VIRY.CZ

Dobrý den!
Mám Windows 7 a zničeho nic se mi objevilo, že pokaždé, když zapnu počítač, otevře se "tento počítač". Hledala jsem na internetu, jak se toho zbavit, ale nic jsem nenašla

(respektivě v nabídce "po spuštění" nic takového není a v "msconfig" taky ne)
nevíte, jak se toho zbavit?
Děkuju

Zdravim, pekne odpoledne preji a vitam vas u nas na foru

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

RogueKiller V8.3.1 [Nov 26 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martina [Práva správce]
Mód : Kontrola -- Datum : 11/28/2012 16:46:03

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG MZMPC032HBCD-000 +++++
--- User ---
[MBR] 790cc4df23ed01b1ff878eaa227b802d
[BSP] 01548c770035a86b335d055aebe0b330 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 939198 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1923890608 | Size: 25000 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1975090608 | Size: 20001 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST1000LM024 HN-M101MBB +++++
Error reading User MBR!
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_S_11282012_02d1646.txt >>
RKreport[1]_S_11282012_02d1644.txt ; RKreport[2]_S_11282012_02d1646.txt

Spustte znovu RogueKiller

Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

RogueKiller V8.3.1 [Nov 26 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martina [Práva správce]
Mód : Odebrat -- Datum : 11/28/2012 20:27:12

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG MZMPC032HBCD-000 +++++
--- User ---
[MBR] f3925ba879ef807bad18ebb89850be2f
[BSP] faf50b481ef782c04ea33fbe04c34a97 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 939198 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1923890608 | Size: 25000 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1975090608 | Size: 20001 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST1000LM024 HN-M101MBB +++++
Error reading User MBR!
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_11282012_02d2027.txt >>
RKreport[1]_S_11282012_02d2026.txt ; RKreport[2]_D_11282012_02d2027.txt

RogueKiller V8.3.1 [Nov 26 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martina [Práva správce]
Mód : Oprava HOSTS -- Datum : 11/28/2012 20:27:56

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Resetovaný HOSTS: ¤¤¤

Dokončeno : << RKreport[3]_H_11282012_02d2027.txt >>
RKreport[1]_S_11282012_02d2026.txt ; RKreport[2]_D_11282012_02d2027.txt ; RKreport[3]_H_11282012_02d2027.txt

Jeste poprosim o RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martina at 2012-11-29 09:43:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 880 GB (94%) free of 939 GB
Total RAM: 8094 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:43:54, on 29.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\LockKey\LockKey.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Martina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121121210017.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3053652205-1556202757-2484899083-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3053652205-1556202757-2484899083-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: Fast boot service of lenovo (NSDSvc) - Unknown owner - C:\Windows\System32\NSDSvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16769 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 27220560
\??\C:\Windows\system32\conhost.exe "-1065260326-620167818286789159-1284822183685189585179050032888534491912592592
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Windows\system32\mfevtps.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\LockKey\LockKey.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\USB Camera2\VM332_STI.EXE"
"C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
"C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\system32\igfxtray.exe"
"C:\Windows\system32\hkcmd.exe"
"C:\Windows\system32\igfxpers.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 5716
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="6892.1.1358084184\1994429399" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6892.2.1699464145\1197829491" --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll" --lang=cs --channel="6892.3.1595828960\252279183" /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="6892.5.531731807\26174262" /prefetch:3
C:\Windows\servicing\TrustedInstaller.exe
"c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6892.6.433164840\1392186106" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Users\Martina\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\AutoKMSDaily.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Wise Care 365.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121121210017.dll [2012-05-25 94720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll [2012-08-21 750064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-11-13 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-06-21 322344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121121210017.dll [2012-05-25 79776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2012-08-21 433648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-11-13 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-06-21 261568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-06-21 322344]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-11-13 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-06-21 261568]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-11-13 192144]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-12-16 2866960]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2011-12-16 410896]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-12-27 12343400]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-08-21 789856]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-08-21 8079408]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-08-21 6202416]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-10 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-10 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-10 441888]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"LockKey"=C:\Program Files (x86)\LockKey\LockKey.exe [2011-08-26 337776]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-30 284440]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [2011-07-26 554832]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2012-03-21 1675160]
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2012-01-26 4351712]
"Intelligent Touchpad"=C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [2011-12-08 291272]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-27 222504]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-08-21 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-10 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-29 09:43:39 ----D---- C:\Program Files\trend micro
2012-11-29 09:43:38 ----D---- C:\rsit
2012-11-25 12:40:44 ----SHD---- C:\Config.Msi
2012-11-25 12:12:43 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2012-11-25 01:02:11 ----D---- C:\Users\Martina\AppData\Roaming\NVIDIA
2012-11-25 00:51:45 ----D---- C:\Program Files (x86)\Adobe
2012-11-25 00:51:02 ----D---- C:\Windows\SYSWOW64\Macromed
2012-11-24 23:58:07 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-11-24 23:57:19 ----D---- C:\Program Files\Adobe
2012-11-24 23:55:55 ----D---- C:\Program Files\Common Files\Adobe
2012-11-24 20:42:37 ----D---- C:\Users\Martina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-11-24 20:42:36 ----D---- C:\ProgramData\Adobe
2012-11-18 17:53:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-18 17:53:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-18 17:53:42 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\wksprtPS.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\wksprt.exe
2012-11-18 17:53:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2012-11-18 17:53:41 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\tsgqec.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\rdpudd.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\rdpendp_winip.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2012-11-18 17:53:41 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-11-18 17:53:41 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-11-18 17:53:41 ----A---- C:\Windows\system32\aaclient.dll
2012-11-18 17:53:40 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-11-18 17:53:40 ----A---- C:\Windows\system32\rdpcorets.dll
2012-11-18 17:53:40 ----A---- C:\Windows\system32\mstscax.dll
2012-11-18 17:53:40 ----A---- C:\Windows\system32\mstsc.exe
2012-11-18 17:50:24 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-18 17:50:23 ----A---- C:\Windows\system32\url.dll
2012-11-18 17:50:23 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-18 17:50:23 ----A---- C:\Windows\system32\ieui.dll
2012-11-18 17:50:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-18 17:50:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-18 17:50:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\wininet.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\urlmon.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\jscript9.dll
2012-11-18 17:50:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-18 17:50:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-18 17:50:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-18 17:50:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-18 17:50:21 ----A---- C:\Windows\system32\vbscript.dll
2012-11-18 17:50:21 ----A---- C:\Windows\system32\jscript.dll
2012-11-18 17:50:21 ----A---- C:\Windows\system32\iertutil.dll
2012-11-18 17:50:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-18 17:50:19 ----A---- C:\Windows\system32\mshtml.dll
2012-11-18 17:50:19 ----A---- C:\Windows\system32\ieframe.dll
2012-11-18 17:50:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-18 17:47:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-11-18 17:47:31 ----A---- C:\Windows\system32\schannel.dll
2012-11-18 17:47:30 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-11-18 17:47:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-11-18 17:47:30 ----A---- C:\Windows\system32\ncrypt.dll
2012-11-18 17:47:30 ----A---- C:\Windows\system32\lsasrv.dll
2012-11-18 17:47:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-11-18 17:47:30 ----A---- C:\Windows\system32\drivers\cng.sys
2012-11-18 17:47:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-11-18 17:47:24 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-11-18 17:47:24 ----A---- C:\Windows\system32\qdvd.dll
2012-11-18 12:12:55 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-18 12:12:55 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-18 12:12:55 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-18 12:12:51 ----A---- C:\Windows\system32\browserchoice.exe
2012-11-18 12:12:36 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-18 12:12:36 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-18 12:12:36 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-18 12:12:36 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-18 12:12:35 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-18 12:12:35 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-18 12:12:35 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-18 10:29:12 ----D---- C:\Users\Martina\AppData\Roaming\Nitro PDF
2012-11-18 10:29:12 ----D---- C:\Users\Martina\AppData\Roaming\FileOpen
2012-11-18 10:29:12 ----D---- C:\ProgramData\FileOpen
2012-11-18 10:03:51 ----D---- C:\ProgramData\CyberLink
2012-11-18 10:03:41 ----D---- C:\Users\Martina\AppData\Roaming\CyberLink
2012-11-18 09:50:55 ----D---- C:\Windows\SYSWOW64\Wat
2012-11-18 09:50:55 ----D---- C:\Windows\system32\Wat
2012-11-18 09:49:44 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 18:01:17 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-15 18:01:16 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-15 18:01:16 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-15 18:01:16 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-15 18:01:10 ----A---- C:\Windows\system32\win32k.sys
2012-11-15 18:01:08 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-15 18:01:08 ----A---- C:\Windows\system32\ncsi.dll
2012-11-15 18:01:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-15 18:01:08 ----A---- C:\Windows\system32\drivers\netio.sys
2012-11-15 18:01:07 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-15 18:01:07 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-15 18:01:07 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-15 18:01:07 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-15 18:01:07 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-15 18:01:06 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-15 18:01:06 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-15 18:01:06 ----A---- C:\Windows\system32\netevent.dll
2012-11-15 18:01:06 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-15 18:00:54 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-11-15 18:00:52 ----A---- C:\Windows\system32\cdosys.dll
2012-11-15 18:00:47 ----A---- C:\Windows\system32\win32spl.dll
2012-11-15 18:00:46 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-11-15 18:00:46 ----A---- C:\Windows\system32\spoolsv.exe
2012-11-15 18:00:46 ----A---- C:\Windows\splwow64.exe
2012-11-15 18:00:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-11-15 18:00:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-11-15 18:00:42 ----A---- C:\Windows\system32\cryptsvc.dll
2012-11-15 18:00:42 ----A---- C:\Windows\system32\cryptnet.dll
2012-11-15 18:00:42 ----A---- C:\Windows\system32\crypt32.dll
2012-11-15 18:00:41 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-11-15 17:56:16 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-15 17:56:16 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 17:56:12 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-11-15 17:55:57 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-11-15 17:55:57 ----A---- C:\Windows\system32\poqexec.exe
2012-11-15 17:55:56 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-11-15 17:55:56 ----A---- C:\Windows\system32\msxml6.dll
2012-11-15 17:55:55 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-11-15 17:55:55 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-11-15 17:55:55 ----A---- C:\Windows\system32\msxml3r.dll
2012-11-15 17:55:55 ----A---- C:\Windows\system32\msxml3.dll
2012-11-15 17:55:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-11-15 17:55:52 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-11-15 17:55:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-11-15 17:55:50 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-11-15 17:55:50 ----A---- C:\Windows\system32\XpsPrint.dll
2012-11-15 17:55:49 ----A---- C:\Windows\system32\shell32.dll
2012-11-15 17:55:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-11-15 17:55:41 ----A---- C:\Windows\system32\winsrv.dll
2012-11-15 17:55:41 ----A---- C:\Windows\system32\KernelBase.dll
2012-11-15 17:55:41 ----A---- C:\Windows\system32\kernel32.dll
2012-11-15 17:55:40 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-11-15 17:55:40 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-11-15 17:55:40 ----A---- C:\Windows\system32\conhost.exe
2012-11-15 17:55:39 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-11-15 17:55:39 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-11-15 17:55:39 ----A---- C:\Windows\system32\wow64.dll
2012-11-15 17:55:39 ----A---- C:\Windows\system32\ntvdm64.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-15 17:55:38 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-11-15 17:55:38 ----A---- C:\Windows\system32\wow64win.dll
2012-11-15 17:55:38 ----A---- C:\Windows\system32\wow64cpu.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-15 17:55:37 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-11-15 17:55:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-15 17:55:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-15 17:55:31 ----A---- C:\Windows\SYSWOW64\user.exe
2012-11-15 17:55:08 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-11-15 17:55:08 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-11-15 17:55:06 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-11-15 17:55:06 ----A---- C:\Windows\system32\d3d10level9.dll
2012-11-15 17:55:04 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-11-15 17:55:04 ----A---- C:\Windows\system32\rdpwsx.dll
2012-11-15 17:55:04 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-11-15 17:55:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-11-15 17:54:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-11-15 17:54:52 ----A---- C:\Windows\system32\profsvc.dll
2012-11-15 17:54:51 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-11-15 17:54:51 ----A---- C:\Windows\system32\wintrust.dll
2012-11-15 17:54:39 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-11-15 17:54:39 ----A---- C:\Windows\system32\tzres.dll
2012-11-15 17:54:20 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-11-15 17:53:47 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-11-15 17:53:46 ----A---- C:\Windows\system32\kerberos.dll
2012-11-15 17:53:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-11-15 17:53:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-11-15 17:53:44 ----A---- C:\Windows\system32\msi.dll
2012-11-15 17:53:42 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-11-15 17:53:28 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-11-15 17:53:28 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-11-15 17:53:28 ----A---- C:\Windows\system32\netapi32.dll
2012-11-15 17:53:28 ----A---- C:\Windows\system32\browser.dll
2012-11-15 17:53:28 ----A---- C:\Windows\system32\browcli.dll
2012-11-15 17:53:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-11-15 17:53:26 ----A---- C:\Windows\system32\srcore.dll
2012-11-15 10:51:11 ----A---- C:\Windows\system32\localspl.dll
2012-11-15 10:51:10 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-11-14 21:44:05 ----D---- C:\Users\Martina\AppData\Roaming\Skype
2012-11-14 21:43:56 ----RD---- C:\Program Files (x86)\Skype
2012-11-14 21:43:45 ----D---- C:\ProgramData\Skype
2012-11-14 13:05:50 ----D---- C:\Users\Martina\AppData\Roaming\WinRAR
2012-11-14 13:05:18 ----D---- C:\Program Files\WinRAR
2012-11-14 11:44:49 ----D---- C:\Program Files\Common Files\DESIGNER
2012-11-14 11:44:28 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-11-14 11:44:16 ----D---- C:\Windows\PCHEALTH
2012-11-14 11:44:16 ----D---- C:\Program Files\Microsoft Sync Framework
2012-11-14 11:44:16 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-11-14 11:41:50 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-11-14 11:41:27 ----D---- C:\Program Files\Microsoft Analysis Services
2012-11-14 11:41:27 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-11-14 11:41:25 ----D---- C:\Program Files (x86)\Microsoft Office
2012-11-14 11:41:24 ----D---- C:\Program Files\Microsoft Office
2012-11-14 11:41:12 ----RHD---- C:\MSOCache
2012-11-14 08:00:41 ----N---- C:\bootsqm.dat
2012-11-13 22:09:37 ----A---- C:\Windows\AutoKMS.ini
2012-11-13 17:34:55 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-11-13 17:34:55 ----A---- C:\Windows\SYSWOW64\x3daudio1_2.dll
2012-11-13 17:34:55 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-11-13 17:34:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-11-13 17:34:55 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-11-13 17:34:55 ----A---- C:\Windows\system32\x3daudio1_2.dll
2012-11-13 17:34:55 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-11-13 17:34:55 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-11-13 17:34:54 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-11-13 17:34:54 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-11-13 17:34:54 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-11-13 17:34:54 ----A---- C:\Windows\system32\xinput1_3.dll
2012-11-13 17:34:54 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-11-13 17:34:54 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-11-13 17:34:53 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-11-13 17:34:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-11-13 17:34:53 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-11-13 17:34:53 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-11-13 17:34:52 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-11-13 17:34:52 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-11-13 17:34:52 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-11-13 17:34:52 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-11-13 17:34:52 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-11-13 17:34:52 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-11-13 17:34:51 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-11-13 17:34:51 ----A---- C:\Windows\system32\d3dx10.dll
2012-11-13 17:34:50 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-11-13 17:34:50 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-11-13 17:34:50 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-11-13 17:34:50 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-11-13 17:34:50 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-11-13 17:34:50 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-11-13 17:34:50 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-11-13 17:34:50 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-11-13 17:34:49 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-11-13 17:34:49 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-11-13 17:34:49 ----A---- C:\Windows\system32\xinput1_2.dll
2012-11-13 17:34:49 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-11-13 17:34:48 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-11-13 17:34:48 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-11-13 17:34:48 ----A---- C:\Windows\system32\xinput1_1.dll
2012-11-13 17:34:48 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-11-13 17:34:43 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-11-13 17:34:43 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-11-13 17:34:43 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-11-13 17:34:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-11-13 17:34:43 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-11-13 17:34:43 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-11-13 17:34:42 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-11-13 17:34:42 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-11-13 17:34:42 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-11-13 17:34:42 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-11-13 17:34:41 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-11-13 17:34:41 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-11-13 17:34:41 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-11-13 17:34:41 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-11-13 17:34:41 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-11-13 17:34:41 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-11-13 17:34:40 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-11-13 17:34:40 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-11-13 17:33:06 ----A---- C:\Windows\game.ini
2012-11-13 17:16:39 ----D---- C:\COD 4
2012-11-13 16:35:35 ----D---- C:\ProgramData\Microsoft Help
2012-11-13 16:14:36 ----D---- C:\Users\Martina\AppData\Roaming\Macromedia
2012-11-13 16:14:36 ----D---- C:\Users\Martina\AppData\Roaming\Adobe
2012-11-13 16:11:43 ----A---- C:\Windows\system32\wups2.dll
2012-11-13 16:11:43 ----A---- C:\Windows\system32\wucltux.dll
2012-11-13 16:11:43 ----A---- C:\Windows\system32\wuaueng.dll
2012-11-13 16:11:43 ----A---- C:\Windows\system32\wuauclt.exe
2012-11-13 16:11:26 ----A---- C:\Windows\system32\wups.dll
2012-11-13 16:11:26 ----A---- C:\Windows\system32\wudriver.dll
2012-11-13 16:11:26 ----A---- C:\Windows\system32\wuapi.dll
2012-11-13 16:11:25 ----A---- C:\Windows\system32\wuwebv.dll
2012-11-13 16:11:25 ----A---- C:\Windows\system32\wuapp.exe
2012-11-13 16:06:11 ----D---- C:\Users\Martina\AppData\Roaming\Intel Corporation
2012-11-13 16:06:10 ----D---- C:\Users\Martina\AppData\Roaming\Leadertech
2012-11-13 16:05:56 ----D---- C:\Users\Martina\AppData\Roaming\Identities
2012-11-13 16:05:51 ----D---- C:\Program Files (x86)\Amazon
2012-11-13 16:05:42 ----A---- C:\Windows\firstboot.dat
2012-11-13 16:05:31 ----SD---- C:\Users\Martina\AppData\Roaming\Microsoft
2012-11-13 16:05:31 ----D---- C:\Users\Martina\AppData\Roaming\Media Center Programs
2012-11-13 16:05:31 ----D---- C:\Users\Martina\AppData\Roaming\Intel
2012-11-13 16:05:07 ----SHD---- C:\Recovery

======List of files/folders modified in the last 1 month======

2012-11-29 09:43:46 ----D---- C:\Windows\Temp
2012-11-29 09:43:39 ----RD---- C:\Program Files
2012-11-29 09:40:49 ----D---- C:\Windows\inf
2012-11-29 09:40:49 ----AD---- C:\Windows\System32
2012-11-29 09:40:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-29 09:39:25 ----D---- C:\Windows\system32\config
2012-11-29 09:38:30 ----A---- C:\Windows\SYSWOW64\log.txt
2012-11-29 09:36:46 ----D---- C:\ProgramData\VeriFace
2012-11-29 09:36:43 ----D---- C:\Windows\system32\Tasks
2012-11-28 22:23:26 ----RD---- C:\Program Files (x86)
2012-11-28 20:43:23 ----D---- C:\Windows\system32\catroot2
2012-11-28 20:43:22 ----D---- C:\Windows\winsxs
2012-11-28 20:43:21 ----D---- C:\Windows\AppPatch
2012-11-28 20:43:19 ----SHD---- C:\System Volume Information
2012-11-28 16:38:52 ----D---- C:\Windows\system32\catroot
2012-11-27 14:50:22 ----D---- C:\Windows\Tasks
2012-11-25 12:41:00 ----SHD---- C:\Windows\Installer
2012-11-25 12:40:59 ----D---- C:\Program Files (x86)\Common Files
2012-11-25 12:40:57 ----D---- C:\Program Files\Common Files
2012-11-25 12:25:48 ----D---- C:\Windows\system32\DriverStore
2012-11-25 12:24:16 ----D---- C:\Windows\SysWOW64
2012-11-25 12:24:01 ----RSD---- C:\Windows\Fonts
2012-11-24 23:58:07 ----HD---- C:\ProgramData
2012-11-24 20:03:15 ----D---- C:\Windows\system32\NDF
2012-11-23 23:05:24 ----D---- C:\Windows\Prefetch
2012-11-23 23:04:25 ----D---- C:\Windows\system32\wdi
2012-11-22 21:16:30 ----D---- C:\Windows\Microsoft.NET
2012-11-22 21:16:28 ----RSD---- C:\Windows\assembly
2012-11-21 21:00:16 ----D---- C:\Windows\system32\drivers
2012-11-19 15:09:20 ----D---- C:\Program Files\Common Files\System
2012-11-19 15:09:20 ----A---- C:\Windows\win.ini
2012-11-18 18:13:09 ----D---- C:\Windows\SYSWOW64\en-US
2012-11-18 18:13:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-11-18 18:13:09 ----D---- C:\Windows\system32\en-US
2012-11-18 18:13:09 ----D---- C:\Windows\system32\cs-CZ
2012-11-18 18:11:08 ----D---- C:\Windows\SYSWOW64\migration
2012-11-18 18:11:08 ----D---- C:\Windows\system32\migration
2012-11-18 18:10:37 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-11-18 18:10:37 ----D---- C:\Windows\system32\sk-SK
2012-11-18 18:03:12 ----AD---- C:\Windows
2012-11-18 17:57:43 ----D---- C:\Windows\SYSWOW64\NV
2012-11-18 17:57:43 ----D---- C:\Windows\system32\NV
2012-11-18 17:57:43 ----D---- C:\ProgramData\NVIDIA
2012-11-18 17:57:04 ----D---- C:\Windows\SYSWOW64\wbem
2012-11-18 17:57:04 ----D---- C:\Windows\system32\drivers\en-US
2012-11-18 17:57:04 ----D---- C:\Windows\PolicyDefinitions
2012-11-18 17:57:03 ----D---- C:\Windows\system32\wbem
2012-11-18 17:57:02 ----D---- C:\Program Files\Internet Explorer
2012-11-18 17:57:02 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-18 17:51:46 ----D---- C:\Program Files\NVIDIA Corporation
2012-11-18 17:50:15 ----D---- C:\Program Files (x86)\Intel
2012-11-18 17:50:14 ----D---- C:\Intel
2012-11-18 17:28:30 ----D---- C:\Program Files\Windows Journal
2012-11-18 12:13:21 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-18 09:57:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-11-18 09:49:49 ----D---- C:\Windows\debug
2012-11-15 10:47:38 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-11-14 11:44:50 ----D---- C:\Windows\ShellNew
2012-11-14 11:44:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-14 11:44:22 ----D---- C:\Program Files (x86)\MSBuild
2012-11-14 11:44:16 ----SD---- C:\ProgramData\Microsoft
2012-11-14 11:44:16 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-11-14 07:03:26 ----D---- C:\Windows\rescache
2012-11-13 17:33:01 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-13 16:33:53 ----D---- C:\ProgramData\McAfee
2012-11-13 16:30:40 ----D---- C:\Windows\system32\LogFiles
2012-11-13 16:15:19 ----D---- C:\Windows\system32\CodeIntegrity
2012-11-13 16:11:11 ----D---- C:\Windows\system32\restore
2012-11-13 16:10:46 ----D---- C:\Windows\SoftwareDistribution
2012-11-13 16:05:55 ----SHD---- C:\$Recycle.Bin
2012-11-13 16:05:52 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-13 16:05:52 ----D---- C:\Windows\Panther
2012-11-13 16:05:51 ----D---- C:\Windows\Logs
2012-11-13 16:05:31 ----AD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 HybridDisk;HybridDisk; C:\Windows\System32\DRIVERS\HybridDiskX64.sys [2010-03-03 38496]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2012-08-21 39008]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2012-02-22 647208]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
R0 NSD;NSD; C:\Windows\system32\drivers\nsd.sys [2011-12-24 24160]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 hybridcfile;hybridcfile; C:\Windows\system32\DRIVERS\HybridCFileX64.sys [2010-03-03 13920]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
R1 Nsdfltr;Nsdfltr; C:\Windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2012-08-21 30816]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-10 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2012-02-02 211496]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2012-02-22 65264]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 hswpan;WPAN Driver; C:\Windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-03 4730344]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2012-02-22 160792]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2012-02-22 229528]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-12-16 411920]
R3 vm2uvcflt;Vimicro USB Camera Filter 2; C:\Windows\System32\Drivers\vm2uvcflt.sys [2011-08-06 14288]
R3 vm332avs;Lenovo Camera2; C:\Windows\System32\Drivers\vm332avs.sys [2011-09-28 249040]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-01-27 34200]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-28 277784]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2012-05-25 199304]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-05-25 210616]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2012-05-25 162224]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2012-06-21 69640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 136176]
S2 NSDSvc;Fast boot service of lenovo; C:\Windows\System32\NSDSvc.exe [2011-12-24 120160]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-13 194032]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2012-08-23 502064]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2012-08-21 332272]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-18 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 12-12-01.01 - Martina 01.12.2012 13:31:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8094.5666 [GMT 1:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Public\AlexaNSISPlugin.3612.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-01 do 2012-12-01 )))))))))))))))))))))))))))))))
.
.
2012-12-01 12:35 . 2012-12-01 12:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-01 12:35 . 2012-12-01 12:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-29 08:43 . 2012-11-29 08:43 -------- d-----w- c:\program files\trend micro
2012-11-29 08:43 . 2012-11-29 08:43 -------- d-----w- C:\rsit
2012-11-25 11:12 . 2012-11-25 11:12 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-11-25 11:12 . 2012-11-25 11:12 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-11-24 23:51 . 2012-11-24 23:51 -------- d-----w- c:\windows\SysWow64\Macromed
2012-11-24 22:58 . 2012-11-25 11:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-11-24 22:57 . 2012-11-24 23:52 -------- d-----w- c:\program files\Adobe
2012-11-24 22:55 . 2012-11-24 23:52 -------- d-----w- c:\program files\Common Files\Adobe
2012-11-24 22:55 . 2012-11-25 11:25 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-11-18 16:50 . 2012-10-08 11:13 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-18 16:47 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-18 16:47 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-18 16:47 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-18 16:47 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-18 16:47 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-18 16:47 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-18 16:47 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-18 16:47 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-18 16:47 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-18 16:47 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-11-18 16:47 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-11-18 09:29 . 2012-11-18 09:29 -------- d-----w- c:\programdata\FileOpen
2012-11-18 09:03 . 2012-11-18 09:03 -------- d-----w- c:\programdata\CyberLink
2012-11-18 08:51 . 2012-11-18 08:51 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-11-18 08:50 . 2012-11-18 08:50 -------- d-----w- c:\windows\SysWow64\Wat
2012-11-18 08:50 . 2012-11-18 08:50 -------- d-----w- c:\windows\system32\Wat
2012-11-18 08:49 . 2012-10-29 20:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-15 17:00 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-11-15 16:56 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 16:56 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-15 16:56 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-11-15 16:56 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-11-15 16:56 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2012-11-15 16:54 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-11-15 16:54 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-11-15 16:54 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-11-15 16:54 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-11-15 16:54 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-15 16:54 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-15 16:54 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-11-15 09:51 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-11-15 09:51 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-11-14 20:43 . 2012-11-14 20:43 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-14 20:43 . 2012-11-14 20:43 -------- d-----r- c:\program files (x86)\Skype
2012-11-14 20:43 . 2012-11-14 20:44 -------- d-----w- c:\programdata\Skype
2012-11-14 12:05 . 2012-11-14 12:14 -------- d-----w- c:\program files\WinRAR
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\program files\Common Files\DESIGNER
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\windows\PCHEALTH
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-11-14 10:41 . 2012-11-14 10:41 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-11-14 10:41 . 2012-11-14 10:41 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-11-14 10:41 . 2012-11-14 10:41 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-11-14 10:41 . 2012-11-14 10:44 -------- d-----w- c:\program files\Microsoft Office
2012-11-14 10:41 . 2012-11-14 10:41 -------- d-----r- C:\MSOCache
2012-11-13 16:16 . 2012-11-13 16:39 -------- d-----w- C:\COD 4
2012-11-13 15:35 . 2012-11-19 14:10 -------- d-----w- c:\programdata\Microsoft Help
2012-11-13 15:11 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-11-13 15:11 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-11-13 15:11 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-11-13 15:11 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-11-13 15:11 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-11-13 15:11 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-11-13 15:11 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-11-13 15:11 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-11-13 15:11 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-11-13 15:05 . 2012-11-13 15:05 -------- d-----w- c:\program files (x86)\Amazon
2012-11-13 15:05 . 2012-11-13 15:06 -------- d-----w- c:\users\Martina
2012-11-13 15:05 . 2012-11-13 15:05 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-13 17:05 . 2010-06-24 18:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-16 08:38 . 2012-11-28 15:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 15:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 15:39 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-10 01:22 . 2012-10-10 01:22 21818368 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 01:22 . 2012-10-10 01:22 27438080 ----a-w- c:\windows\system32\igdfcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-10 01:22 . 2012-10-10 01:22 27664896 ----a-w- c:\windows\system32\igdrcl64.dll
2012-10-10 01:22 . 2012-07-09 00:56 12836864 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-10 01:22 . 2012-07-09 00:56 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-10 01:22 . 2012-10-10 01:22 598780 ----a-w- c:\windows\system32\igvpkrng700.bin
2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-10-10 01:22 . 2012-07-09 00:56 12604416 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 56832 ----a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll
2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-10 01:22 . 2012-10-10 01:22 3582976 ----a-w- c:\windows\system32\igdbcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-10-10 01:22 . 2012-07-09 00:56 56832 ----a-w- c:\windows\system32\OpenCL.dll
2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-10 01:22 . 2012-10-10 01:22 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-10-10 01:22 . 2012-10-10 01:22 195584 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 01:22 . 2012-07-09 00:56 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-10 01:22 . 2012-07-09 00:56 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-10 01:22 . 2012-10-10 01:22 2899968 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-10 01:22 . 2012-10-10 01:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 56320 ----a-w- c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-10 01:22 . 2012-10-10 01:22 27643904 ----a-w- c:\windows\SysWow64\igdrcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-10 01:22 . 2012-07-09 00:56 56320 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-10-10 01:22 . 2012-10-10 01:22 8579584 ----a-w- c:\windows\SysWow64\ig7icd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-10 01:22 . 2012-10-10 01:22 11595776 ----a-w- c:\windows\system32\ig7icd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-10 01:22 . 2012-07-09 00:56 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-10 01:22 . 2012-10-10 01:22 755048 ----a-w- c:\windows\system32\igcodeckrng700.bin
2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-08 10:42 . 2012-10-08 10:42 313704 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-08 10:42 . 2012-08-21 20:43 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-10-08 10:42 . 2012-10-08 10:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-08 10:42 . 2012-10-08 10:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2012-08-21 21:09 433648 ----a-w- c:\programdata\Partner\Partner.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-26 337776]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2011-07-26 554832]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-08-21 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2012-09-23 3477640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-2-2 1380128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2012-08-21 332272]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-18 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys [2010-03-03 38496]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-08-21 39008]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-24 24160]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys [2010-03-03 13920]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-05-25 210616]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-05-25 162224]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-06-21 69640]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-08-21 30816]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
S3 hswpan;WPAN Driver;c:\windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys [2011-08-06 14288]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys [2011-09-28 249040]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mfeavfk01
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 21:09]
.
2012-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 21:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2012-08-21 21:09 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-08-21 21:09 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-21 789856]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-21 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-21 6202416]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/sma ... nts/2003\0]
"Key"="http://schemas.microsoft.com/office/smartdocuments/2003"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/sma ... A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-12-01 13:36:37
ComboFix-quarantined-files.txt 2012-12-01 12:36
.
Před spuštěním: Volných bajtů: 922 798 313 472
Po spuštění: Volných bajtů: 930 863 890 432
.
- - End Of File - - F746BBE309C8A5F780323997A3155E67

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=-
"UpdatePRCShortCut"=-
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"Adobe ARM"=-
"Acrobat Assistant 8.0"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
"AdobeAAMUpdater-1.0"=-

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

DDS::
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=KMOH

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Řekla bych, že to asi poznáte z toho logu, každopádně kdyby ne a něčemu by to mohlo pomoct, tak jen dodávám, že počítač se při tom restartoval a potom se objevila hláška "Pokus použít neplatnou peraci na klíč registu, který je označen pro odstranění" (jak jste předtím psal), tak jsem restartovala počítač, okno "tento počítač" se samozřejmě otevřelo...

tady je ten log:

ComboFix 12-12-01.01 - Martina 01.12.2012 23:42:52.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8094.5975 [GMT 1:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martina\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-01 do 2012-12-01 )))))))))))))))))))))))))))))))
.
.
2012-12-01 22:45 . 2012-12-01 22:46 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-01 22:45 . 2012-12-01 22:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-29 08:43 . 2012-11-29 08:43 -------- d-----w- c:\program files\trend micro
2012-11-29 08:43 . 2012-11-29 08:43 -------- d-----w- C:\rsit
2012-11-25 11:12 . 2012-11-25 11:12 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2012-11-25 11:12 . 2012-11-25 11:12 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-11-24 23:51 . 2012-11-24 23:51 -------- d-----w- c:\windows\SysWow64\Macromed
2012-11-24 22:58 . 2012-11-25 11:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-11-24 22:57 . 2012-11-24 23:52 -------- d-----w- c:\program files\Adobe
2012-11-24 22:55 . 2012-11-24 23:52 -------- d-----w- c:\program files\Common Files\Adobe
2012-11-24 22:55 . 2012-11-25 11:25 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-11-18 16:50 . 2012-10-08 11:13 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-18 16:47 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-18 16:47 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-18 16:47 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-18 16:47 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-18 16:47 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-18 16:47 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-18 16:47 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-18 16:47 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-18 16:47 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-18 16:47 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-11-18 16:47 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-11-18 09:29 . 2012-11-18 09:29 -------- d-----w- c:\programdata\FileOpen
2012-11-18 09:03 . 2012-11-18 09:03 -------- d-----w- c:\programdata\CyberLink
2012-11-18 08:51 . 2012-11-18 08:51 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-11-18 08:50 . 2012-11-18 08:50 -------- d-----w- c:\windows\SysWow64\Wat
2012-11-18 08:50 . 2012-11-18 08:50 -------- d-----w- c:\windows\system32\Wat
2012-11-18 08:49 . 2012-10-29 20:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-15 17:00 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-11-15 16:56 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 16:56 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-15 16:56 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-11-15 16:56 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-11-15 16:56 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2012-11-15 16:54 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-11-15 16:54 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-11-15 16:54 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-11-15 16:54 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-11-15 16:54 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-15 16:54 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-15 16:54 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-11-15 09:51 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-11-15 09:51 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-11-14 20:43 . 2012-11-14 20:43 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-14 20:43 . 2012-11-14 20:43 -------- d-----r- c:\program files (x86)\Skype
2012-11-14 20:43 . 2012-11-14 20:44 -------- d-----w- c:\programdata\Skype
2012-11-14 12:05 . 2012-11-14 12:14 -------- d-----w- c:\program files\WinRAR
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\program files\Common Files\DESIGNER
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\windows\PCHEALTH
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-11-14 10:44 . 2012-11-14 10:44 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-11-14 10:41 . 2012-11-14 10:41 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-11-14 10:41 . 2012-11-14 10:41 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-11-14 10:41 . 2012-11-14 10:41 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-11-14 10:41 . 2012-11-14 10:44 -------- d-----w- c:\program files\Microsoft Office
2012-11-14 10:41 . 2012-11-14 10:41 -------- d-----r- C:\MSOCache
2012-11-13 16:16 . 2012-11-13 16:39 -------- d-----w- C:\COD 4
2012-11-13 15:35 . 2012-11-19 14:10 -------- d-----w- c:\programdata\Microsoft Help
2012-11-13 15:11 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-11-13 15:11 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-11-13 15:11 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-11-13 15:11 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-11-13 15:11 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-11-13 15:11 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-11-13 15:11 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-11-13 15:11 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-11-13 15:11 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-11-13 15:05 . 2012-11-13 15:05 -------- d-----w- c:\program files (x86)\Amazon
2012-11-13 15:05 . 2012-11-13 15:06 -------- d-----w- c:\users\Martina
2012-11-13 15:05 . 2012-11-13 15:05 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-13 17:05 . 2010-06-24 18:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-16 08:38 . 2012-11-28 15:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 15:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 15:39 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-10 01:22 . 2012-10-10 01:22 21818368 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 01:22 . 2012-10-10 01:22 27438080 ----a-w- c:\windows\system32\igdfcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-10 01:22 . 2012-10-10 01:22 27664896 ----a-w- c:\windows\system32\igdrcl64.dll
2012-10-10 01:22 . 2012-07-09 00:56 12836864 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-10 01:22 . 2012-07-09 00:56 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-10 01:22 . 2012-10-10 01:22 598780 ----a-w- c:\windows\system32\igvpkrng700.bin
2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-10-10 01:22 . 2012-07-09 00:56 12604416 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 56832 ----a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll
2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-10 01:22 . 2012-10-10 01:22 3582976 ----a-w- c:\windows\system32\igdbcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-10-10 01:22 . 2012-07-09 00:56 56832 ----a-w- c:\windows\system32\OpenCL.dll
2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-10 01:22 . 2012-10-10 01:22 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-10-10 01:22 . 2012-10-10 01:22 195584 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 01:22 . 2012-07-09 00:56 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-10 01:22 . 2012-07-09 00:56 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-10 01:22 . 2012-10-10 01:22 2899968 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-10 01:22 . 2012-10-10 01:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 56320 ----a-w- c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-10 01:22 . 2012-10-10 01:22 27643904 ----a-w- c:\windows\SysWow64\igdrcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-10 01:22 . 2012-07-09 00:56 56320 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-10-10 01:22 . 2012-10-10 01:22 8579584 ----a-w- c:\windows\SysWow64\ig7icd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-10 01:22 . 2012-10-10 01:22 11595776 ----a-w- c:\windows\system32\ig7icd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-10 01:22 . 2012-07-09 00:56 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-10 01:22 . 2012-10-10 01:22 755048 ----a-w- c:\windows\system32\igcodeckrng700.bin
2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-08 10:42 . 2012-10-08 10:42 313704 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-08 10:42 . 2012-08-21 20:43 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-10-08 10:42 . 2012-10-08 10:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-08 10:42 . 2012-10-08 10:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2012-08-21 21:09 433648 ----a-w- c:\programdata\Partner\Partner.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-26 337776]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2011-07-26 554832]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-08-21 329056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2012-08-21 332272]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-18 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys [2010-03-03 38496]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-08-21 39008]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-24 24160]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys [2010-03-03 13920]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
S2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-05-25 210616]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-05-25 162224]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE [2012-06-21 69640]
S2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-08-21 30816]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
S3 hswpan;WPAN Driver;c:\windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys [2011-08-06 14288]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys [2011-09-28 249040]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2012-08-21 21:09 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-08-21 21:09 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-21 789856]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-21 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-21 6202416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-12-01 23:47:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-01 22:47
ComboFix2.txt 2012-12-01 12:36
.
Před spuštěním: Volných bajtů: 930 237 812 736
Po spuštění: Volných bajtů: 930 145 181 696
.
- - End Of File - - A47E4971CDEF24CF8F397316F0890857

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Dejte novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martina at 2012-12-03 16:07:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 897 GB (96%) free of 939 GB
Total RAM: 8094 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:44, on 3.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\LockKey\LockKey.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Martina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121121210017.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKUS\S-1-5-21-3053652205-1556202757-2484899083-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3053652205-1556202757-2484899083-1000\..\Run: [Power2GoExpress] NA (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3053652205-1556202757-2484899083-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: Fast boot service of lenovo (NSDSvc) - Unknown owner - C:\Windows\System32\NSDSvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 15527 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 31069840
\??\C:\Windows\system32\conhost.exe "-1307142669-580561351595378400-304259712-675364460-9606151-1486688064530489324
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Windows\system32\mfevtps.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"taskhost.exe"
taskeng.exe {A70D5502-86EF-4AA8-A99C-BF01061D54FB}
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\LockKey\LockKey.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\USB Camera2\VM332_STI.EXE"
"C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
"C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\system32\igfxtray.exe"
"C:\Windows\system32\hkcmd.exe"
"C:\Windows\system32\igfxpers.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4372
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7148.1.395204957\1201607627" --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="7148.2.611240067\428054318" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll" --lang=cs --channel="7148.3.566698840\1516437695" /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="7148.4.162700584\939275751" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="7148.5.1328818384\1077315094" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="7148.6.557028125\866322194" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7148.7.771567580\1058571549" --lang=cs --ignored=" --type=renderer " /prefetch:13
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Martina\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121121210017.dll [2012-05-25 94720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll [2012-08-21 750064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-11-13 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-06-21 322344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121121210017.dll [2012-05-25 79776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner.dll [2012-08-21 433648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-11-13 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-06-21 261568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-06-21 322344]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-11-13 253584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-06-21 261568]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-11-13 192144]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-12-16 2866960]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2011-12-16 410896]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-12-27 12343400]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-08-21 789856]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-08-21 8079408]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-08-21 6202416]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-10 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-10 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-10 441888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"LockKey"=C:\Program Files (x86)\LockKey\LockKey.exe [2011-08-26 337776]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-30 284440]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [2011-07-26 554832]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2012-03-21 1675160]
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2012-01-26 4351712]
"Intelligent Touchpad"=C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [2011-12-08 291272]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-08-21 329056]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-10 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-12-03 16:07:35 ----D---- C:\rsit
2012-12-03 16:00:46 ----D---- C:\Program Files (x86)\CCleaner
2012-12-03 15:49:49 ----SHD---- C:\$RECYCLE.BIN
2012-12-01 23:47:50 ----D---- C:\Windows\temp
2012-12-01 13:30:42 ----D---- C:\Windows\erdnt
2012-11-29 09:43:39 ----D---- C:\Program Files\trend micro
2012-11-25 12:40:44 ----D---- C:\Config.Msi
2012-11-25 12:12:43 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2012-11-25 01:02:11 ----D---- C:\Users\Martina\AppData\Roaming\NVIDIA
2012-11-25 00:51:45 ----D---- C:\Program Files (x86)\Adobe
2012-11-25 00:51:02 ----D---- C:\Windows\SYSWOW64\Macromed
2012-11-24 23:58:07 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-11-24 23:57:19 ----D---- C:\Program Files\Adobe
2012-11-24 23:55:55 ----D---- C:\Program Files\Common Files\Adobe
2012-11-24 20:42:37 ----D---- C:\Users\Martina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-11-24 20:42:36 ----D---- C:\ProgramData\Adobe
2012-11-18 17:53:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-18 17:53:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-18 17:53:42 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2012-11-18 17:53:41 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\wksprtPS.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\wksprt.exe
2012-11-18 17:53:41 ----A---- C:\Windows\system32\TSWbPrxy.exe
2012-11-18 17:53:41 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\tsgqec.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\rdpudd.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\rdpendp_winip.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2012-11-18 17:53:41 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2012-11-18 17:53:41 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-11-18 17:53:41 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-11-18 17:53:41 ----A---- C:\Windows\system32\aaclient.dll
2012-11-18 17:53:40 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-11-18 17:53:40 ----A---- C:\Windows\system32\rdpcorets.dll
2012-11-18 17:53:40 ----A---- C:\Windows\system32\mstscax.dll
2012-11-18 17:53:40 ----A---- C:\Windows\system32\mstsc.exe
2012-11-18 17:50:24 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-18 17:50:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-18 17:50:23 ----A---- C:\Windows\system32\url.dll
2012-11-18 17:50:23 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-18 17:50:23 ----A---- C:\Windows\system32\ieui.dll
2012-11-18 17:50:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-18 17:50:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-18 17:50:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\wininet.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\urlmon.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-18 17:50:22 ----A---- C:\Windows\system32\jscript9.dll
2012-11-18 17:50:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-18 17:50:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-18 17:50:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-18 17:50:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-18 17:50:21 ----A---- C:\Windows\system32\vbscript.dll
2012-11-18 17:50:21 ----A---- C:\Windows\system32\jscript.dll
2012-11-18 17:50:21 ----A---- C:\Windows\system32\iertutil.dll
2012-11-18 17:50:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-18 17:50:19 ----A---- C:\Windows\system32\mshtml.dll
2012-11-18 17:50:19 ----A---- C:\Windows\system32\ieframe.dll
2012-11-18 17:50:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-18 17:47:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-11-18 17:47:31 ----A---- C:\Windows\system32\schannel.dll
2012-11-18 17:47:30 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-11-18 17:47:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-11-18 17:47:30 ----A---- C:\Windows\system32\ncrypt.dll
2012-11-18 17:47:30 ----A---- C:\Windows\system32\lsasrv.dll
2012-11-18 17:47:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-11-18 17:47:30 ----A---- C:\Windows\system32\drivers\cng.sys
2012-11-18 17:47:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-11-18 17:47:24 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-11-18 17:47:24 ----A---- C:\Windows\system32\qdvd.dll
2012-11-18 12:12:55 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-18 12:12:55 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-18 12:12:55 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-18 12:12:51 ----A---- C:\Windows\system32\browserchoice.exe
2012-11-18 12:12:36 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-18 12:12:36 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-18 12:12:36 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-18 12:12:36 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-18 12:12:35 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-18 12:12:35 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-18 12:12:35 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-18 10:29:12 ----D---- C:\Users\Martina\AppData\Roaming\Nitro PDF
2012-11-18 10:29:12 ----D---- C:\Users\Martina\AppData\Roaming\FileOpen
2012-11-18 10:29:12 ----D---- C:\ProgramData\FileOpen
2012-11-18 10:03:51 ----D---- C:\ProgramData\CyberLink
2012-11-18 10:03:41 ----D---- C:\Users\Martina\AppData\Roaming\CyberLink
2012-11-18 09:50:55 ----D---- C:\Windows\SYSWOW64\Wat
2012-11-18 09:50:55 ----D---- C:\Windows\system32\Wat
2012-11-18 09:49:44 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 18:01:17 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-15 18:01:16 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-15 18:01:16 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-15 18:01:16 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-15 18:01:10 ----A---- C:\Windows\system32\win32k.sys
2012-11-15 18:01:08 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-15 18:01:08 ----A---- C:\Windows\system32\ncsi.dll
2012-11-15 18:01:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-15 18:01:08 ----A---- C:\Windows\system32\drivers\netio.sys
2012-11-15 18:01:07 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-15 18:01:07 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-15 18:01:07 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-15 18:01:07 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-15 18:01:07 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-15 18:01:06 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-15 18:01:06 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-15 18:01:06 ----A---- C:\Windows\system32\netevent.dll
2012-11-15 18:01:06 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-15 18:00:54 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-11-15 18:00:52 ----A---- C:\Windows\system32\cdosys.dll
2012-11-15 18:00:47 ----A---- C:\Windows\system32\win32spl.dll
2012-11-15 18:00:46 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-11-15 18:00:46 ----A---- C:\Windows\system32\spoolsv.exe
2012-11-15 18:00:46 ----A---- C:\Windows\splwow64.exe
2012-11-15 18:00:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-11-15 18:00:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-11-15 18:00:42 ----A---- C:\Windows\system32\cryptsvc.dll
2012-11-15 18:00:42 ----A---- C:\Windows\system32\cryptnet.dll
2012-11-15 18:00:42 ----A---- C:\Windows\system32\crypt32.dll
2012-11-15 18:00:41 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-11-15 17:56:16 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-15 17:56:16 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 17:56:12 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-11-15 17:55:57 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-11-15 17:55:57 ----A---- C:\Windows\system32\poqexec.exe
2012-11-15 17:55:56 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-11-15 17:55:56 ----A---- C:\Windows\system32\msxml6.dll
2012-11-15 17:55:55 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-11-15 17:55:55 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-11-15 17:55:55 ----A---- C:\Windows\system32\msxml3r.dll
2012-11-15 17:55:55 ----A---- C:\Windows\system32\msxml3.dll
2012-11-15 17:55:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-11-15 17:55:52 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-11-15 17:55:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-11-15 17:55:50 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-11-15 17:55:50 ----A---- C:\Windows\system32\XpsPrint.dll
2012-11-15 17:55:49 ----A---- C:\Windows\system32\shell32.dll
2012-11-15 17:55:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-11-15 17:55:41 ----A---- C:\Windows\system32\winsrv.dll
2012-11-15 17:55:41 ----A---- C:\Windows\system32\KernelBase.dll
2012-11-15 17:55:41 ----A---- C:\Windows\system32\kernel32.dll
2012-11-15 17:55:40 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-11-15 17:55:40 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-11-15 17:55:40 ----A---- C:\Windows\system32\conhost.exe
2012-11-15 17:55:39 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-11-15 17:55:39 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-11-15 17:55:39 ----A---- C:\Windows\system32\wow64.dll
2012-11-15 17:55:39 ----A---- C:\Windows\system32\ntvdm64.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-15 17:55:38 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-15 17:55:38 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-11-15 17:55:38 ----A---- C:\Windows\system32\wow64win.dll
2012-11-15 17:55:38 ----A---- C:\Windows\system32\wow64cpu.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-15 17:55:37 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-15 17:55:37 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-11-15 17:55:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-15 17:55:36 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-15 17:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-15 17:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-15 17:55:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-11-15 17:55:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-15 17:55:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-15 17:55:31 ----A---- C:\Windows\SYSWOW64\user.exe
2012-11-15 17:55:08 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-11-15 17:55:08 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-11-15 17:55:06 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-11-15 17:55:06 ----A---- C:\Windows\system32\d3d10level9.dll
2012-11-15 17:55:04 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-11-15 17:55:04 ----A---- C:\Windows\system32\rdpwsx.dll
2012-11-15 17:55:04 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-11-15 17:55:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-11-15 17:54:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-11-15 17:54:52 ----A---- C:\Windows\system32\profsvc.dll
2012-11-15 17:54:51 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-11-15 17:54:51 ----A---- C:\Windows\system32\wintrust.dll
2012-11-15 17:54:39 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-11-15 17:54:39 ----A---- C:\Windows\system32\tzres.dll
2012-11-15 17:54:20 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-11-15 17:53:47 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-11-15 17:53:46 ----A---- C:\Windows\system32\kerberos.dll
2012-11-15 17:53:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-11-15 17:53:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-11-15 17:53:44 ----A---- C:\Windows\system32\msi.dll
2012-11-15 17:53:42 ----A---- C:\Windows\system32\drivers\bthport.sys
2012-11-15 17:53:28 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-11-15 17:53:28 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-11-15 17:53:28 ----A---- C:\Windows\system32\netapi32.dll
2012-11-15 17:53:28 ----A---- C:\Windows\system32\browser.dll
2012-11-15 17:53:28 ----A---- C:\Windows\system32\browcli.dll
2012-11-15 17:53:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-11-15 17:53:26 ----A---- C:\Windows\system32\srcore.dll
2012-11-15 10:51:11 ----A---- C:\Windows\system32\localspl.dll
2012-11-15 10:51:10 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-11-14 21:44:05 ----D---- C:\Users\Martina\AppData\Roaming\Skype
2012-11-14 21:43:56 ----RD---- C:\Program Files (x86)\Skype
2012-11-14 21:43:45 ----D---- C:\ProgramData\Skype
2012-11-14 13:05:50 ----D---- C:\Users\Martina\AppData\Roaming\WinRAR
2012-11-14 13:05:18 ----D---- C:\Program Files\WinRAR
2012-11-14 11:44:49 ----D---- C:\Program Files\Common Files\DESIGNER
2012-11-14 11:44:28 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-11-14 11:44:16 ----D---- C:\Windows\PCHEALTH
2012-11-14 11:44:16 ----D---- C:\Program Files\Microsoft Sync Framework
2012-11-14 11:44:16 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-11-14 11:41:50 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-11-14 11:41:27 ----D---- C:\Program Files\Microsoft Analysis Services
2012-11-14 11:41:27 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-11-14 11:41:25 ----D---- C:\Program Files (x86)\Microsoft Office
2012-11-14 11:41:24 ----D---- C:\Program Files\Microsoft Office
2012-11-14 11:41:12 ----RD---- C:\MSOCache
2012-11-14 08:00:41 ----N---- C:\bootsqm.dat
2012-11-13 22:09:37 ----A---- C:\Windows\AutoKMS.ini
2012-11-13 17:34:55 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-11-13 17:34:55 ----A---- C:\Windows\SYSWOW64\x3daudio1_2.dll
2012-11-13 17:34:55 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-11-13 17:34:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-11-13 17:34:55 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-11-13 17:34:55 ----A---- C:\Windows\system32\x3daudio1_2.dll
2012-11-13 17:34:55 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-11-13 17:34:55 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-11-13 17:34:54 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-11-13 17:34:54 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-11-13 17:34:54 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-11-13 17:34:54 ----A---- C:\Windows\system32\xinput1_3.dll
2012-11-13 17:34:54 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-11-13 17:34:54 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-11-13 17:34:53 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-11-13 17:34:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-11-13 17:34:53 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-11-13 17:34:53 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-11-13 17:34:52 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-11-13 17:34:52 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-11-13 17:34:52 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-11-13 17:34:52 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-11-13 17:34:52 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-11-13 17:34:52 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-11-13 17:34:51 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-11-13 17:34:51 ----A---- C:\Windows\system32\d3dx10.dll
2012-11-13 17:34:50 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-11-13 17:34:50 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-11-13 17:34:50 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-11-13 17:34:50 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2012-11-13 17:34:50 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-11-13 17:34:50 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-11-13 17:34:50 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-11-13 17:34:50 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-11-13 17:34:49 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-11-13 17:34:49 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-11-13 17:34:49 ----A---- C:\Windows\system32\xinput1_2.dll
2012-11-13 17:34:49 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-11-13 17:34:48 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-11-13 17:34:48 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-11-13 17:34:48 ----A---- C:\Windows\system32\xinput1_1.dll
2012-11-13 17:34:48 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-11-13 17:34:43 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-11-13 17:34:43 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-11-13 17:34:43 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-11-13 17:34:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-11-13 17:34:43 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-11-13 17:34:43 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-11-13 17:34:42 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-11-13 17:34:42 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-11-13 17:34:42 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-11-13 17:34:42 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-11-13 17:34:41 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-11-13 17:34:41 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-11-13 17:34:41 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-11-13 17:34:41 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-11-13 17:34:41 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-11-13 17:34:41 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-11-13 17:34:40 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-11-13 17:34:40 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-11-13 17:33:06 ----A---- C:\Windows\game.ini
2012-11-13 17:16:39 ----D---- C:\COD 4
2012-11-13 16:35:35 ----D---- C:\ProgramData\Microsoft Help
2012-11-13 16:14:36 ----D---- C:\Users\Martina\AppData\Roaming\Macromedia
2012-11-13 16:14:36 ----D---- C:\Users\Martina\AppData\Roaming\Adobe
2012-11-13 16:11:43 ----A---- C:\Windows\system32\wups2.dll
2012-11-13 16:11:43 ----A---- C:\Windows\system32\wucltux.dll
2012-11-13 16:11:43 ----A---- C:\Windows\system32\wuaueng.dll
2012-11-13 16:11:43 ----A---- C:\Windows\system32\wuauclt.exe
2012-11-13 16:11:26 ----A---- C:\Windows\system32\wups.dll
2012-11-13 16:11:26 ----A---- C:\Windows\system32\wudriver.dll
2012-11-13 16:11:26 ----A---- C:\Windows\system32\wuapi.dll
2012-11-13 16:11:25 ----A---- C:\Windows\system32\wuwebv.dll
2012-11-13 16:11:25 ----A---- C:\Windows\system32\wuapp.exe
2012-11-13 16:06:11 ----D---- C:\Users\Martina\AppData\Roaming\Intel Corporation
2012-11-13 16:06:10 ----D---- C:\Users\Martina\AppData\Roaming\Leadertech
2012-11-13 16:05:56 ----D---- C:\Users\Martina\AppData\Roaming\Identities
2012-11-13 16:05:51 ----D---- C:\Program Files (x86)\Amazon
2012-11-13 16:05:42 ----A---- C:\Windows\firstboot.dat
2012-11-13 16:05:31 ----SD---- C:\Users\Martina\AppData\Roaming\Microsoft
2012-11-13 16:05:31 ----D---- C:\Users\Martina\AppData\Roaming\Media Center Programs
2012-11-13 16:05:31 ----D---- C:\Users\Martina\AppData\Roaming\Intel
2012-11-13 16:05:07 ----D---- C:\Recovery

======List of files/folders modified in the last 1 month======

2012-12-03 16:02:09 ----D---- C:\Windows\debug
2012-12-03 16:02:09 ----AD---- C:\Windows
2012-12-03 16:00:50 ----D---- C:\Windows\inf
2012-12-03 16:00:50 ----AD---- C:\Windows\System32
2012-12-03 16:00:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-03 16:00:46 ----RD---- C:\Program Files (x86)
2012-12-03 15:59:02 ----D---- C:\Windows\system32\config
2012-12-03 15:58:07 ----A---- C:\Windows\SYSWOW64\log.txt
2012-12-03 15:56:23 ----D---- C:\ProgramData\VeriFace
2012-12-03 15:56:21 ----D---- C:\Windows\system32\Tasks
2012-12-03 15:45:20 ----SHD---- C:\System Volume Information
2012-12-03 15:43:51 ----D---- C:\Windows\system32\drivers
2012-12-01 23:46:30 ----A---- C:\Windows\system.ini
2012-12-01 23:46:29 ----D---- C:\Windows\system32\drivers\etc
2012-12-01 23:45:42 ----D---- C:\Windows\Tasks
2012-12-01 23:44:17 ----D---- C:\Windows\SYSWOW64\drivers
2012-12-01 23:44:17 ----D---- C:\Windows\SysWOW64
2012-12-01 23:44:17 ----D---- C:\Windows\AppPatch
2012-12-01 23:44:16 ----D---- C:\Program Files (x86)\Common Files
2012-12-01 13:34:52 ----D---- C:\ProgramData
2012-11-29 09:43:39 ----RD---- C:\Program Files
2012-11-28 20:43:23 ----D---- C:\Windows\system32\catroot2
2012-11-28 20:43:22 ----D---- C:\Windows\winsxs
2012-11-28 16:38:52 ----D---- C:\Windows\system32\catroot
2012-11-25 12:41:00 ----SHD---- C:\Windows\Installer
2012-11-25 12:40:57 ----D---- C:\Program Files\Common Files
2012-11-25 12:25:48 ----D---- C:\Windows\system32\DriverStore
2012-11-25 12:24:01 ----RSD---- C:\Windows\Fonts
2012-11-24 20:03:15 ----D---- C:\Windows\system32\NDF
2012-11-23 23:05:24 ----D---- C:\Windows\Prefetch
2012-11-23 23:04:25 ----D---- C:\Windows\system32\wdi
2012-11-22 21:16:30 ----D---- C:\Windows\Microsoft.NET
2012-11-22 21:16:28 ----RSD---- C:\Windows\assembly
2012-11-19 15:09:20 ----D---- C:\Program Files\Common Files\System
2012-11-19 15:09:20 ----A---- C:\Windows\win.ini
2012-11-18 18:13:09 ----D---- C:\Windows\SYSWOW64\en-US
2012-11-18 18:13:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-11-18 18:13:09 ----D---- C:\Windows\system32\en-US
2012-11-18 18:13:09 ----D---- C:\Windows\system32\cs-CZ
2012-11-18 18:11:08 ----D---- C:\Windows\SYSWOW64\migration
2012-11-18 18:11:08 ----D---- C:\Windows\system32\migration
2012-11-18 18:10:37 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-11-18 18:10:37 ----D---- C:\Windows\system32\sk-SK
2012-11-18 17:57:43 ----D---- C:\Windows\SYSWOW64\NV
2012-11-18 17:57:43 ----D---- C:\Windows\system32\NV
2012-11-18 17:57:43 ----D---- C:\ProgramData\NVIDIA
2012-11-18 17:57:04 ----D---- C:\Windows\SYSWOW64\wbem
2012-11-18 17:57:04 ----D---- C:\Windows\system32\drivers\en-US
2012-11-18 17:57:04 ----D---- C:\Windows\PolicyDefinitions
2012-11-18 17:57:03 ----D---- C:\Windows\system32\wbem
2012-11-18 17:57:02 ----D---- C:\Program Files\Internet Explorer
2012-11-18 17:57:02 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-18 17:51:46 ----D---- C:\Program Files\NVIDIA Corporation
2012-11-18 17:50:15 ----D---- C:\Program Files (x86)\Intel
2012-11-18 17:50:14 ----D---- C:\Intel
2012-11-18 17:28:30 ----D---- C:\Program Files\Windows Journal
2012-11-18 12:13:21 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-18 09:57:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-11-15 10:47:38 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-11-14 11:44:50 ----D---- C:\Windows\ShellNew
2012-11-14 11:44:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-14 11:44:22 ----D---- C:\Program Files (x86)\MSBuild
2012-11-14 11:44:16 ----SD---- C:\ProgramData\Microsoft
2012-11-14 11:44:16 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-11-14 07:03:26 ----D---- C:\Windows\rescache
2012-11-13 17:33:01 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-13 16:33:53 ----D---- C:\ProgramData\McAfee
2012-11-13 16:30:40 ----D---- C:\Windows\system32\LogFiles
2012-11-13 16:15:19 ----D---- C:\Windows\system32\CodeIntegrity
2012-11-13 16:11:11 ----D---- C:\Windows\system32\restore
2012-11-13 16:10:46 ----D---- C:\Windows\SoftwareDistribution
2012-11-13 16:05:52 ----D---- C:\Windows\Panther
2012-11-13 16:05:51 ----D---- C:\Windows\Logs
2012-11-13 16:05:31 ----AD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 HybridDisk;HybridDisk; C:\Windows\System32\DRIVERS\HybridDiskX64.sys [2010-03-03 38496]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2012-08-21 39008]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2012-02-22 647208]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
R0 NSD;NSD; C:\Windows\system32\drivers\nsd.sys [2011-12-24 24160]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 hybridcfile;hybridcfile; C:\Windows\system32\DRIVERS\HybridCFileX64.sys [2010-03-03 13920]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
R1 Nsdfltr;Nsdfltr; C:\Windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2012-08-21 30816]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-10 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2012-02-02 211496]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2012-02-22 65264]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 hswpan;WPAN Driver; C:\Windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-03 4730344]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2012-02-22 160792]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2012-02-22 229528]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-12-16 411920]
R3 vm2uvcflt;Vimicro USB Camera Filter 2; C:\Windows\System32\Drivers\vm2uvcflt.sys [2011-08-06 14288]
R3 vm332avs;Lenovo Camera2; C:\Windows\System32\Drivers\vm332avs.sys [2011-09-28 249040]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-01-27 34200]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-28 277784]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2012-05-25 199304]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-05-25 210616]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2012-05-25 162224]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2012-06-21 69640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 136176]
S2 NSDSvc;Fast boot service of lenovo; C:\Windows\System32\NSDSvc.exe [2011-12-24 120160]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-21 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-13 194032]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2012-08-23 502064]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [2012-08-21 332272]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-18 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-

Soubor ulozte jako oprava.reg
Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
Zavrit notepad a spustit dvojklikem oprava.reg
Pripadny dotaz na zmenu registru potvrdte
Okno jen problikne a opravi regsitry - soubor muzete smazat

Restart PC a napiste jak na tom je

VIRY.CZ

Po spuštění se otevře "tento počítač"

Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"

Re: Po spuštění se otevře "tento počítač"