Zdravim,
ak by to bolo mozne, mohli by ste sa prosim pozriet tentokrat na moj laptop, samotny windows bootuje rychlo, no dost dlho mu to trva po nalogovani sa do systemu, inak ide vsetko OK.
Logfile of random's system information tool 1.09 (written by random/random)
Run by karol at 2013-07-23 22:06:05
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 57 GB (12%) free of 464 GB
Total RAM: 8103 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:16, on 23. 7. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Windows\SysWOW64\rundll32.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\karol.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\karol\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CF7316B-85F7-4A2C-88E2-93B604A557EA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{22C0C663-FD93-41FE-B338-E92AB95A25AD}: NameServer = 10.206.65.68 10.206.65.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{3524FD63-32B3-43FB-9A82-91801E0EFB3C}: NameServer = 10.206.65.68 10.206.65.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{539C0E1C-D675-4BE6-980C-79CB14BAB419}: NameServer = 88.82.13.44 88.82.13.44
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3482861-DD81-48FE-9EBD-28976F0A4AAD}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Screen Reading Optimizer Service Program (SROSVC) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 16123 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a54a523c-a561-4508-9554-8ec0d10e5c15 -SystemEventPortName:HostProcess-80dbd189-8538-4e76-8194-912c1459ca3e -IoCancelEventPortName:HostProcess-b71897f4-afd2-492c-ac22-507f6b5410d6 -NonStateChangingEventPortName:HostProcess-6ca8959a-11fb-475e-8353-7fa31ebbbedc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:df51950e-3496-407c-ba7b-5a391565e5ad -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\system32\WLANExt.exe 27390656
\??\C:\Windows\system32\conhost.exe "-1539138917-1018980282748832837-15117656031422816241-14462616-16260360501435279091
C:\Windows\System32\spoolsv.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe" -service
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3200
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6e32b21e-5d7e-48e7-87d8-416557551853 -SystemEventPortName:HostProcess-9e55a086-24cf-4137-a909-91c799a52789 -IoCancelEventPortName:HostProcess-c3761ab6-563b-496b-a59f-50cdc7fbde06 -NonStateChangingEventPortName:HostProcess-557f7349-91b3-4221-9ac3-b12f3c966708 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a8a408f9-7bb0-40c4-a0f0-9fc47966e115 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
atieclxx
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
taskeng.exe {96738B21-E8F3-416D-B303-871C74C8B4F6}
"taskhost.exe"
"c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version7\TeamViewer7_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version7\TeamViewer7_Logfile.log
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" -EMBEDDING
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe" -Embedding
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe"
"C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" /start
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
taskeng.exe {169687D7-2FEC-4C05-AF26-5AE65C6A363E}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\karol\Downloads\RSITx64(2).exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1003UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212182777-1079031378-3419217657-1004UA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
=========Mozilla firefox=========
ProfilePath - C:\Users\karol\AppData\Roaming\Mozilla\Firefox\Profiles\pr4u9n61.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Users\karol\AppData\Roaming\Mozilla\Firefox\Profiles\pr4u9n61.default\extensions\
firefox@ghostery.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-22 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-22 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"TpShocks"=C:\Windows\SYSTEM32\TpShocks.exe [2011-03-29 380776]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-12-23 2868496]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2011-04-26 310912]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2011-01-27 41320]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"ALCKRESI.EXE"=C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [2011-07-13 281960]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2012-09-07 63376]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\karol\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-18 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^karol^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"=rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-09 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"Ad-Aware Antivirus"=C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run []
"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2011-10-21 198032]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\SYSTEM32\igfxdev.dll [2011-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2013-07-23 00:52:13 ----D---- C:\Program Files\Defraggler
2013-07-20 00:54:41 ----D---- C:\Windows\system32\MRT
2013-07-12 21:51:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-07-12 21:51:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-07-12 21:51:23 ----A---- C:\Windows\system32\mshtmled.dll
2013-07-12 21:51:21 ----A---- C:\Windows\SYSWOW64\url.dll
2013-07-12 21:51:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-07-12 21:51:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-12 21:51:21 ----A---- C:\Windows\system32\ieUnatt.exe
2013-07-12 21:51:21 ----A---- C:\Windows\system32\ieui.dll
2013-07-12 21:51:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-12 21:51:20 ----A---- C:\Windows\system32\wininet.dll
2013-07-12 21:51:20 ----A---- C:\Windows\system32\url.dll
2013-07-12 21:51:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-12 21:51:19 ----A---- C:\Windows\system32\urlmon.dll
2013-07-12 21:51:19 ----A---- C:\Windows\system32\jscript9.dll
2013-07-12 21:51:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-12 21:51:18 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-12 21:51:18 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-12 21:51:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-12 21:51:17 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-12 21:51:17 ----A---- C:\Windows\system32\vbscript.dll
2013-07-12 21:51:17 ----A---- C:\Windows\system32\jscript.dll
2013-07-12 21:51:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-12 21:51:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-12 21:51:16 ----A---- C:\Windows\system32\iertutil.dll
2013-07-12 21:51:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-12 21:51:12 ----A---- C:\Windows\system32\mshtml.dll
2013-07-12 21:51:12 ----A---- C:\Windows\system32\ieframe.dll
2013-07-12 21:51:11 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-11 23:23:57 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 23:23:56 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 23:23:56 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 23:23:55 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 23:23:45 ----A---- C:\Windows\system32\win32k.sys
2013-07-11 23:23:32 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-11 23:23:32 ----A---- C:\Windows\system32\DWrite.dll
2013-07-03 23:58:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-06-22 14:24:48 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-06-22 14:24:43 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-06-18 21:50:08 ----A---- C:\Windows\system32\drivers\MpFilter.sys
2013-06-14 20:53:50 ----D---- C:\Program Files (x86)\Bluetooth Software Update Tool
2013-06-12 23:56:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 23:56:17 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 23:56:17 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 23:55:57 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 23:55:57 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 23:55:47 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 23:55:47 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 23:55:46 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 23:55:45 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 23:55:45 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 23:55:45 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 23:55:45 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 23:55:45 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 23:55:45 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 23:55:45 ----A---- C:\Windows\system32\certenc.dll
2013-06-08 22:48:43 ----D---- C:\ldiag
2013-06-08 21:56:36 ----HD---- C:\Windows\system32\WLANProfiles
2013-06-08 21:55:32 ----D---- C:\Program Files (x86)\Cisco
2013-06-08 21:55:28 ----D---- C:\ProgramData\Intel.sav
2013-06-08 21:53:19 ----D---- C:\ProgramData\Package Cache
2013-06-08 21:49:06 ----D---- C:\Program Files\Common Files\SPBA
2013-06-06 21:57:30 ----HD---- C:\A
2013-06-01 18:42:29 ----D---- C:\Users\karol\AppData\Roaming\TS3Client
2013-06-01 18:41:21 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2013-05-24 20:33:43 ----D---- C:\Users\karol\AppData\Roaming\Notepad++
2013-05-24 20:29:44 ----D---- C:\rsit
2013-05-24 20:29:44 ----D---- C:\Program Files\trend micro
2013-05-17 01:01:38 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-17 01:01:38 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-17 01:01:38 ----A---- C:\Windows\system32\cdd.dll
2013-05-17 01:01:09 ----A---- C:\Windows\system32\shell32.dll
2013-05-17 01:01:08 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-17 01:01:08 ----A---- C:\Windows\system32\authui.dll
2013-05-17 01:01:07 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-17 01:01:05 ----A---- C:\Windows\system32\consent.exe
2013-05-17 01:00:45 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-17 01:00:44 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-17 01:00:44 ----A---- C:\Windows\system32\appinfo.dll
2013-05-17 01:00:23 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-17 01:00:23 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-04-24 00:11:48 ----A---- C:\Windows\system32\drivers\ntfs.sys
======List of files/folders modified in the last 3 months======
2013-07-23 22:06:16 ----D---- C:\Windows\Prefetch
2013-07-23 22:05:52 ----D---- C:\Windows\Temp
2013-07-23 01:02:14 ----D---- C:\Windows\system32\config
2013-07-23 00:52:13 ----D---- C:\Program Files
2013-07-23 00:50:13 ----SHD---- C:\System Volume Information
2013-07-23 00:45:13 ----A---- C:\Windows\SYSWOW64\log.txt
2013-07-20 23:32:57 ----D---- C:\Users\karol\AppData\Roaming\Adobe
2013-07-20 01:16:35 ----D---- C:\Windows\system32\catroot
2013-07-20 01:15:41 ----SHD---- C:\Windows\Installer
2013-07-20 01:15:41 ----D---- C:\Program Files\Microsoft Security Client
2013-07-20 01:15:40 ----SHD---- C:\Config.Msi
2013-07-20 01:15:29 ----D---- C:\Windows\system32\drivers
2013-07-20 01:15:29 ----AD---- C:\Windows
2013-07-20 01:15:28 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-20 00:58:31 ----D---- C:\Windows\System32
2013-07-19 23:49:10 ----D---- C:\Program Files\Adobe
2013-07-19 23:40:06 ----D---- C:\temp
2013-07-19 23:08:12 ----D---- C:\Windows\Microsoft.NET
2013-07-19 23:08:11 ----RSD---- C:\Windows\assembly
2013-07-13 19:22:25 ----RD---- C:\Program Files (x86)
2013-07-13 19:13:38 ----D---- C:\Windows\winsxs
2013-07-13 19:12:06 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-13 19:12:04 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-13 00:52:54 ----D---- C:\Windows\SYSWOW64\migration
2013-07-13 00:52:54 ----D---- C:\Windows\SysWOW64
2013-07-13 00:52:54 ----D---- C:\Program Files\Windows Defender
2013-07-13 00:52:54 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-13 00:52:54 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-13 00:52:53 ----D---- C:\Windows\system32\migration
2013-07-13 00:52:53 ----D---- C:\Program Files\Windows Journal
2013-07-13 00:52:53 ----D---- C:\Program Files\Internet Explorer
2013-07-13 00:27:01 ----D---- C:\Users\karol\AppData\Roaming\vlc
2013-07-13 00:21:54 ----D---- C:\Windows\inf
2013-07-13 00:21:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-12 21:53:16 ----D---- C:\ProgramData\Microsoft Help
2013-07-12 21:51:58 ----D---- C:\Windows\system32\catroot2
2013-07-12 21:41:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-11 23:24:34 ----D---- C:\Users\karol\AppData\Roaming\Mozilla
2013-07-10 21:18:44 ----D---- C:\Program Files (x86)\Sony Ericsson
2013-07-06 21:33:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-25 10:21:10 ----D---- C:\Windows\rescache
2013-06-24 00:57:12 ----A---- C:\Windows\system32\MRT.exe
2013-06-24 00:13:13 ----D---- C:\Windows\system32\wdi
2013-06-23 01:45:00 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-06-22 14:24:35 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-22 14:24:35 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-06-22 14:24:35 ----A---- C:\Windows\SYSWOW64\java.exe
2013-06-22 14:24:34 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-22 14:24:32 ----D---- C:\Program Files (x86)\Java
2013-06-22 11:52:23 ----D---- C:\ProgramData\Sony Ericsson
2013-06-14 00:32:28 ----D---- C:\Windows\SYSWOW64\en-US
2013-06-14 00:32:28 ----D---- C:\Windows\system32\en-US
2013-06-08 23:06:54 ----D---- C:\video
2013-06-08 22:40:40 ----D---- C:\Program Files\Lenovo
2013-06-08 22:38:48 ----D---- C:\Windows\Downloaded Installations
2013-06-08 22:06:00 ----D---- C:\Windows\system32\drivers\UMDF
2013-06-08 22:06:00 ----D---- C:\Program Files\ThinkVantage Fingerprint Software
2013-06-08 21:57:45 ----D---- C:\Program Files\Common Files\Lenovo
2013-06-08 21:56:53 ----D---- C:\Windows\system32\DriverStore
2013-06-08 21:56:44 ----D---- C:\Program Files\Intel
2013-06-08 21:55:32 ----D---- C:\Program Files (x86)\Intel
2013-06-08 21:55:28 ----HD---- C:\ProgramData
2013-06-08 21:54:32 ----D---- C:\ProgramData\Intel
2013-06-08 21:49:20 ----D---- C:\Windows\system32\WinBioPlugIns
2013-06-08 21:49:06 ----D---- C:\Program Files\Common Files
2013-05-18 00:36:40 ----D---- C:\Windows\AppPatch
2013-05-17 23:39:59 ----D---- C:\Users\karol\AppData\Roaming\Lenovo
2013-05-02 17:29:56 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-27 19:50:36 ----D---- C:\Program Files (x86)\Lenovo
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2012-02-01 31872]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2011-03-29 139888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-08 530488]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2011-03-29 23664]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
R1 PHCORE;PHCORE; \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [2011-07-08 32104]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2012-01-23 14960]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
R2 sbapifs;sbapifs; C:\Windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-03-05 166016]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 10857984]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-09 328704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-02-13 163808]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-03-24 85504]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2012-12-05 42824]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-12-13 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-04-19 25528]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-02-05 11518976]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-27 40248]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-12-23 412432]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2011-05-30 40248]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2013-02-13 163808]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-10-17 437288]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-10-17 146984]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2011-10-17 164392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-10-17 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-10-17 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-03-24 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-03-24 13952]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-10-14 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-10-14 27176]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-03-24 94208]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-03-24 28672]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-03-24 196608]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-04-19 35256]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0;PCDSRVC{127174DC-C366ED8B-06020200}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [2011-06-27 25584]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2013-01-29 50800]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [2009-08-08 23112]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-12-19 60536]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2012-09-07 133008]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2012-09-07 272272]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-02-13 770528]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-10-17 970016]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2012-12-05 60272]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2011-01-27 40808]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2012-08-24 127072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-01-27 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2012-02-08 70136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 SROSVC;Screen Reading Optimizer Service Program; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2012-03-05 446800]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2010-08-31 1028096]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2012-12-18 127120]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2012-12-04 125504]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [2011-08-18 1492280]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-03 136176]
S2 HyperW7Svc;HyperW7 Service; C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-11-18 144448]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-01-08 277488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-03 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-03 117144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-01-23 89152]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-01-23 175168]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [2008-09-19 93848]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2013-04-11 22376]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2011-03-29 47728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Ad-Aware Service;Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-07-12 1239952]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SBAMSvc;Ad-Aware; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomaly nabiehajuce Win7 po log-in-e
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomaly nabiehajuce Win7 po log-in-e
Zdravím. 
Vydrž minutku, na logu se intenzivně pracuje.
Vydrž minutku, na logu se intenzivně pracuje.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomaly nabiehajuce Win7 po log-in-e
Tak jako první chybu vidím dva antiviry - MSC a Ad-Aware Antivirus. Jeden musí pryč, jinak Ti bude systém kolabovat a může dojít i k nepředvídaným pádům do BSOD. Osobně bych odpálil ten Ad-Aware Antivirus i s Ad-Aware Browsing Protection, prostě všechno od něj. Takže jej jako první krok odinstaluj.
Potom, pokud jsi tak ještě neučinil, odinstaluj také Bing Bar - zpomaluje. Dále aktualizuj MS Internet Explorer na poslední verzi. I když používáš prohlížeč Mozilla Firefox, aktualizace řeší spoustu problémů i v systému samotném. Teprve potom, až to všechno provedeš, tak stáhni Junkware Removal Tool - http://thisisudax.org/downloads/JRT.exe
- Ulož jej nejlépe na Plochu.
- Po spuštění se zobrazí licenční podmínky, stiskni libovolnou klávesu.
- Proběhne vytvoření zálohy a následně prohledávání.
- Proběhne scanováni a pak se objeví log, který bude případně uložen v C:\JRT jako JRT.txt, ten mi sem vlož.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomaly nabiehajuce Win7 po log-in-e
adware odinstalovany, bing bar tiez, IE updatovane na v10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 7 Professional x64
Ran by karol on st 24. 07. 2013 at 22:19:49,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\ilividsetupv1_rasmancs
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Empty Folder] C:\Users\karol\appdata\local\{9AF2BAF6-766A-444D-B3E4-5F9113067D65}
~~~ FireFox
Emptied folder: C:\Users\karol\AppData\Roaming\mozilla\firefox\profiles\pr4u9n61.default\minidumps [95 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 24. 07. 2013 at 22:26:37,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 7 Professional x64
Ran by karol on st 24. 07. 2013 at 22:19:49,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\ilividsetupv1_rasmancs
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Empty Folder] C:\Users\karol\appdata\local\{9AF2BAF6-766A-444D-B3E4-5F9113067D65}
~~~ FireFox
Emptied folder: C:\Users\karol\AppData\Roaming\mozilla\firefox\profiles\pr4u9n61.default\minidumps [95 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 24. 07. 2013 at 22:26:37,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomaly nabiehajuce Win7 po log-in-e
Dobrá práce.yozefb píše:adware odinstalovany, bing bar tiez, IE updatovane na v10
Tak teď stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulož jej nejlépe na Plochu.
- Ukonči všechny programy!!
- Spusť AdwCleaner.
- Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Klikni na [Delete].
- Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako C:\AdwCleaner [S1].txt - jeho obsah mi sem vlož.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomaly nabiehajuce Win7 po log-in-e
# AdwCleaner v2.306 - Logfile created 07/25/2013 at 18:41:08
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : karol - THINK
# Boot Mode : Normal
# Running from : C:\Users\karol\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Users\Michaela\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\Michaela\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Local\Conduit
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Local\TempDir
Folder Deleted : C:\Users\Jozef&Michaela\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\qxto9jn8.default\ConduitCommon
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\qxto9jn8.default\CT1060933
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\qxto9jn8.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Michaela\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\pdfforge
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\gcsu1el3.default\extensions\staged
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Registry is clean.
-\\ Mozilla Firefox v22.0 (en-US)
File : C:\Users\Jozef&Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\qxto9jn8.default\prefs.js
Deleted : user_pref("CT1060933..clientLogIsEnabled", false);
Deleted : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1060933.CTID", "ct1060933");
Deleted : user_pref("CT1060933.CurrentServerDate", "24-9-2011");
Deleted : user_pref("CT1060933.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1060933.DialogsGetterLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT Daylight T[...]
Deleted : user_pref("CT1060933.DownloadReferralCookieData", "");
Deleted : user_pref("CT1060933.FirstServerDate", "24-9-2011");
Deleted : user_pref("CT1060933.FirstTime", true);
Deleted : user_pref("CT1060933.FirstTimeFF3", true);
Deleted : user_pref("CT1060933.FixPageNotFoundErrors", true);
Deleted : user_pref("CT1060933.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1060933.HasUserGlobalKeys", true);
Deleted : user_pref("CT1060933.Initialize", true);
Deleted : user_pref("CT1060933.InitializeCommonPrefs", true);
Deleted : user_pref("CT1060933.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT1060933.InstallationId", "ConduitStubGeneric");
Deleted : user_pref("CT1060933.InstallationType", "ConduitStubIntegration");
Deleted : user_pref("CT1060933.InstalledDate", "Sat Sep 24 2011 11:16:17 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT1060933.InvalidateCache", false);
Deleted : user_pref("CT1060933.IsGrouping", false);
Deleted : user_pref("CT1060933.IsInitSetupIni", true);
Deleted : user_pref("CT1060933.IsMulticommunity", false);
Deleted : user_pref("CT1060933.IsOpenThankYouPage", false);
Deleted : user_pref("CT1060933.IsOpenUninstallPage", true);
Deleted : user_pref("CT1060933.LanguagePackLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT Daylight Ti[...]
Deleted : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1060933.LastLogin_3.6.0.10", "Sat Sep 24 2011 11:16:19 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT1060933.LatestVersion", "3.6.0.10");
Deleted : user_pref("CT1060933.Locale", "en-us");
Deleted : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1060933.MCDetectTooltipShow", false);
Deleted : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT1060933.OriginalFirstVersion", "3.6.0.10");
Deleted : user_pref("CT1060933.RadioIsPodcast", false);
Deleted : user_pref("CT1060933.RadioLastCheckTime", "Sat Sep 24 2011 11:16:20 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT1060933.RadioMediaID", "21504191");
Deleted : user_pref("CT1060933.RadioMediaType", "Media Player");
Deleted : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
Deleted : user_pref("CT1060933.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT1060933.RadioStationName", "KFOG");
Deleted : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM");
Deleted : user_pref("CT1060933.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...]
Deleted : user_pref("CT1060933.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sat Sep 24 2011 11:16:18 GMT+0100 (GMT Daylight [...]
Deleted : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT1060933.SearchProtectorToolbarDisabled", true);
Deleted : user_pref("CT1060933.ServiceMapLastCheckTime", "Sat Sep 24 2011 11:16:14 GMT+0100 (GMT Daylight Time[...]
Deleted : user_pref("CT1060933.SettingsLastCheckTime", "Sat Sep 24 2011 11:16:14 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("CT1060933.SettingsLastUpdate", "1314078198");
Deleted : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sat Sep 24 2011 11:16:14 GMT+0100 (GMT Dayligh[...]
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT1060933.ToolbarDisabled", true);
Deleted : user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933");
Deleted : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT1060933.UserID", "UN69303108788211943");
Deleted : user_pref("CT1060933.alertChannelId", "15651");
Deleted : user_pref("CT1060933.approveUntrustedApps", false);
Deleted : user_pref("CT1060933.components.1000082", false);
Deleted : user_pref("CT1060933.ct1060933.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1060933.ct1060933.InvalidateCache", false);
Deleted : user_pref("CT1060933.ct1060933.LanguagePackLastCheckTime", "Sat Sep 24 2011 11:16:31 GMT+0100 (GMT D[...]
Deleted : user_pref("CT1060933.ct1060933.Locale", "en-us");
Deleted : user_pref("CT1060933.ct1060933.RadioLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT Daylight[...]
Deleted : user_pref("CT1060933.ct1060933.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT1060933.ct1060933.RadioLastUpdateServer", "129326918102570000");
Deleted : user_pref("CT1060933.ct1060933.SearchInNewTabLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT[...]
Deleted : user_pref("CT1060933.ct1060933.SettingsLastCheckTime", "Sat Sep 24 2011 11:16:17 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT1060933.ct1060933.SettingsLastUpdate", "1314078198");
Deleted : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastCheck", "Sat Sep 24 2011 11:16:17 GMT+0100 (G[...]
Deleted : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT1060933.ct1060933.globalFirstTimeInfoLastCheckTime", "Sat Sep 24 2011 11:16:19 GMT+0100[...]
Deleted : user_pref("CT1060933.ct1060933.toolbarAppMetaDataLastCheckTime", "Sat Sep 24 2011 11:16:19 GMT+0100 [...]
Deleted : user_pref("CT1060933.ct1060933.toolbarContextMenuLastCheckTime", "Sat Sep 24 2011 11:16:31 GMT+0100 [...]
Deleted : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sat Sep 24 2011 11:16:18 GMT+0100 (GMT Dayl[...]
Deleted : user_pref("CT1060933.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT1060933.initDone", true);
Deleted : user_pref("CT1060933.isAppTrackingManagerOn", true);
Deleted : user_pref("CT1060933.isFirstRadioInstallation", false);
Deleted : user_pref("CT1060933.myStuffEnabled", true);
Deleted : user_pref("CT1060933.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT1060933.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT1060933.testingCtid", "");
Deleted : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sat Sep 24 2011 11:16:17 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT1060933.usagesFlag", 1);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/UK", "\"0\"");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1060933&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct1060933&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jozef&Michaela\\AppData\\Roaming\\M[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
Deleted : user_pref("CommunityToolbar.globalUserId", "cf0ad525-fcce-4817-b68c-eda99fc20f34");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Sep 24 2011 11:16:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Sep 24 2011 11:16:27 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Sep 24 2011 11:16:15 GMT+0100 (G[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "9eadebb7-31de-4e60-bfaf-05e08c03b56f");
File : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\gcsu1el3.default\prefs.js
[OK] File is clean.
File : C:\Users\karol\AppData\Roaming\Mozilla\Firefox\Profiles\pr4u9n61.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v28.0.1500.72
File : C:\Users\Jozef&Michaela\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\karol\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [14840 octets] - [25/07/2013 18:41:08]
########## EOF - C:\AdwCleaner[S1].txt - [14901 octets] ##########
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : karol - THINK
# Boot Mode : Normal
# Running from : C:\Users\karol\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Users\Michaela\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\Michaela\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Local\Conduit
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Local\TempDir
Folder Deleted : C:\Users\Jozef&Michaela\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\qxto9jn8.default\ConduitCommon
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\qxto9jn8.default\CT1060933
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\qxto9jn8.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
Folder Deleted : C:\Users\Jozef&Michaela\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Michaela\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\pdfforge
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Michaela\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\gcsu1el3.default\extensions\staged
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Registry is clean.
-\\ Mozilla Firefox v22.0 (en-US)
File : C:\Users\Jozef&Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\qxto9jn8.default\prefs.js
Deleted : user_pref("CT1060933..clientLogIsEnabled", false);
Deleted : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1060933.CTID", "ct1060933");
Deleted : user_pref("CT1060933.CurrentServerDate", "24-9-2011");
Deleted : user_pref("CT1060933.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1060933.DialogsGetterLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT Daylight T[...]
Deleted : user_pref("CT1060933.DownloadReferralCookieData", "");
Deleted : user_pref("CT1060933.FirstServerDate", "24-9-2011");
Deleted : user_pref("CT1060933.FirstTime", true);
Deleted : user_pref("CT1060933.FirstTimeFF3", true);
Deleted : user_pref("CT1060933.FixPageNotFoundErrors", true);
Deleted : user_pref("CT1060933.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1060933.HasUserGlobalKeys", true);
Deleted : user_pref("CT1060933.Initialize", true);
Deleted : user_pref("CT1060933.InitializeCommonPrefs", true);
Deleted : user_pref("CT1060933.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT1060933.InstallationId", "ConduitStubGeneric");
Deleted : user_pref("CT1060933.InstallationType", "ConduitStubIntegration");
Deleted : user_pref("CT1060933.InstalledDate", "Sat Sep 24 2011 11:16:17 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT1060933.InvalidateCache", false);
Deleted : user_pref("CT1060933.IsGrouping", false);
Deleted : user_pref("CT1060933.IsInitSetupIni", true);
Deleted : user_pref("CT1060933.IsMulticommunity", false);
Deleted : user_pref("CT1060933.IsOpenThankYouPage", false);
Deleted : user_pref("CT1060933.IsOpenUninstallPage", true);
Deleted : user_pref("CT1060933.LanguagePackLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT Daylight Ti[...]
Deleted : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1060933.LastLogin_3.6.0.10", "Sat Sep 24 2011 11:16:19 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT1060933.LatestVersion", "3.6.0.10");
Deleted : user_pref("CT1060933.Locale", "en-us");
Deleted : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1060933.MCDetectTooltipShow", false);
Deleted : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT1060933.OriginalFirstVersion", "3.6.0.10");
Deleted : user_pref("CT1060933.RadioIsPodcast", false);
Deleted : user_pref("CT1060933.RadioLastCheckTime", "Sat Sep 24 2011 11:16:20 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT1060933.RadioMediaID", "21504191");
Deleted : user_pref("CT1060933.RadioMediaType", "Media Player");
Deleted : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
Deleted : user_pref("CT1060933.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT1060933.RadioStationName", "KFOG");
Deleted : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM");
Deleted : user_pref("CT1060933.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...]
Deleted : user_pref("CT1060933.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sat Sep 24 2011 11:16:18 GMT+0100 (GMT Daylight [...]
Deleted : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT1060933.SearchProtectorToolbarDisabled", true);
Deleted : user_pref("CT1060933.ServiceMapLastCheckTime", "Sat Sep 24 2011 11:16:14 GMT+0100 (GMT Daylight Time[...]
Deleted : user_pref("CT1060933.SettingsLastCheckTime", "Sat Sep 24 2011 11:16:14 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("CT1060933.SettingsLastUpdate", "1314078198");
Deleted : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sat Sep 24 2011 11:16:14 GMT+0100 (GMT Dayligh[...]
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT1060933.ToolbarDisabled", true);
Deleted : user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933");
Deleted : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT1060933.UserID", "UN69303108788211943");
Deleted : user_pref("CT1060933.alertChannelId", "15651");
Deleted : user_pref("CT1060933.approveUntrustedApps", false);
Deleted : user_pref("CT1060933.components.1000082", false);
Deleted : user_pref("CT1060933.ct1060933.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1060933.ct1060933.InvalidateCache", false);
Deleted : user_pref("CT1060933.ct1060933.LanguagePackLastCheckTime", "Sat Sep 24 2011 11:16:31 GMT+0100 (GMT D[...]
Deleted : user_pref("CT1060933.ct1060933.Locale", "en-us");
Deleted : user_pref("CT1060933.ct1060933.RadioLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT Daylight[...]
Deleted : user_pref("CT1060933.ct1060933.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT1060933.ct1060933.RadioLastUpdateServer", "129326918102570000");
Deleted : user_pref("CT1060933.ct1060933.SearchInNewTabLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT[...]
Deleted : user_pref("CT1060933.ct1060933.SettingsLastCheckTime", "Sat Sep 24 2011 11:16:17 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT1060933.ct1060933.SettingsLastUpdate", "1314078198");
Deleted : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastCheck", "Sat Sep 24 2011 11:16:17 GMT+0100 (G[...]
Deleted : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT1060933.ct1060933.globalFirstTimeInfoLastCheckTime", "Sat Sep 24 2011 11:16:19 GMT+0100[...]
Deleted : user_pref("CT1060933.ct1060933.toolbarAppMetaDataLastCheckTime", "Sat Sep 24 2011 11:16:19 GMT+0100 [...]
Deleted : user_pref("CT1060933.ct1060933.toolbarContextMenuLastCheckTime", "Sat Sep 24 2011 11:16:31 GMT+0100 [...]
Deleted : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sat Sep 24 2011 11:16:18 GMT+0100 (GMT Dayl[...]
Deleted : user_pref("CT1060933.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT1060933.initDone", true);
Deleted : user_pref("CT1060933.isAppTrackingManagerOn", true);
Deleted : user_pref("CT1060933.isFirstRadioInstallation", false);
Deleted : user_pref("CT1060933.myStuffEnabled", true);
Deleted : user_pref("CT1060933.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT1060933.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT1060933.testingCtid", "");
Deleted : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sat Sep 24 2011 11:16:17 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sat Sep 24 2011 11:16:30 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT1060933.usagesFlag", 1);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/UK", "\"0\"");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1060933&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct1060933&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jozef&Michaela\\AppData\\Roaming\\M[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
Deleted : user_pref("CommunityToolbar.globalUserId", "cf0ad525-fcce-4817-b68c-eda99fc20f34");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Sep 24 2011 11:16:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Sep 24 2011 11:16:27 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Sep 24 2011 11:16:15 GMT+0100 (G[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "9eadebb7-31de-4e60-bfaf-05e08c03b56f");
File : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\gcsu1el3.default\prefs.js
[OK] File is clean.
File : C:\Users\karol\AppData\Roaming\Mozilla\Firefox\Profiles\pr4u9n61.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v28.0.1500.72
File : C:\Users\Jozef&Michaela\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\karol\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [14840 octets] - [25/07/2013 18:41:08]
########## EOF - C:\AdwCleaner[S1].txt - [14901 octets] ##########
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomaly nabiehajuce Win7 po log-in-e
No vida, další velká várka bordýlku smazána. Pokračujeme dále. 
Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ulož jej nejlépe na Plochu.
- Ukonči všechny programy!
- Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Počkej, než program dokončí Prescan.
- Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
- Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
- Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomaly nabiehajuce Win7 po log-in-e
paci sa
RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : karol [Admin rights]
Mode : Scan -- Date : 07/26/2013 20:41:28
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 15 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CCSet\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CCSet\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> FOUND
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[BROK VAL] HKCR\[...]\command : () -> MISSING
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 serials.wilcopub.com
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] daa96469bc7189f5a56965191bdb87ba
[BSP] 6bba8ba10aef99345d466763f9261bd7 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 17c3ed308102b934ce48e230890f734a
[BSP] 574396d57a002224293e56b357bbe1e5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
Finished : << RKreport[0]_S_07262013_204128.txt >>
RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : karol [Admin rights]
Mode : Scan -- Date : 07/26/2013 20:41:28
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 15 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CCSet\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CCSet\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> FOUND
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[BROK VAL] HKCR\[...]\command : () -> MISSING
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 serials.wilcopub.com
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] daa96469bc7189f5a56965191bdb87ba
[BSP] 6bba8ba10aef99345d466763f9261bd7 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 17c3ed308102b934ce48e230890f734a
[BSP] 574396d57a002224293e56b357bbe1e5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
Finished : << RKreport[0]_S_07262013_204128.txt >>
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomaly nabiehajuce Win7 po log-in-e
OK, počítám, že ty DNS servery máš nastaveny schválně, že? Abych Ti je náhodou nesmazal.
Takže provedeme opravy.
Takže provedeme opravy.
- Ukonči všechny programy!
- Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Počkej, než program dokončí Prescan.
- Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
- V záložce Registry nech všechny nálezy označeny.
- Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.
- Pak ještě klikni na tlačítko [Oprava Hosts] a potom opět na [Zpráva] - otevře se další log, který mi sem také vlož.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomaly nabiehajuce Win7 po log-in-e
RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : karol [Admin rights]
Mode : Remove -- Date : 07/27/2013 16:06:11
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 15 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CCSet\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CCSet\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[BROK VAL] HKCR\[...]\command : () -> CREATED ("%1" %*)
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 serials.wilcopub.com
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] daa96469bc7189f5a56965191bdb87ba
[BSP] 6bba8ba10aef99345d466763f9261bd7 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 17c3ed308102b934ce48e230890f734a
[BSP] 574396d57a002224293e56b357bbe1e5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
+++++ PhysicalDrive1: ST9500420AS +++++
--- User ---
[MBR] 827d9b8f4c9e5ba811ffdcaaf8ee7e0a
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8192 | Size: 15171 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
Finished : << RKreport[0]_D_07272013_160610.txt >>
RKreport[0]_S_07262013_204128.txt;RKreport[0]_S_07272013_160543.txt
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : karol [Admin rights]
Mode : Remove -- Date : 07/27/2013 16:06:11
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 15 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CCSet\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CCSet\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[BROK VAL] HKCR\[...]\command : () -> CREATED ("%1" %*)
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 serials.wilcopub.com
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] daa96469bc7189f5a56965191bdb87ba
[BSP] 6bba8ba10aef99345d466763f9261bd7 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 17c3ed308102b934ce48e230890f734a
[BSP] 574396d57a002224293e56b357bbe1e5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
+++++ PhysicalDrive1: ST9500420AS +++++
--- User ---
[MBR] 827d9b8f4c9e5ba811ffdcaaf8ee7e0a
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8192 | Size: 15171 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
Finished : << RKreport[0]_D_07272013_160610.txt >>
RKreport[0]_S_07262013_204128.txt;RKreport[0]_S_07272013_160543.txt
Re: Pomaly nabiehajuce Win7 po log-in-e
RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : karol [Admin rights]
Mode : HOSTSFix -- Date : 07/27/2013 16:09:07
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 9 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CCSet\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CCSet\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 serials.wilcopub.com
¤¤¤ Reset HOSTS: ¤¤¤
127.0.0.1 localhost
Finished : << RKreport[0]_H_07272013_160907.txt >>
RKreport[0]_D_07272013_160610.txt;RKreport[0]_S_07262013_204128.txt;RKreport[0]_S_07272013_160543.txt
RKreport[0]_S_07272013_160856.txt
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : karol [Admin rights]
Mode : HOSTSFix -- Date : 07/27/2013 16:09:07
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 9 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CCSet\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CCSet\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS001\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\CS002\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> NOT REMOVED, USE DNSFIX
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 serials.wilcopub.com
¤¤¤ Reset HOSTS: ¤¤¤
127.0.0.1 localhost
Finished : << RKreport[0]_H_07272013_160907.txt >>
RKreport[0]_D_07272013_160610.txt;RKreport[0]_S_07262013_204128.txt;RKreport[0]_S_07272013_160543.txt
RKreport[0]_S_07272013_160856.txt
Re: Pomaly nabiehajuce Win7 po log-in-e
k tym DNS, pouzivam google DNS pretoze provider mal problem s DNS resolution ja idiot som si nainstaloval OpenDNS, teraz sa toho neviem zbavit, tak tak musi byt google DNS natvrdo.
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Pomaly nabiehajuce Win7 po log-in-e
Aha, takhle. Nemusí, jestli to chceš vyčistit, aplikuj tento postup (smažou - deaktivují se všechny nastavené DNS).
DNS Google si tam můžeš později když tak znovu nastavit ručně.
Takže takhle.
DNS Google si tam můžeš později když tak znovu nastavit ručně.
Takže takhle.
- Ukonči všechny programy!
- Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Počkej, než program dokončí Prescan.
- Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
- Klikni na tlačítko [Oprava DNS] a potom na [Zpráva] - otevře se další log, který mi sem zase vlož.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Pomaly nabiehajuce Win7 po log-in-e
RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : karol [Admin rights]
Mode : DNSFix -- Date : 07/27/2013 16:57:37
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 9 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CCSet\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CCSet\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> REPLACED ()
[DNS] HKLM\[...]\CS001\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CS001\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CS001\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> REPLACED ()
[DNS] HKLM\[...]\CS002\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CS002\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CS002\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> REPLACED ()
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
Finished : << RKreport[0]_DN_07272013_165737.txt >>
RKreport[0]_D_07272013_160610.txt;RKreport[0]_H_07272013_160907.txt;RKreport[0]_S_07262013_204128.txt
RKreport[0]_S_07272013_160543.txt;RKreport[0]_S_07272013_160856.txt;RKreport[0]_S_07272013_165730.txt
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : karol [Admin rights]
Mode : DNSFix -- Date : 07/27/2013 16:57:37
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 9 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CCSet\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CCSet\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> REPLACED ()
[DNS] HKLM\[...]\CS001\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CS001\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CS001\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> REPLACED ()
[DNS] HKLM\[...]\CS002\[...]\{22C0C663-FD93-41FE-B338-E92AB95A25AD} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CS002\[...]\{3524FD63-32B3-43FB-9A82-91801E0EFB3C} : NameServer (10.206.65.68 10.206.65.68) -> REPLACED ()
[DNS] HKLM\[...]\CS002\[...]\{539C0E1C-D675-4BE6-980C-79CB14BAB419} : NameServer (88.82.13.44 88.82.13.44) -> REPLACED ()
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
Finished : << RKreport[0]_DN_07272013_165737.txt >>
RKreport[0]_D_07272013_160610.txt;RKreport[0]_H_07272013_160907.txt;RKreport[0]_S_07262013_204128.txt
RKreport[0]_S_07272013_160543.txt;RKreport[0]_S_07272013_160856.txt;RKreport[0]_S_07272013_165730.txt
Re: Pomaly nabiehajuce Win7 po log-in-e
a zase je tam open DNS, dam tam google DNS natvrdo o5
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
Přispějete na provoz fóra?