2014-11-05 21:49:54 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-11-05 21:49:53 ----HD---- C:\ProgramData\Common Files
2014-11-05 21:40:13 ----D---- C:\Users\Lenovo\AppData\Roaming\RVLGames
2014-11-05 16:37:18 ----D---- C:\Users\Lenovo\AppData\Roaming\DominiGames
2014-11-04 20:17:23 ----D---- C:\Users\Lenovo\AppData\Roaming\TOMI3
2014-11-04 16:20:32 ----D---- C:\Users\Lenovo\AppData\Roaming\GO Games
2014-11-04 14:33:58 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-11-04 14:26:26 ----D---- C:\Users\Lenovo\AppData\Roaming\GirlsWithSecretsAdventure
2014-11-04 14:26:23 ----D---- C:\Users\Lenovo\AppData\Roaming\Tape_Worm
2014-11-04 14:26:17 ----D---- C:\Users\Lenovo\AppData\Roaming\ToomkyGames.com
2014-11-04 13:22:11 ----D---- C:\Program Files\ToomkyGames.com
2014-11-04 13:06:20 ----D---- C:\ProgramData\Norton
2014-11-04 13:06:15 ----D---- C:\ProgramData\NortonInstaller
2014-11-04 13:04:12 ----HDC---- C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}
2014-10-30 19:50:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Awem
2014-10-28 20:03:50 ----AS---- C:\Windows\system32\lcpmnctufjvj.exe
2014-10-28 20:03:50 ----AS---- C:\Windows\system32\dcgmnctufjvj.exe
2014-10-28 20:03:49 ----AS---- C:\Windows\system32\acumnctufjvj.exe
2014-10-28 19:54:30 ----AS---- C:\Windows\system32\lcpmncteog.exe
2014-10-28 19:54:30 ----AS---- C:\Windows\system32\dcgmncteog.exe
2014-10-28 19:54:28 ----D---- C:\Windows\system32\bitstreams
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\zlib1.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\ssleay32.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\pthreadVC2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\pthreadGC2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libssh2.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\librtmp.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libidn-11.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\libeay32.dll
2014-10-28 19:54:28 ----AS---- C:\Windows\system32\acumncteog.exe
2014-10-28 19:54:27 ----AS---- C:\Windows\system32\libcurl-4.dll
2014-10-28 19:54:27 ----AS---- C:\Windows\system32\cudart32_50_35.dll
2014-10-28 12:45:13 ----D---- C:\Users\Lenovo\AppData\Roaming\Orneon
2014-10-28 12:44:17 ----D---- C:\Games
2014-10-27 00:24:37 ----D---- C:\Windows\Minidump
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-26 11:44:19 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-26 11:44:18 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-25 20:56:44 ----SD---- C:\Windows\system32\CompatTel
2014-10-25 19:49:15 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-25 19:33:32 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-25 19:33:24 ----A---- C:\Windows\system32\icardres.dll
2014-10-25 19:33:10 ----A---- C:\Windows\system32\icardagt.exe
2014-10-25 19:32:49 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-25 18:50:20 ----D---- C:\Users\Lenovo\AppData\Roaming\anyburn
2014-10-25 18:48:26 ----D---- C:\Program Files\AnyBurn
2014-10-25 18:34:48 ----D---- C:\Users\Lenovo\AppData\Roaming\Opera Software
2014-10-25 18:34:39 ----D---- C:\Program Files\Opera
2014-10-25 16:55:21 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-25 16:55:05 ----A---- C:\Windows\system32\kerberos.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\termsrv.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\schannel.dll
2014-10-25 16:55:04 ----A---- C:\Windows\system32\lsasrv.dll
2014-10-25 16:55:03 ----A---- C:\Windows\system32\winsta.dll
2014-10-25 16:55:03 ----A---- C:\Windows\system32\winlogon.exe
2014-10-25 16:55:03 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\wdigest.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\ncrypt.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\msv1_0.dll
2014-10-25 16:55:02 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-25 16:55:01 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-25 16:55:01 ----A---- C:\Windows\system32\credssp.dll
2014-10-25 16:52:11 ----A---- C:\Windows\system32\generaltel.dll
2014-10-25 16:52:08 ----A---- C:\Windows\system32\aepdu.dll
2014-10-25 16:52:07 ----A---- C:\Windows\system32\aeinv.dll
2014-10-25 16:51:50 ----A---- C:\Windows\system32\spoolsv.exe
2014-10-25 16:51:47 ----A---- C:\Windows\system32\win32k.sys
2014-10-25 16:51:24 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-25 16:51:20 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-25 16:51:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-25 16:51:20 ----A---- C:\Windows\system32\cdd.dll
2014-10-25 16:48:07 ----A---- C:\Windows\system32\gdi32.dll
2014-10-25 16:47:07 ----A---- C:\Windows\system32\rastls.dll
2014-10-25 16:46:23 ----A---- C:\Windows\system32\qdvd.dll
2014-10-25 16:46:19 ----A---- C:\Windows\system32\osk.exe
2014-10-25 16:45:51 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-25 16:45:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-25 16:45:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-25 16:45:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-25 16:45:49 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\vbscript.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-25 16:45:48 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-25 16:45:48 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-25 16:45:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-25 16:45:46 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-25 16:45:45 ----A---- C:\Windows\system32\ieui.dll
2014-10-25 16:45:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-25 16:45:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-25 16:45:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-25 16:45:43 ----A---- C:\Windows\system32\iertutil.dll
2014-10-25 16:45:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-25 16:45:40 ----A---- C:\Windows\system32\jscript9.dll
2014-10-25 16:45:39 ----A---- C:\Windows\system32\mshtml.dll
2014-10-25 16:45:36 ----A---- C:\Windows\system32\iernonce.dll
2014-10-25 16:45:36 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-25 16:45:35 ----A---- C:\Windows\system32\urlmon.dll
2014-10-25 16:45:34 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-25 16:45:34 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-25 16:45:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-25 16:45:31 ----A---- C:\Windows\system32\msrating.dll
2014-10-25 16:45:31 ----A---- C:\Windows\system32\iesetup.dll
2014-10-25 16:45:30 ----A---- C:\Windows\system32\ieframe.dll
2014-10-25 16:41:13 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-25 16:40:49 ----A---- C:\Windows\explorer.exe
2014-10-25 16:40:22 ----A---- C:\Windows\system32\qedit.dll
2014-10-25 16:40:17 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-25 16:35:43 ----A---- C:\Windows\system32\drivers\afd.sys
2014-10-25 16:35:40 ----A---- C:\Windows\system32\mscorier.dll
2014-10-25 16:35:40 ----A---- C:\Windows\system32\dfshim.dll
2014-10-25 16:35:39 ----A---- C:\Windows\system32\mscories.dll
2014-10-25 16:34:40 ----A---- C:\Windows\system32\mstscax.dll
2014-10-25 16:33:14 ----A---- C:\Windows\system32\msi.dll
2014-10-25 16:33:13 ----A---- C:\Windows\system32\msihnd.dll
2014-10-25 16:33:13 ----A---- C:\Windows\system32\consent.exe
2014-10-25 16:33:13 ----A---- C:\Windows\system32\authui.dll
2014-10-25 16:27:54 ----A---- C:\Windows\system32\packager.dll
2014-10-25 16:27:49 ----A---- C:\Windows\system32\shell32.dll
2014-10-25 16:27:39 ----A---- C:\Windows\system32\tzres.dll
2014-10-25 16:27:19 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-24 17:32:34 ----D---- C:\Users\Lenovo\AppData\Roaming\Elephant Games
2014-10-24 17:32:34 ----D---- C:\ProgramData\Elephant Games
2014-10-24 16:05:13 ----D---- C:\Users\Lenovo\AppData\Roaming\vlc
2014-10-24 15:33:41 ----D---- C:\ProgramData\Canneverbe Limited
2014-10-24 15:30:32 ----AD---- C:\ProgramData\TEMP
2014-10-24 15:30:16 ----D---- C:\ProgramData\Big Fish
2014-10-24 15:27:09 ----D---- C:\BigFishCache
2014-10-24 15:26:05 ----D---- C:\Users\Lenovo\AppData\Roaming\Macromedia
2014-10-24 15:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-10-24 15:21:15 ----D---- C:\Windows\system32\Macromed
2014-10-24 14:39:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Ashampoo
2014-10-24 14:15:46 ----D---- C:\Users\Lenovo\AppData\Roaming\MPC-HC
2014-10-24 08:54:00 ----D---- C:\Users\Lenovo\AppData\Roaming\Mozilla
2014-10-23 17:46:08 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2014-10-21 11:08:58 ----D---- C:\Program Files\Microsoft Security Client
2014-10-21 11:08:55 ----D---- C:\Users\Lenovo\AppData\Roaming\Canneverbe Limited
2014-10-21 11:08:07 ----D---- C:\Program Files\LibreOffice 4
2014-10-21 11:06:26 ----D---- C:\Program Files\Common Files\Adobe
2014-10-21 11:06:26 ----D---- C:\Program Files\Adobe
2014-10-21 11:03:10 ----RD---- C:\Program Files\Skype
2014-10-21 11:03:10 ----D---- C:\Program Files\Common Files\Skype
2014-10-21 11:03:07 ----D---- C:\ProgramData\Skype
2014-10-21 11:02:56 ----D---- C:\Program Files\VideoLAN
2014-10-21 11:02:22 ----D---- C:\Program Files\Google
2014-10-21 11:02:19 ----D---- C:\Users\Lenovo\AppData\Roaming\IrfanView
2014-10-21 11:02:18 ----D---- C:\Program Files\IrfanView
2014-10-21 11:02:17 ----D---- C:\Program Files\7-Zip
2014-10-21 11:02:13 ----D---- C:\Program Files\Common Files\Java
2014-10-21 11:02:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wups.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wudriver.dll
2014-10-21 11:00:20 ----A---- C:\Windows\system32\wuapi.dll
2014-10-21 11:00:18 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-21 11:00:18 ----A---- C:\Windows\system32\wuapp.exe
2014-10-21 11:00:12 ----D---- C:\ProgramData\Mozilla
2014-10-21 11:00:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wups2.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wucltux.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-21 10:59:29 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-21 10:49:56 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
2014-10-21 10:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Identities
2014-10-21 10:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\Adobe
2014-10-21 10:48:18 ----SHD---- C:\Recovery
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Šablony
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Plocha
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Oblíbené položky
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Nabídka Start
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Dokumenty
2014-10-21 10:48:18 ----SHD---- C:\ProgramData\Data aplikací
======List of files/folders modified in the last 1 month======
2014-11-08 12:02:18 ----D---- C:\Windows\system32\config
2014-11-08 12:02:03 ----D---- C:\Windows\Temp
2014-11-08 11:51:35 ----RD---- C:\Program Files
2014-11-08 00:26:52 ----SHD---- C:\System Volume Information
2014-11-08 00:26:52 ----D---- C:\Windows\Logs
2014-11-08 00:08:00 ----SHD---- C:\Windows\Installer
2014-11-08 00:06:53 ----D---- C:\Program Files\Common Files
2014-11-08 00:06:35 ----D---- C:\Windows\system32\drivers
2014-11-08 00:01:02 ----D---- C:\Windows\System32
2014-11-07 23:54:21 ----HD---- C:\ProgramData
2014-11-06 17:15:22 ----D---- C:\Windows\inf
2014-11-06 13:19:37 ----D---- C:\Windows
2014-11-06 11:56:25 ----SD---- C:\ProgramData\Microsoft
2014-11-06 11:17:54 ----D---- C:\Windows\system32\Tasks
2014-11-06 11:15:48 ----D---- C:\Windows\Panther
2014-11-06 11:15:46 ----D---- C:\Windows\debug
2014-11-05 22:10:04 ----D---- C:\Windows\Tasks
2014-11-04 13:05:37 ----D---- C:\Windows\Prefetch
2014-11-03 14:46:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-02 11:04:27 ----D---- C:\Windows\winsxs
2014-11-02 10:57:48 ----D---- C:\Windows\system32\catroot2
2014-11-02 10:57:48 ----D---- C:\Windows\system32\catroot
2014-11-02 09:38:43 ----D---- C:\Windows\rescache
2014-11-02 02:12:08 ----D---- C:\Program Files\Windows Sidebar
2014-11-02 02:12:07 ----D---- C:\Windows\servicing
2014-11-02 02:12:07 ----D---- C:\Windows\en-US
2014-11-02 02:12:07 ----D---- C:\Windows\ehome
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Photo Viewer
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Media Player
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Mail
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Journal
2014-11-02 02:12:07 ----D---- C:\Program Files\Windows Defender
2014-11-02 02:12:07 ----D---- C:\Program Files\Common Files\System
2014-11-02 02:12:06 ----D---- C:\Windows\system32\oobe
2014-11-02 02:12:06 ----D---- C:\Windows\system32\migwiz
2014-11-02 02:12:06 ----D---- C:\Windows\system32\en
2014-11-02 02:12:05 ----D---- C:\Windows\system32\sysprep
2014-11-02 02:12:05 ----D---- C:\Windows\system32\slmgr
2014-11-02 02:12:05 ----D---- C:\Windows\system32\sk-SK
2014-11-02 02:12:05 ----D---- C:\Windows\system32\Boot
2014-11-02 02:12:02 ----D---- C:\Windows\system32\en-US
2014-11-02 02:12:02 ----D---- C:\Windows\system32\drivers\en-US
2014-11-02 02:11:56 ----D---- C:\Windows\system32\WCN
2014-11-02 02:11:56 ----D---- C:\Windows\system32\DriverStore
2014-11-02 02:11:56 ----D---- C:\Windows\system32\Dism
2014-11-02 02:11:55 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2014-11-02 02:11:40 ----D---- C:\Windows\Speech
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-26 19:29:29 ----D---- C:\Windows\system32\wdi
2014-10-26 16:23:13 ----D---- C:\Windows\Microsoft.NET
2014-10-26 14:49:15 ----RSD---- C:\Windows\Fonts
2014-10-26 14:28:50 ----RSD---- C:\Windows\assembly
2014-10-25 21:01:49 ----D---- C:\Windows\system32\LogFiles
2014-10-25 20:56:43 ----D---- C:\Windows\system32\cs-CZ
2014-10-25 20:56:40 ----D---- C:\Windows\PolicyDefinitions
2014-10-25 20:56:40 ----D---- C:\Program Files\Internet Explorer
2014-10-25 19:46:05 ----D---- C:\Windows\system32\MRT
2014-10-24 20:20:51 ----D---- C:\Windows\LiveKernelReports
2014-10-21 11:06:26 ----D---- C:\ProgramData\Adobe
2014-10-21 11:05:39 ----D---- C:\Program Files\K-Lite Codec Pack
2014-10-21 11:01:57 ----A---- C:\Windows\system32\javaws.exe
2014-10-21 11:01:57 ----A---- C:\Windows\system32\javaw.exe
2014-10-21 11:01:57 ----A---- C:\Windows\system32\java.exe
2014-10-21 11:01:56 ----D---- C:\Program Files\Java
2014-10-21 10:59:45 ----D---- C:\Windows\SoftwareDistribution
2014-10-21 10:52:08 ----SHD---- C:\$Recycle.Bin
2014-10-21 10:49:56 ----RD---- C:\Users
2014-10-21 10:48:18 ----D---- C:\Program Files\Windows NT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2013-05-22 13680]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 11976]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6232.sys [2011-08-23 231640]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-12-17 45880]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 88832]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SWNC8U01;Sierra Wireless MUX NDIS Driver (UMTS01); C:\Windows\system32\DRIVERS\SWNC8U01.sys [2007-01-12 102144]
R3 SWUMX01;Sierra Wireless USB MUX Driver (UMTS01); C:\Windows\system32\DRIVERS\swumx01.sys [2007-01-12 70656]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 348016]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\smdmf\smdmfmgrc2.cfg []
S1 MpKsla8ec128e;MpKsla8ec128e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D8556EC1-A0AE-48E7-922C-A002C8761ADB}\MpKsla8ec128e.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-25 14848]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-25 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-06-25 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-25 26880]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-12-17 56664]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 116208]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-05-27 125488]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 ca82e1a5;Optimizer Pro Crash Monitor; c:\Program Files\Optimizer Pro\OptProCrash.dll,ENT []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-05-27 110128]
S2 SmdmFService;SmdmF Service; C:\Program Files\Settings Manager\smdmf\SmdmFService.exe []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288]
S3 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-25 1343400]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
No jsou tam nejaci broucci 
Odinstalujte veskere bezpesnostni programy (vidim tam stopy Terminatora, Spybota, AVG, Esetu, Lavasoftu, MSE, Nortona...) a nainstalujte treba Avast free.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Postupujte podle navodu kolegy
Postupujte podle navodu kolegy
Odinstalujte veskere bezpesnostni programy (vidim tam stopy Terminatora, Spybota, AVG, Esetu, Lavasoftu, MSE, Nortona...) a nainstalujte treba Avast free. Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
tady je ten log z JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 7 Home Premium x86
Ran by Lenovo on so 08.11.2014 at 12:56:49,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
Value Name Type Value Data
========================================================================================
Pokki REG_EXPAND_SZ C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Lenovo\appdata\locallow\datamngr"
~~~ FireFox
Successfully deleted the following from C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\yxfmxi49.default\prefs.js
user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
Emptied folder: C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\yxfmxi49.default\minidumps [5 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 08.11.2014 at 12:59:38,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 7 Home Premium x86
Ran by Lenovo on so 08.11.2014 at 12:56:49,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
Value Name Type Value Data
========================================================================================
Pokki REG_EXPAND_SZ C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Lenovo\appdata\locallow\datamngr"
~~~ FireFox
Successfully deleted the following from C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\yxfmxi49.default\prefs.js
user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
Emptied folder: C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\yxfmxi49.default\minidumps [5 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 08.11.2014 at 12:59:38,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
a tady je log z ADW cleaner
# AdwCleaner v4.100 - Report created 08/11/2014 at 13:25:39
# DB v2014-11-07.1
# Updated 08/11/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Lenovo - LENOVO-PC
# Running from : C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOEL19A1\adwcleaner_4.100.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : ca82e1a5
Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : SmdmFService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\smdmf
Folder Deleted : C:\Users\Lenovo\AppData\Local\globalUpdate
[!] Folder Deleted : C:\Users\Lenovo\AppData\Local\Pokki
Folder Deleted : C:\Users\Lenovo\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\Lenovo\Documents\Pokki
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : Optimizer Pro Schedule
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\SmdmF
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SmdmF
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.3 (x86 cs)
[yxfmxi49.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D110814-AA9F ... =CT3330947");
[yxfmxi49.default\prefs.js] - Line Deleted : user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
-\\ Google Chrome v38.0.2125.111
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [9517 octets] - [08/11/2014 13:24:06]
AdwCleaner[S0].txt - [9483 octets] - [08/11/2014 13:25:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9543 octets] ##########
# AdwCleaner v4.100 - Report created 08/11/2014 at 13:25:39
# DB v2014-11-07.1
# Updated 08/11/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Lenovo - LENOVO-PC
# Running from : C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOEL19A1\adwcleaner_4.100.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : ca82e1a5
Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : SmdmFService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\smdmf
Folder Deleted : C:\Users\Lenovo\AppData\Local\globalUpdate
[!] Folder Deleted : C:\Users\Lenovo\AppData\Local\Pokki
Folder Deleted : C:\Users\Lenovo\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\Lenovo\Documents\Pokki
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : Optimizer Pro Schedule
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\SmdmF
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SmdmF
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.3 (x86 cs)
[yxfmxi49.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D110814-AA9F ... =CT3330947");
[yxfmxi49.default\prefs.js] - Line Deleted : user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
-\\ Google Chrome v38.0.2125.111
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [9517 octets] - [08/11/2014 13:24:06]
AdwCleaner[S0].txt - [9483 octets] - [08/11/2014 13:25:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9543 octets] ##########
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
a tady je zoek
Zoek.exe v5.0.0.0 Updated 06-November-2014
Tool run by Lenovo on so 08.11.2014 at 12:51:34,64.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lenovo\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
8.11.2014 12:53:07 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
Zoek.exe v5.0.0.0 Updated 06-November-2014
Tool run by Lenovo on so 08.11.2014 at 12:51:34,64.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lenovo\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
8.11.2014 12:53:07 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
Spustte Zoek jeste jednou, ale tentokrat v nouzovem rezimu. Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
Tak jsem na Vaši radu nainstaloval avast a ten dnes po otevření firefoxu tu mrchu detekoval a zničil. 
Děkuji za vaši práci a všechen váš čas. Jestli bude nějaké setkání tak máte u mě flašku mojí oblíbené passport whisky.
P.S. Kdyby se ta mrcha vrátila tak budu postupovat podle Vašich pokynů.
Ještě jednou Vám děkuji a mějte se fajn
Děkuji za vaši práci a všechen váš čas. Jestli bude nějaké setkání tak máte u mě flašku mojí oblíbené passport whisky.
P.S. Kdyby se ta mrcha vrátila tak budu postupovat podle Vašich pokynů.
Ještě jednou Vám děkuji a mějte se fajn
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
To jsem rad, ze je to pryc, ale neni dobre ukoncit kontrolu pred dokoncenim, obvykle to pak byva rychle zpet
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Pavuk29
- VIP in memoriam
- Příspěvky: 6953
- Registrován: 31 říj 2003 08:26
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
Nechlastajte nam tu 
chodia sem aj deti.
chodia sem aj deti.------------------------------------------------------------------------------------------------------------------------------
PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA 
------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora,
pripadne s inymi uzivatelmi, 
kontaktujte ma na ICQ alebo mailom 
na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.
http://www.icq.com/people/267560078/
hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821
pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601
PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA ------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora,
pripadne s inymi uzivatelmi, kontaktujte ma na ICQ alebo mailom na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.http://www.icq.com/people/267560078/
hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821 pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601Re: Promiňte, že obtěžuju, ale můj noťas a já máme problém
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?