VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by Andrejka a Tomáš at 2013-02-02 15:38:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 169 GB (76%) free of 223 GB
Total RAM: 5886 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:38:44, on 2.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\trend micro\Andrejka a Tomáš.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7216 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 5122480
\??\C:\Windows\system32\conhost.exe "-1131600657163561669-1124222983-85373029-1074007448-369466954-1294494893-1093325315
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2296
"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Andrejka a Tomáš
"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000668
\??\C:\Windows\system32\conhost.exe "1245547646-684912734768780217205250478020622132741496971253-1052726111966856461
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe"
"C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3597021740-638433563-444320614-10019_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3597021740-638433563-444320614-10019 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\Andrejka a Tomáš\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-09 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-15 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-12-21 1521952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-15 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Avira SearchFree Toolbar plus Web Protection - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-12-21 1521952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\"C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-12-21 1574176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-08-20 487562]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Andrejka a Tomáš\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-19 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-09 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launcher]
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2011-08-01 165184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet]
C:\Program Files\Dell\QuickSet\QuickSet.exe [2010-02-26 3177120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-23 10775072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-07 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-15 2095400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-11-09 296096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Andrejka a Tomáš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk]
C:\PROGRA~2\BINARY~1\HDDLIF~1\HDDLIF~1.EXE [2012-12-11 4392784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Andrejka a Tomáš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk]
C:\PROGRA~1\KOOPER~1\KoopPxBN\KOOPPD~1.EXE [2012-08-15 10300416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-07-18 348664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe"="C:\Users\Andrejka a Tomáš\6438640620394286720310355\winsvc.exe:*:Enabled:Microsoft Windows Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2013-02-02 15:38:40 ----D---- C:\rsit
2013-02-02 11:09:42 ----D---- C:\Program Files (x86)\Ask.com
2013-01-31 22:58:03 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\BinarySense
2013-01-31 22:57:58 ----D---- C:\ProgramData\Licenses
2013-01-31 22:57:57 ----AD---- C:\ProgramData\TEMP
2013-01-31 22:57:53 ----D---- C:\Program Files (x86)\BinarySense
2013-01-31 20:45:36 ----SHD---- C:\$RECYCLE.BIN
2013-01-30 22:44:22 ----D---- C:\Windows\temp
2013-01-30 22:31:38 ----D---- C:\Windows\erdnt
2013-01-30 21:17:48 ----A---- C:\AdwCleaner[S1].txt
2013-01-30 21:17:35 ----A---- C:\AdwCleaner[R3].txt
2013-01-30 21:16:59 ----A---- C:\AdwCleaner[R2].txt
2013-01-30 21:00:25 ----A---- C:\AdwCleaner[R1].txt
2013-01-30 17:41:17 ----D---- C:\Program Files\trend micro
2013-01-29 18:31:53 ----D---- C:\ProgramData\Local Settings
2013-01-23 21:45:24 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\Reallusion
2013-01-15 17:48:28 ----A---- C:\Windows\system32\mshtml.dll
2013-01-15 17:48:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-01-10 08:29:42 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-10 08:29:42 ----A---- C:\Windows\system32\win32spl.dll
2013-01-10 08:29:32 ----A---- C:\Windows\system32\msxml6.dll
2013-01-10 08:29:31 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-10 08:29:31 ----A---- C:\Windows\system32\msxml3.dll
2013-01-10 08:29:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-10 08:29:23 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-10 08:29:23 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-10 08:29:23 ----A---- C:\Windows\system32\Wpc.dll
2013-01-10 08:29:23 ----A---- C:\Windows\system32\gameux.dll
2013-01-10 08:29:13 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-10 08:29:13 ----A---- C:\Windows\system32\usp10.dll
2013-01-10 08:29:12 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-10 08:29:12 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-10 08:28:48 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-10 08:28:47 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-10 08:28:46 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-10 08:28:46 ----A---- C:\Windows\system32\wow64win.dll
2013-01-10 08:28:46 ----A---- C:\Windows\system32\kernel32.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:28:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:28:45 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-10 08:28:45 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\wow64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\winsrv.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-10 08:28:45 ----A---- C:\Windows\system32\conhost.exe
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:28:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:28:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-10 08:28:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-10 08:28:43 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-10 08:28:28 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 08:28:27 ----A---- C:\Windows\system32\win32k.sys
2013-01-05 18:30:48 ----A---- C:\Windows\binkw32.dll
2013-01-05 17:44:59 ----D---- C:\Program Files\Infogrames Interactive
2013-01-05 17:32:57 ----D---- C:\Program Files (x86)\Firaxis

======List of files/folders modified in the last 1 months======

2013-02-02 14:32:37 ----SHD---- C:\System Volume Information
2013-02-02 13:46:46 ----D---- C:\Windows\System32
2013-02-02 13:46:46 ----D---- C:\Windows\inf
2013-02-02 13:46:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-02 13:46:06 ----D---- C:\Windows
2013-02-02 11:33:58 ----D---- C:\Windows\system32\config
2013-02-02 11:16:56 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2013-02-02 11:13:18 ----D---- C:\Windows\pss
2013-02-02 11:10:19 ----D---- C:\Windows\system32\catroot
2013-02-02 11:09:55 ----D---- C:\ProgramData\Avira
2013-02-02 11:09:50 ----SHD---- C:\Windows\Installer
2013-02-02 11:09:48 ----D---- C:\Windows\system32\Tasks
2013-02-02 11:09:42 ----RD---- C:\Program Files (x86)
2013-02-02 11:07:46 ----D---- C:\Windows\SoftwareDistribution
2013-02-02 11:00:57 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\Skype
2013-01-31 22:57:58 ----D---- C:\ProgramData
2013-01-31 22:57:53 ----D---- C:\Program Files (x86)\Common Files
2013-01-31 20:44:45 ----D---- C:\Windows\system32\drivers
2013-01-31 17:13:37 ----D---- C:\Windows\SysWOW64
2013-01-30 22:43:05 ----D---- C:\Windows\Tasks
2013-01-30 22:41:23 ----A---- C:\Windows\system.ini
2013-01-30 22:41:17 ----D---- C:\Windows\system32\drivers\etc
2013-01-30 22:37:46 ----D---- C:\Windows\SYSWOW64\drivers
2013-01-30 22:37:46 ----D---- C:\Windows\AppPatch
2013-01-30 21:17:57 ----D---- C:\Users\Andrejka a Tomáš\AppData\Roaming\SoftGrid Client
2013-01-30 17:41:17 ----RD---- C:\Program Files
2013-01-30 17:32:48 ----D---- C:\Windows\debug
2013-01-29 18:34:31 ----SHD---- C:\Users\Andrejka a Tomáš\AppData\Roaming\159ACF
2013-01-29 17:42:05 ----D---- C:\Windows\Prefetch
2013-01-23 21:45:24 ----D---- C:\ProgramData\Creative
2013-01-19 19:19:18 ----D---- C:\Windows\winsxs
2013-01-19 12:50:22 ----D---- C:\Windows\rescache
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe
2013-01-15 19:53:26 ----D---- C:\Windows\Microsoft.NET
2013-01-15 19:52:49 ----RSD---- C:\Windows\assembly
2013-01-15 17:44:36 ----D---- C:\Windows\system32\catroot2
2013-01-14 22:11:42 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-01-14 22:11:41 ----D---- C:\Windows\system32\cs-CZ
2013-01-12 09:45:37 ----A---- C:\Windows\system32\MRT.exe
2013-01-05 18:34:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-07-18 132832]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-07-18 98848]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-06 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-06 195584]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-08 123408]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-03-23 3060800]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-23 2356000]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-15 319536]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-04 34872]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ALSysIO;ALSysIO; \??\C:\Users\ANDREJ~1\AppData\Local\Temp\ALSysIO64.sys []
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2010-08-02 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2010-08-02 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2010-08-02 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2010-08-02 33792]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-04-29 340520]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-04-29 102440]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-04-29 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-04-29 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-04-29 21544]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 QWARQNet;Qwarq Virtual Miniport; C:\Windows\system32\DRIVERS\QWARQNet.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\Windows\system32\DRIVERS\vwmfbus.sys [2009-11-11 127488]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfdiag.sys [2009-11-11 128512]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\Windows\system32\DRIVERS\vwmfmdfl.sys [2009-11-11 18944]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\Windows\system32\DRIVERS\vwmfmdm.sys [2009-11-11 161280]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfserd.sys [2009-11-11 128512]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-06 202752]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-07-18 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-07-18 465360]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-04-29 944928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [2012-12-11 1840976]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-10 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Search a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Vzdyt jste tu byl pred dvema dny se stejnym pc Prevence je sice potreba, ale nemusi to byt kazdy druhy den Je s tim pc nejaky novy problem?

Mám pomalejší internet. Když pustím bluetooth adaptér tak se v procesech spouští pořád proces bluetooth. (každých 5s se spustí nový) Měl jsem to napsat, omlouvám se. Platí ten adwcleaner nebo jiný postup? Log byl čistý?

Vypozoroval jsem, že ten proces se spouští když si pustím skype. Jakmile ho pustím každých pět minut se objeví nový. Jakmile skype vypnu přestane to. Snažím se příjít na to jak sem dát sreen.

edit: už jsem na to přišel.

Postup samozrejme plati. Nerekl jsem, ze je log cisty. Jen jsem z vas chtel dostat nejake info. Kdyz je to v preventivkach bez udani problemu, nepatra se tak dukladne, jako kdyz se s pc neco deje. Takhle kdyz vim ze je problem, vyzadam si treba i dalsi logy, protoze RSIT neukaze vse.

No vyšel jsem z toho, že mi vlastně ten počítač normálně funguje tak jsem vlezl jsem abych nezdržoval ve vlákně, kde mají lidi opravdu problém, který jim znemožnuje na pc cokoliv udělat. Já jsem v klidu a nespěchám, prostě nepouští skype a bluetooth zároveň a internet má pořád 20mbit místo 30ti takže jsem nechtěl bejt rozmazlenej, ale příště to určitě napíšu rovnou.

log:
# AdwCleaner v2.109 - Logfile created 02/03/2013 at 10:18:09
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Andrejka a Tomáš - TOMAS
# Boot Mode : Normal
# Running from : C:\Users\Andrejka a Tomáš\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\searchplugins\Askcom.xml
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Users\ANDREJ~1\AppData\Local\Temp\AskSearch
Folder Found : C:\Users\Andrejka a Tomáš\AppData\Local\APN
Folder Found : C:\Users\Andrejka a Tomáš\AppData\Local\Babylon
Folder Found : C:\Users\Andrejka a Tomáš\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\extensions\toolbar@ask.com
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\prefs.js

Found : user_pref("browser.search.selectedEngine", "Ask.com");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "Ask.com");
Found : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10401&loc[...]
Found : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12568 octets] - [30/01/2013 21:00:25]
AdwCleaner[R2].txt - [12629 octets] - [30/01/2013 21:16:59]
AdwCleaner[R3].txt - [12690 octets] - [30/01/2013 21:17:35]
AdwCleaner[R4].txt - [4653 octets] - [03/02/2013 10:18:09]
AdwCleaner[S1].txt - [12956 octets] - [30/01/2013 21:17:48]

########## EOF - C:\AdwCleaner[R4].txt - [4774 octets] ##########

OK

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Delete
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.

zde:
antivir zahlásil, že je vypnutá nějaká webová ochrana a že mám zpět naistalovat nějaký toolbar, který zmizel. Když se podívám, tak píše že web protection je aktivní. Takže ten toolbar, je asi zbytečnost, že?

# AdwCleaner v2.109 - Logfile created 02/03/2013 at 10:30:41
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Andrejka a Tomáš - TOMAS
# Boot Mode : Normal
# Running from : C:\Users\Andrejka a Tomáš\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\searchplugins\Askcom.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Users\ANDREJ~1\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Andrejka a Tomáš\AppData\Local\APN
Folder Deleted : C:\Users\Andrejka a Tomáš\AppData\Local\Babylon
Folder Deleted : C:\Users\Andrejka a Tomáš\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\extensions\toolbar@ask.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Ask.com.tmp
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\prefs.js

Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10401&loc[...]
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12568 octets] - [30/01/2013 21:00:25]
AdwCleaner[R2].txt - [12629 octets] - [30/01/2013 21:16:59]
AdwCleaner[R3].txt - [12690 octets] - [30/01/2013 21:17:35]
AdwCleaner[R4].txt - [4833 octets] - [03/02/2013 10:18:09]
AdwCleaner[R5].txt - [4893 octets] - [03/02/2013 10:30:31]
AdwCleaner[S1].txt - [12956 octets] - [30/01/2013 21:17:48]
AdwCleaner[S2].txt - [4922 octets] - [03/02/2013 10:30:41]

########## EOF - C:\AdwCleaner[S2].txt - [4982 octets] ##########

A internet skočil na 30mbit rychlost. Bluetooth přetrvává.

Nejen ze je ten toolbar zbytecnost, ale navic je to velka brzda, az skoro havet.


Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Nechávám zapnuté a čekám jestli budeme něco mazat

RogueKiller V8.4.4 [Feb 1 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Andrejka a Tomáš [Práva správce]
Mód : Kontrola -- Datum : 02/03/2013 10:43:32
| ARK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2565GSX ATA Device +++++
--- User ---
[MBR] e91f5e7fc35c44c01e94c21632cb6fea
[BSP] 6a2664e4387552efbef110e201525abe : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_02032013_02d1043.txt >>
RKreport[1]_S_02032013_02d1043.txt

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

RogueKiller V8.4.4 [Feb 1 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Andrejka a Tomáš [Práva správce]
Mód : Odebrat -- Datum : 02/03/2013 10:55:46
| ARK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2565GSX ATA Device +++++
--- User ---
[MBR] e91f5e7fc35c44c01e94c21632cb6fea
[BSP] 6a2664e4387552efbef110e201525abe : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_02032013_02d1055.txt >>
RKreport[1]_S_02032013_02d1043.txt ; RKreport[2]_D_02032013_02d1055.txt

a druhý log
RogueKiller V8.4.4 [Feb 1 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Andrejka a Tomáš [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/03/2013 10:56:10
| ARK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončeno : << RKreport[3]_H_02032013_02d1056.txt >>
RKreport[1]_S_02032013_02d1043.txt ; RKreport[2]_D_02032013_02d1055.txt ; RKreport[3]_H_02032013_02d1056.txt