Prosím o kontrolu logu
Napsal: 31 kvě 2013 20:23
Dobrý den,
Před pár dny se mi výrazně zpomalil notebook, děkuji za jakékoliv rady.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16576
Run by Renata at 19:42:09 on 2013-05-31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3055.1241 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\schtasks.exe
C:\Windows\system32\conhost.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\system32\dgdersvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
C:\Windows\system32\dmwu.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Renata\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\jmdp\stij.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=4E6176F1A142E774
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - <orphaned>
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
uURLSearchHooks: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - <orphaned>
mURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\HPNetworkCheckPlugin.dll
uRun: [KiesTrayAgent] <no file>
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [QLBController] c:\program files\hewlett-packard\hp hotkey support\QLBController.exe /start
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [HPWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\delayedappstarter.exe 120 c:\program files\hewlett-packard\hp wireless assistant\HPWA_Main.exe /hidden
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SpywareTerminatorShield] c:\program files\spyware terminator\SpywareTerminatorShield.exe
mRun: [SpywareTerminatorUpdater] c:\program files\spyware terminator\SpywareTerminatorUpdate.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\NCLauncherFromIE.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{CF06E172-5E2A-4F07-88F2-80BB52F5C009} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CF06E172-5E2A-4F07-88F2-80BB52F5C009}\64966656A64697E236A702E4144502A5 : DHCPNameServer = 88.81.64.1 88.81.92.1
TCP: Interfaces\{CF06E172-5E2A-4F07-88F2-80BB52F5C009}\94E6475627E65647 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{CF06E172-5E2A-4F07-88F2-80BB52F5C009}\A456A7572716 : DHCPNameServer = 10.10.21.1 88.81.64.1 88.81.92.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
AppInit_DLLs= c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=4E6176F1A142E774
FF - prefs.js: keyword.URL - hxxp://eu.ask.com/web?l=dis&o=APN10089&gct=kwd&qsrc=2869&apn_dtid=^PFM004^YY^CZ&apn_ptnrs=^A5F&apn_uid=1040175303404503&p2=^A5F^PFM004^YY^CZ&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\users\renata\appdata\local\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\plugins\np-mswmp.dll
FF - plugin: c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\np-mswmp.dll
FF - plugin: c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - c02629a4-85cd-4f38-ba4b-bb84a0dd7db9
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube
.
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyKkjwo9M&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 4e614cce00000000000076f1a142e774
FF - user.js: extensions.incredibar_i.instlDay - 15559
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1419:22:44
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyKkjwo9M
FF - user.js: extensions.incredibar_i.upn2n - 92261890875400430
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10658
FF - user.js: extensions.incredibar_i.ppd -
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112059&tt=120812_bandext_3312_7
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - 4e614cce00000000000076f1a142e774
FF - user.js: extensions.BabylonToolbar.instlDay - 15565
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.619:03:48
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R0 pe3aprwb;Simon the Sorcerer Environment Driver (pe3aprwb);c:\windows\system32\drivers\pe3aprwb.sys [2007-12-18 65160]
R0 ps7aprwb;Simon the Sorcerer Synchronization Driver (ps7aprwb);c:\windows\system32\drivers\ps7aprwb.sys [2007-12-18 68752]
R1 MpKsl6e81f310;MpKsl6e81f310;c:\programdata\microsoft\microsoft antimalware\definition updates\{b0a5877f-0a07-4a76-a1cb-d5e8e1422882}\MpKsl6e81f310.sys [2013-5-31 29904]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2013-5-23 32768]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2010-7-20 81920]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-5-30 176128]
R2 BrowserProtect;BrowserProtect;c:\programdata\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-4-14 2569168]
R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2009-12-22 95568]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-7-20 217088]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\hewlett-packard\hp wireless assistant\HPWA_Service.exe [2009-12-16 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2012-8-10 197536]
R2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\hewlett-packard\hp hotkey support\hpHotkeyMonitor.exe [2010-1-4 264248]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2011-5-13 26168]
R2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe [2012-9-17 1156400]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 100328]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\spyware terminator\st_rsser.exe [2013-5-23 587912]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-7-20 2320920]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-7-20 29472]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2009-12-22 18136]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-7-20 36640]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 pr2aprwb;Simon the Sorcerer Drivers Auto Removal (pr2aprwb);c:\windows\system32\pr2aprwb.exe svc --> c:\windows\system32\pr2aprwb.exe svc [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-7-20 181792]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-7-20 257568]
S3 StorSvc;Služba úložiště;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-2 52224]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-25 1343400]
SUnknown MpKsl7e86ebc7;MpKsl7e86ebc7; [x]
.
=============== Created Last 30 ================
.
2013-05-31 17:05:30 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b0a5877f-0a07-4a76-a1cb-d5e8e1422882}\offreg.dll
2013-05-31 17:05:24 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b0a5877f-0a07-4a76-a1cb-d5e8e1422882}\MpKsl6e81f310.sys
2013-05-31 16:39:17 -------- d-----w- c:\program files\CCleaner
2013-05-31 16:11:50 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b0a5877f-0a07-4a76-a1cb-d5e8e1422882}\mpengine.dll
2013-05-30 18:32:48 86016 ----a-w- c:\windows\system32\AESTCom.dll
2013-05-30 18:32:48 61440 ----a-w- c:\windows\system32\aestaren.dll
2013-05-30 18:32:48 380928 ----a-w- c:\windows\system32\aestecap.dll
2013-05-30 18:32:48 140288 ----a-w- c:\windows\system32\aestacap.dll
2013-05-30 18:32:47 495708 ----a-w- c:\windows\sttray.exe
2013-05-30 18:32:47 1953792 ----a-w- c:\windows\system32\stlang.dll
2013-05-30 18:32:47 12705884 ----a-w- c:\windows\system32\idtcpl.cpl
2013-05-30 18:32:25 179712 ----a-w- c:\windows\system32\staco.dll
2013-05-30 15:26:32 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-05-23 20:32:37 -------- d-----w- c:\program files\Cisco
2013-05-23 18:44:38 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-05-23 18:44:22 -------- d-----w- c:\users\renata\appdata\roaming\Spyware Terminator
2013-05-23 18:44:22 -------- d-----w- c:\programdata\Spyware Terminator
2013-05-23 18:41:56 -------- d-----w- c:\program files\Spyware Terminator
2013-05-23 18:40:47 64000 ------w- c:\windows\system32\agrsmdel.exe
2013-05-23 18:40:47 14848 ------w- c:\windows\system32\agrsco64.dll
2013-05-23 18:40:10 -------- d-----w- c:\program files\LSI SoftModem
2013-05-23 18:38:41 64000 ----a-w- c:\windows\agrsmdel.exe
2013-05-23 18:38:41 13824 ------w- c:\windows\system32\agrscoin.dll
2013-05-23 18:38:41 1163328 ----a-w- c:\windows\system32\drivers\AGRSM.sys
2013-05-23 18:24:19 -------- d-----w- c:\windows\Options
2013-05-23 18:23:49 93344 ----a-w- c:\windows\system32\athcfg11resloc.dll
2013-05-23 18:23:49 85152 ----a-w- c:\windows\system32\wgapiloc.dll
2013-05-23 18:23:49 64672 ----a-w- c:\windows\system32\athihvui.dll
2013-05-23 18:23:49 429312 ----a-w- c:\windows\system32\wgapi.dll
2013-05-23 18:23:49 400544 ----a-w- c:\windows\system32\athihvs.dll
2013-05-23 18:23:49 339200 ----a-w- c:\windows\system32\wcapiU.dll
2013-05-23 18:23:49 -------- d-----w- c:\windows\system32\nn-NO
2013-05-23 18:23:48 417000 ----a-w- c:\windows\system32\wcapi.dll
2013-05-23 18:23:48 314624 ----a-w- c:\windows\system32\athcfg20U.dll
2013-05-23 18:23:48 302312 ----a-w- c:\windows\system32\athcfg20.dll
2013-05-23 18:23:48 130312 ----a-w- c:\windows\system32\athcfg20resU.dll
2013-05-23 18:23:48 130288 ----a-w- c:\windows\system32\athcfg20res.dll
2013-05-21 13:43:12 724464 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{0ed7cf7e-acc7-4b87-9747-a1dc0e5babf3}\gapaengine.dll
2013-05-15 14:57:11 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 14:57:11 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 14:57:10 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 14:57:04 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 14:57:04 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 14:56:56 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 14:56:56 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 14:56:55 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-10 07:57:26 187456 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-05-30 18:28:25 431616 ----a-w- c:\windows\system32\drivers\stwrt.sys
2013-05-30 18:28:24 934912 ----a-w- c:\windows\system32\stapo.dll
2013-05-30 18:28:24 531968 ------w- c:\windows\system32\stapi32.dll
2013-05-30 18:28:24 405504 ----a-w- c:\windows\system32\stcplx.dll
2013-05-14 19:37:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-14 19:37:44 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-14 11:46:32 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45:29 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-07 08:54:58 1156400 ----a-w- c:\windows\system32\dmwu.exe
2013-04-07 08:52:34 27136 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-04-02 14:09:52 4550656 ----a-w- c:\windows\system32\GPhotos.scr
2013-03-19 05:04:13 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe
.
============= FINISH: 20:35:28,80 ===============
Před pár dny se mi výrazně zpomalil notebook, děkuji za jakékoliv rady.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16576
Run by Renata at 19:42:09 on 2013-05-31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3055.1241 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\schtasks.exe
C:\Windows\system32\conhost.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\system32\dgdersvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
C:\Windows\system32\dmwu.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Renata\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\jmdp\stij.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Users\Renata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=4E6176F1A142E774
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - <orphaned>
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
uURLSearchHooks: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - <orphaned>
mURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\HPNetworkCheckPlugin.dll
uRun: [KiesTrayAgent] <no file>
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [QLBController] c:\program files\hewlett-packard\hp hotkey support\QLBController.exe /start
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [HPWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\delayedappstarter.exe 120 c:\program files\hewlett-packard\hp wireless assistant\HPWA_Main.exe /hidden
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SpywareTerminatorShield] c:\program files\spyware terminator\SpywareTerminatorShield.exe
mRun: [SpywareTerminatorUpdater] c:\program files\spyware terminator\SpywareTerminatorUpdate.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\NCLauncherFromIE.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{CF06E172-5E2A-4F07-88F2-80BB52F5C009} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{CF06E172-5E2A-4F07-88F2-80BB52F5C009}\64966656A64697E236A702E4144502A5 : DHCPNameServer = 88.81.64.1 88.81.92.1
TCP: Interfaces\{CF06E172-5E2A-4F07-88F2-80BB52F5C009}\94E6475627E65647 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{CF06E172-5E2A-4F07-88F2-80BB52F5C009}\A456A7572716 : DHCPNameServer = 10.10.21.1 88.81.64.1 88.81.92.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
AppInit_DLLs= c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=4E6176F1A142E774
FF - prefs.js: keyword.URL - hxxp://eu.ask.com/web?l=dis&o=APN10089&gct=kwd&qsrc=2869&apn_dtid=^PFM004^YY^CZ&apn_ptnrs=^A5F&apn_uid=1040175303404503&p2=^A5F^PFM004^YY^CZ&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\users\renata\appdata\local\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\plugins\np-mswmp.dll
FF - plugin: c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\np-mswmp.dll
FF - plugin: c:\users\renata\appdata\roaming\mozilla\firefox\profiles\uzgpurg2.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - c02629a4-85cd-4f38-ba4b-bb84a0dd7db9
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube
.
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyKkjwo9M&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 4e614cce00000000000076f1a142e774
FF - user.js: extensions.incredibar_i.instlDay - 15559
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1419:22:44
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyKkjwo9M
FF - user.js: extensions.incredibar_i.upn2n - 92261890875400430
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10658
FF - user.js: extensions.incredibar_i.ppd -
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112059&tt=120812_bandext_3312_7
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - 4e614cce00000000000076f1a142e774
FF - user.js: extensions.BabylonToolbar.instlDay - 15565
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.619:03:48
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R0 pe3aprwb;Simon the Sorcerer Environment Driver (pe3aprwb);c:\windows\system32\drivers\pe3aprwb.sys [2007-12-18 65160]
R0 ps7aprwb;Simon the Sorcerer Synchronization Driver (ps7aprwb);c:\windows\system32\drivers\ps7aprwb.sys [2007-12-18 68752]
R1 MpKsl6e81f310;MpKsl6e81f310;c:\programdata\microsoft\microsoft antimalware\definition updates\{b0a5877f-0a07-4a76-a1cb-d5e8e1422882}\MpKsl6e81f310.sys [2013-5-31 29904]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2013-5-23 32768]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2010-7-20 81920]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-5-30 176128]
R2 BrowserProtect;BrowserProtect;c:\programdata\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-4-14 2569168]
R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2009-12-22 95568]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-7-20 217088]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\hewlett-packard\hp wireless assistant\HPWA_Service.exe [2009-12-16 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2012-8-10 197536]
R2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\hewlett-packard\hp hotkey support\hpHotkeyMonitor.exe [2010-1-4 264248]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2011-5-13 26168]
R2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe [2012-9-17 1156400]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 100328]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\spyware terminator\st_rsser.exe [2013-5-23 587912]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-7-20 2320920]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-7-20 29472]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2009-12-22 18136]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-7-20 36640]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 pr2aprwb;Simon the Sorcerer Drivers Auto Removal (pr2aprwb);c:\windows\system32\pr2aprwb.exe svc --> c:\windows\system32\pr2aprwb.exe svc [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-7-20 181792]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-7-20 257568]
S3 StorSvc;Služba úložiště;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-2 52224]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-25 1343400]
SUnknown MpKsl7e86ebc7;MpKsl7e86ebc7; [x]
.
=============== Created Last 30 ================
.
2013-05-31 17:05:30 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b0a5877f-0a07-4a76-a1cb-d5e8e1422882}\offreg.dll
2013-05-31 17:05:24 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b0a5877f-0a07-4a76-a1cb-d5e8e1422882}\MpKsl6e81f310.sys
2013-05-31 16:39:17 -------- d-----w- c:\program files\CCleaner
2013-05-31 16:11:50 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b0a5877f-0a07-4a76-a1cb-d5e8e1422882}\mpengine.dll
2013-05-30 18:32:48 86016 ----a-w- c:\windows\system32\AESTCom.dll
2013-05-30 18:32:48 61440 ----a-w- c:\windows\system32\aestaren.dll
2013-05-30 18:32:48 380928 ----a-w- c:\windows\system32\aestecap.dll
2013-05-30 18:32:48 140288 ----a-w- c:\windows\system32\aestacap.dll
2013-05-30 18:32:47 495708 ----a-w- c:\windows\sttray.exe
2013-05-30 18:32:47 1953792 ----a-w- c:\windows\system32\stlang.dll
2013-05-30 18:32:47 12705884 ----a-w- c:\windows\system32\idtcpl.cpl
2013-05-30 18:32:25 179712 ----a-w- c:\windows\system32\staco.dll
2013-05-30 15:26:32 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-05-23 20:32:37 -------- d-----w- c:\program files\Cisco
2013-05-23 18:44:38 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2013-05-23 18:44:22 -------- d-----w- c:\users\renata\appdata\roaming\Spyware Terminator
2013-05-23 18:44:22 -------- d-----w- c:\programdata\Spyware Terminator
2013-05-23 18:41:56 -------- d-----w- c:\program files\Spyware Terminator
2013-05-23 18:40:47 64000 ------w- c:\windows\system32\agrsmdel.exe
2013-05-23 18:40:47 14848 ------w- c:\windows\system32\agrsco64.dll
2013-05-23 18:40:10 -------- d-----w- c:\program files\LSI SoftModem
2013-05-23 18:38:41 64000 ----a-w- c:\windows\agrsmdel.exe
2013-05-23 18:38:41 13824 ------w- c:\windows\system32\agrscoin.dll
2013-05-23 18:38:41 1163328 ----a-w- c:\windows\system32\drivers\AGRSM.sys
2013-05-23 18:24:19 -------- d-----w- c:\windows\Options
2013-05-23 18:23:49 93344 ----a-w- c:\windows\system32\athcfg11resloc.dll
2013-05-23 18:23:49 85152 ----a-w- c:\windows\system32\wgapiloc.dll
2013-05-23 18:23:49 64672 ----a-w- c:\windows\system32\athihvui.dll
2013-05-23 18:23:49 429312 ----a-w- c:\windows\system32\wgapi.dll
2013-05-23 18:23:49 400544 ----a-w- c:\windows\system32\athihvs.dll
2013-05-23 18:23:49 339200 ----a-w- c:\windows\system32\wcapiU.dll
2013-05-23 18:23:49 -------- d-----w- c:\windows\system32\nn-NO
2013-05-23 18:23:48 417000 ----a-w- c:\windows\system32\wcapi.dll
2013-05-23 18:23:48 314624 ----a-w- c:\windows\system32\athcfg20U.dll
2013-05-23 18:23:48 302312 ----a-w- c:\windows\system32\athcfg20.dll
2013-05-23 18:23:48 130312 ----a-w- c:\windows\system32\athcfg20resU.dll
2013-05-23 18:23:48 130288 ----a-w- c:\windows\system32\athcfg20res.dll
2013-05-21 13:43:12 724464 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{0ed7cf7e-acc7-4b87-9747-a1dc0e5babf3}\gapaengine.dll
2013-05-15 14:57:11 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 14:57:11 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 14:57:10 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 14:57:04 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 14:57:04 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 14:56:56 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 14:56:56 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 14:56:55 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-10 07:57:26 187456 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-05-30 18:28:25 431616 ----a-w- c:\windows\system32\drivers\stwrt.sys
2013-05-30 18:28:24 934912 ----a-w- c:\windows\system32\stapo.dll
2013-05-30 18:28:24 531968 ------w- c:\windows\system32\stapi32.dll
2013-05-30 18:28:24 405504 ----a-w- c:\windows\system32\stcplx.dll
2013-05-14 19:37:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-14 19:37:44 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-14 11:46:32 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45:29 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-07 08:54:58 1156400 ----a-w- c:\windows\system32\dmwu.exe
2013-04-07 08:52:34 27136 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-04-02 14:09:52 4550656 ----a-w- c:\windows\system32\GPhotos.scr
2013-03-19 05:04:13 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe
.
============= FINISH: 20:35:28,80 ===============
