VIRY.CZ

Zdravím,
mám problem s trojským koňom. Hoci ho zmažem cez MBAM po reštartovaní windowsu sa vráti.
Pravdepodobne ho bude treba zabiť v Combofixu (ale toto je len úvaha)
Tu je log z MBAMu:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
http://www.malwarebytes.org

Verzia databázy: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Lenovo :: LENOVO-PC [administrátor]

Ochrana: Zapnuté

15. 9. 2013 13:53:59
MBAM-log-2013-09-15 (13-54-48).txt

Typ kontroly: Flash kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: Registre | Systémové súbory | P2P
Objektov kontrolovaných: 178717
Uplynutý čas: 15 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|1694 (Trojan.Agent) -> Dáta: C:\PROGRA~3\LOCALS~1\Temp\msvxbkiy.com -> Žiadna úloha nevykonaná.

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)


a eŠte z RSITu:
info.txt logfile of random's system information tool 1.09 2013-09-15 15:30:31

======Uninstall list======

-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.exe -maintain activex
convertXtoDVD 5 plna verze key Crack cz version for Windows-->"C:\Program Files (x86)\convertXtoDVD 5 plna verze key Crack cz\unins000.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{2433A103-9EC3-49EA-9AD1-58A35F27EE56}" "1051" "0"
Dolby Home Theater v4-->MsiExec.exe /X{B26438B4-BF51-49C3-9567-7F14A5E40CB9}
Energy Management-->"C:\Program Files (x86)\InstallShield Installation Information\{D0956C11-0F60-43FE-99AD-524E833471BB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Energy Management-->MsiExec.exe /I{D0956C11-0F60-43FE-99AD-524E833471BB}
Farm Frenzy 2-->C:\Program Files (x86)\Hry.cz\Farm Frenzy 2\Uninstall.exe
Farm Frenzy 3 Russian Roulette-->C:\Program Files (x86)\Můj produkt\Odinstalovat.exe
Farm Frenzy 3: Ice Age-->C:\Program Files (x86)\Superhry.cz\Farm Frenzy 3 Ice Age\Uninstall.exe
Farm Frenzy Pizza Party-->"C:\Windows\Farm Frenzy Pizza Party\uninstall.exe" "/U:C:\Program Files (x86)\Farm Frenzy Pizza Party\Uninstall\uninstall.xml"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) OpenCL CPU Runtime-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intelligent Touchpad-->"C:\Program Files (x86)\InstallShield Installation Information\{FDB0A81A-1173-4B15-BEA4-89FEA0474F17}\setup.exe" -runfromtemp -removeonly
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Lenovo CAPOSD-->C:\Program Files (x86)\InstallShield Installation Information\{48F851E7-DD0C-4A35-AD7A-57878023E987}\setup.exe -runfromtemp -l0x0409
Lenovo CAPOSD-->C:\Program Files (x86)\InstallShield Installation Information\{48F851E7-DD0C-4A35-AD7A-57878023E987}\setup.exe -runfromtemp -l0x0409
Lenovo EasyCamera-->C:\Program Files (x86)\Lenovo EasyCamera\uninstall.exe /s
Lenovo MuteSync-->MsiExec.exe /I{16D5D9E9-C8DE-4014-A09C-B9B5ABA0F7FA}
Lenovo OneKey Recovery-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo Registration-->MsiExec.exe /X{6707C034-ED6B-4B6A-B21F-969B3606FBDE}
Lenovo YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Lenovo YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Malwarebytes Anti-Malware verzia 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft Office 2010 pre študentov a domácnosti-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-041B-0000-0000000FF1CE}" "{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-041B-0000-0000000FF1CE}" "{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-041B-0000-0000000FF1CE}" "{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-041B-0000-0000000FF1CE}" "{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-0000-0000000FF1CE}" "{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-041B-0000-0000000FF1CE}" "{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{2304F942-79D2-46F7-A512-269A7F5B7EFC}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040E-0000-0000000FF1CE}" "{71431694-851E-4BC7-92A9-4BB9D196E24F}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-0000-0000000FF1CE}" "{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-041B-1000-0000000FF1CE}" "{6AD0855C-A3FC-4B71-907A-D4372C6F75DB}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-041B-0000-0000000FF1CE}" "{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-0000-0000000FF1CE}" "{56405E5D-9583-4644-B183-AFB3E19D80B3}" "1051" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-0000-0000000FF1CE}" "{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" "1051" "0"
Microsoft Office Access MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0015-041B-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0016-041B-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00A1-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0018-041B-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2010-->MsiExec.exe /X{90140000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2010-->MsiExec.exe /X{90140000-002C-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0019-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2010-->MsiExec.exe /X{90140000-006E-041B-0000-0000000FF1CE}
Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001B-041B-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Zoo Tycoon-->"C:\Program Files (x86)\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Nokia Internet Modem-->MsiExec.exe /X{5FEFEB99-285E-43B2-A6C6-9432A42A1EF3}
Nsd-->"C:\Program Files (x86)\InstallShield Installation Information\{4677B88C-CE16-4CBB-A2CB-B76E9D456C7F}\setup.exe" -runfromtemp -l0x0009 -removeonly
Onekey Theater-->"C:\Program Files (x86)\InstallShield Installation Information\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}\setup.exe" -runfromtemp -l0x0409 -removeonly
Onekey Theater-->MsiExec.exe /I{D4B060B9-AD4A-4152-9D99-28B93C615AFE}
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
PowerISO 1.00-->C:\Program Files (x86)\Company\PowerISO\Uninstall.exe
Realtek Ethernet Controller All-In-One Windows Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Reader Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E7F6B64E-E11F-3D1C-868D-3F1443DA5A15} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {880A0A36-244B-3C7A-8D6B-56E694CE7883} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{92CBF976-6647-41C9-966D-47FCFA40CEB4}" "1051" "0"
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{89F78B33-4282-4698-844D-E306D4260C02}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{CCC48FE2-175F-4CDE-82DF-F7BC4672C1A3}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B5489515-6DD4-47A5-AE4E-64751D15F10E}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{294CFDA0-FFD3-4C74-A26C-F4AE246783D6}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{4D6FE7B6-559F-4DAC-92CF-A01C24046AEB}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A5E549EB-FDD3-4CD1-8163-50D429A36516}" "1051" "0"
Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{D408797D-5972-4204-B7EB-67254DF0F8CE}" "1051" "0"
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{77AA05C3-6499-49F2-801D-55BD0E587579}" "1051" "0"
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{BC3AD7F4-A075-4C9E-A33A-0FA4F8EBCA96}" "1051" "0"
Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{CD9083D1-380C-4377-811C-6642E0C83AA5}" "1051" "0"
SugarSync Manager-->C:\Program Files (x86)\SugarSync\uninstall.exe
T-Mobile Communication Center 3.81.11.14-->"C:\Program Files (x86)\T-Mobile Communication Center\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8C286FD4-AB38-37A6-BC8A-6F16AFE9AB1F} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2836939)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {8C286FD4-AB38-37A6-BC8A-6F16AFE9AB1F} /parameterfolder Extended
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}" "1051" "0"
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}" "1051" "0"
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}" "1051" "0"
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1051" "0"
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{97C39B81-3054-4AB4-B11D-A656DE619982}" "1051" "0"
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1051" "0"
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{18B3CF2A-73F7-4716-B1AE-86D68726D408}" "1051" "0"
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{2AB2E0DF-DF6F-4051-895B-A09FA08AD387}" "1051" "0"
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-0000-0000000FF1CE}" "{45BC4A6A-9337-4276-AF51-6481A747BB32}" "1051" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1051" "0"
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}" "1051" "0"
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{150A0FF0-AF69-4132-BD93-1E34F63FC8A3}" "1051" "0"
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{287A1E92-9E41-4BC1-8920-B3D0E9220800}" "1051" "0"
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}" "1051" "0"
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{007CC0F3-15DE-426D-95B5-B019FCEF58CE}" "1051" "0"
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{C4F26A9B-B121-4135-8084-A0D9C780C7C8}" "1051" "0"
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}" "1051" "0"
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}" "1051" "0"
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}" "1051" "0"
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{35698CB7-AAA2-4577-B505-DBFF504AEF23}" "1051" "0"
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{24BD08F8-FF6E-4DD8-BE49-3659AE78A819}" "1051" "0"
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}" "1051" "0"
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{5AA578BB-759C-40FD-9661-A737C0884541}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-0000-0000000FF1CE}" "{B4E15135-5272-4194-9724-5FA19F72296D}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}" "1051" "0"
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-0000-0000000FF1CE}" "{B1F5ED4F-08EE-4487-89EA-69406127A951}" "1051" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-0000-0000000FF1CE}" "{939C62F7-4741-43AF-A29F-5ED0BF0D318A}" "1051" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1051" "0"
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-041B-0000-0000000FF1CE}" "{EBFFD89B-82CD-41E1-B015-DAF7CAE1696D}" "1051" "0"
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}" "1051" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{5DA2D071-A54C-47C0-83E5-43C63DBFD936}" "1051" "0"
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{8C55AA83-54C2-4236-A622-78440A411DC5}" "1051" "0"
UserGuide-->"C:\Program Files (x86)\InstallShield Installation Information\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\setup.exe" -runfromtemp -l0x0409 -removeonly
UserGuide-->MsiExec.exe /I{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
VeriFace-->C:\Program Files (x86)\Lenovo\VeriFace\Uninstall.exe
VSO ConvertXtoDVD 5.0.0.33 Final - CRACK version for Windows-->"C:\Program Files (x86)\VSO ConvertXtoDVD 5.0.0.33 Final - CRACK\unins000.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger-->MsiExec.exe /X{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}
Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
WinRAR archivátor-->C:\Program Files (x86)\WinRAR\uninstall.exe

======System event log======

Computer Name: Lenovo-PC
Event Code: 7006
Message: Volanie ScRegSetValueExW zlyhalo pre FailureActions s nasledujúcou chybou:
Prístup je odmietnutý.
Record Number: 162508
Source Name: Service Control Manager
Time Written: 20130505200746.954129-000
Event Type: Error
User:

Computer Name: Lenovo-PC
Event Code: 1014
Message: Name resolution for the name http://www.google.com timed out after none of the configured DNS servers responded.
Record Number: 162496
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130505200707.523573-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Lenovo-PC
Event Code: 1014
Message: Name resolution for the name clients2.google.com timed out after none of the configured DNS servers responded.
Record Number: 162458
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130505142601.828705-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Lenovo-PC
Event Code: 1014
Message: Name resolution for the name clients2.google.com timed out after none of the configured DNS servers responded.
Record Number: 162442
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130505120239.427326-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Lenovo-PC
Event Code: 1014
Message: Name resolution for the name clients4.google.com timed out after none of the configured DNS servers responded.
Record Number: 162434
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130505115749.045717-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: Lenovo-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 136289
Source Name: Microsoft-Windows-WMI
Time Written: 20130422121646.000000-000
Event Type: Error
User:

Computer Name: Lenovo-PC
Event Code: 256
Message: An error has occurred (---query ManualSetMs key success failed with 0, The Code is:0x424.).
Record Number: 136284
Source Name: NSDSvc
Time Written: 20130422121641.000000-000
Event Type: Error
User:

Computer Name: Lenovo-PC
Event Code: 256
Message: An error has occurred (---Ajust Sleep time failed with 0, The Code is:0x422.).
Record Number: 136283
Source Name: NSDSvc
Time Written: 20130422121641.000000-000
Event Type: Error
User:

Computer Name: Lenovo-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 136264
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20130422121025.873684-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Lenovo-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 136262
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20130422121025.717684-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Lenovo-PC
Event Code: 5056
Message: A cryptographic self test was performed.

Subject:
Security ID: S-1-5-18
Account Name: LENOVO-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Module: ncrypt.dll

Return Code: 0x0
Record Number: 10363
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121228152001.578833-000
Event Type: Audit Success
User:

Computer Name: Lenovo-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 10362
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121228152001.110832-000
Event Type: Audit Success
User:

Computer Name: Lenovo-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: LENOVO-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x300
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 10361
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121228152001.110832-000
Event Type: Audit Success
User:

Computer Name: Lenovo-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 10360
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121228152001.110832-000
Event Type: Audit Success
User:

Computer Name: Lenovo-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: LENOVO-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x300
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 10359
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121228152001.110832-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------


Za akúkoľvek pomoc som vďačný

Zdravím!
Položku, kterou MBAM nalezl, smažte. Z RSIT bych prosil obsah souboru log.txt. Info.txt je mi k ničemu.

Ak ju zmažem po reštarte PC sa znovu objaví. Log pripojím len čo sa scan dokonči
EDIT:
Tu je log z hijack this:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:17, on 15. 9. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
C:\PROGRA~2\Lenovo\LENOVO~2\CAPOSD.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Users\Lenovo\Desktop\Nový priečinok\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Lenovo EasyCamera_Monitor] C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [NokiaInternetModem_AppStart.exe] "C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe" "-start" "C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem.exe"
O4 - HKLM\..\Run: [CAPOSD] C:\PROGRA~2\Lenovo\LENOVO~2\CAPOSD.exe
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TMCC] "C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe" -m
O4 - HKLM\..\Policies\Explorer\Run: [1694] C:\PROGRA~3\LOCALS~1\Temp\msvxbkiy.com
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6310EE9-96EC-4D66-9C48-AB2130524525}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool2 (NitroDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: Fast boot service of lenovo (NSDSvc) - Unknown owner - C:\Windows\System32\NSDSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11441 bytes

Dúfam, že teraz je to kompletné

Monty91 píše:Dúfam, že teraz je to kompletné

Není. Dal jste log HijackThis. Po ukončení činnosti spuštěného RSIT se otevřou 2 logy:

1. log.txt (ten potřebuji)
2. info.txt (ten jste mi prve dal)

Problém je ten, že keď pustím RSIT tak mi vyhodí, že sa mu nepodarilo nájsť Hijackthis, hoci je v program files. Nepomohlo ani keď som ho dal do jedného priečinku či skúšal pustiť tým že natiahnem Hijack na Rsit. Stiahnuť ho nemôžem, pretože na notebooku nemám wifi :/ Tiež som skúśal skopírovať Rsit ktorý mi ide na XP na Win 7. Bez úspechu. Má niekto nejaké nápady? :/

Zkusíme to jinak. Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

log:
# AdwCleaner v3.004 - Report created 15/09/2013 at 21:02:00
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lenovo - LENOVO-PC
# Running from : C:\Users\Lenovo\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\AlawarWrapper

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1566 octets] - [15/09/2013 21:00:49]
AdwCleaner[S0].txt - [1463 octets] - [15/09/2013 21:02:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1523 octets] ##########

Stáhněte FRST: http://www.bleepingcomputer.com/downloa ... scan-tool/ a uložte na plochu. Spusťte a klikněte na >Scan<. Po skončení skenu se objeví log, který sem zkopírujte.

Tu je log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-09-2013 05
Ran by Lenovo (administrator) on LENOVO-PC on 15-09-2013 21:53:43
Running from E:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files\Lenovo\Nsd\startup.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
() C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
() C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
(LENOVO) C:\PROGRA~2\Lenovo\LENOVO~2\CAPOSD.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Intel Corporation) C:\Windows\system32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxtray.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Slovak Telekom a.s.) C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789856 2012-08-23] (Lenovo)
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-08-23] (Lenovo)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [408872 2011-11-10] (Synaptics)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2011-11-10] (Synaptics Incorporated)
HKLM\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$9d2f925ffb685ba8d983947bba1a46a3\n. ATTENTION! ====> ZeroAccess?
HKLM\...\Policies\Explorer\Run: [1694] - C:\PROGRA~3\LOCALS~1\Temp\msvxbkiy.com No File
HKCU\...\Run: [TMCC] - C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [843776 2012-01-04] (Slovak Telekom a.s.)
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
MountPoints2: E - E:\Setup.exe
MountPoints2: {f51abc75-2b34-11e2-ac5a-446d57bfc452} - E:\Setup.exe
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] - C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [258936 2012-02-06] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Intelligent Touchpad] - C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [NokiaInternetModem_AppStart.exe] - C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem.exe [138368 2011-12-02] (Nokia)
HKLM-x32\...\Run: [CAPOSD] - C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe [1876992 2012-02-09] (LENOVO)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [MuteSync] - C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-04] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-08-23] (Lenovo)
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe [x]
HKLM-x32\...\Run: [Printsrv] - c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [x]
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com/ig/redirectdomain ... &bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\..\Interfaces\{B6310EE9-96EC-4D66-9C48-AB2130524525}: [NameServer]160.218.161.60 194.228.211.33

Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
CHR RestoreOnStartup: "hxxp://techalpunto.net/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\gcswf32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2013.909.0_0
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-lenovo-abb.crx

==================== Services (Whitelisted) =================

R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-06-21] (Nitro PDF Software)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-24] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 nokia_usb_modem_cdc_acm; C:\Windows\System32\DRIVERS\nokia_usb_modem_cdc_acm.sys [79872 2011-06-22] (Nokia)
S3 nokia_usb_modem_cdc_ecm; C:\Windows\System32\DRIVERS\nokia_usb_modem_cdc_ecm.sys [58880 2011-06-22] (Nokia)
S3 nokia_usb_modem_cpo; C:\Windows\System32\DRIVERS\nokia_usb_modem_cpo.sys [14336 2011-06-22] (Nokia)
S3 nokia_usb_modem_ecm_enum; C:\Windows\System32\DRIVERS\nokia_usb_modem_ecm_enum.sys [56320 2011-06-22] (Nokia)
S3 nokia_usb_modem_ecm_enum_filter; C:\Windows\System32\DRIVERS\nokia_usb_modem_ecm_enum_filter.sys [56320 2011-06-22] (Nokia)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-24] (Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-22] (Lenovo Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [184960 2010-11-21] (Microsoft Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
U2 AdobeARMservice;
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 IAStorDataMgrSvc;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 iphlpsvc;
U2 IviRegMgr;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-15 21:53 - 2013-09-15 21:53 - 00000000 ____D C:\FRST
2013-09-15 21:04 - 2013-09-15 21:04 - 00001603 _____ C:\Users\Lenovo\Desktop\AdwCleaner[S0].txt
2013-09-15 21:00 - 2013-09-15 21:14 - 00000000 ____D C:\AdwCleaner
2013-09-15 21:00 - 2013-09-15 20:59 - 01039554 _____ C:\Users\Lenovo\Desktop\adwcleaner.exe
2013-09-15 20:02 - 2013-09-15 20:45 - 00000000 ____D C:\Users\Lenovo\Desktop\Nový priečinok
2013-09-15 16:29 - 2013-09-15 16:29 - 00002092 _____ C:\Users\Public\Desktop\YoudaSurvivor2.lnk
2013-09-15 16:29 - 2013-09-15 16:29 - 00000000 ____D C:\Program Files (x86)\Games
2013-09-15 15:34 - 2013-09-15 15:34 - 00044741 _____ C:\Users\Lenovo\Desktop\info.txt
2013-09-15 15:30 - 2013-09-15 15:30 - 00000000 ____D C:\rsit
2013-09-15 15:30 - 2013-09-15 15:30 - 00000000 ____D C:\Program Files (x86)\trend micro
2013-09-13 18:21 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 18:21 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 18:21 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 18:21 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 18:21 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 18:21 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 18:21 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 18:21 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 18:21 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 18:21 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 18:21 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 18:21 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 18:21 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 18:21 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 18:21 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 18:21 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 18:21 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 18:21 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 18:21 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 18:21 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 18:21 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 15:03 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 15:03 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 15:03 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 15:03 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 15:03 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 15:03 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 15:03 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 15:03 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 15:03 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 15:03 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 15:03 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 15:03 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 15:03 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 15:03 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 15:03 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 15:03 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 15:03 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 15:03 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 15:03 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 15:03 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 15:03 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 15:03 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 15:03 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 15:03 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 15:03 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 15:03 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 15:03 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-08-23 16:38 - 2013-08-23 19:07 - 404368631 _____ C:\Users\Lenovo\Downloads\Policajti-na-baterky-(2003)-CZ.avi
2013-08-23 13:35 - 2013-08-23 15:19 - 332982504 _____ C:\Users\Lenovo\Downloads\Anakonda---(2008)---CZ-Dabing.avi
2013-08-23 11:34 - 2013-08-23 13:34 - 371338527 _____ C:\Users\Lenovo\Downloads\Anakonda-1-(1997)-dyvko-dvdrip-xvid-cz.avi
2013-08-23 08:33 - 2013-08-23 08:34 - 00000000 ____D C:\Users\Lenovo\Desktop\Skúšobné testy 2013 Autoškola
2013-08-16 17:07 - 2013-08-16 17:08 - 00000000 ____D C:\ProgramData\FarmFrenzy-PizzaParty
2013-08-16 17:07 - 2013-08-16 17:07 - 00002119 _____ C:\Users\Lenovo\Desktop\Farm Frenzy Pizza Party.lnk
2013-08-16 17:07 - 2013-08-16 17:07 - 00000000 ____D C:\Windows\Farm Frenzy Pizza Party
2013-08-16 17:07 - 2013-08-16 17:07 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Frenzy Pizza Party
2013-08-16 17:07 - 2013-08-16 17:07 - 00000000 ____D C:\Program Files (x86)\Farm Frenzy Pizza Party
2013-08-16 15:10 - 2013-08-16 16:49 - 307328570 _____ C:\Users\Lenovo\Downloads\kraska-a-zviera-CZ-dab-2012 (1).avi
2013-08-16 10:59 - 2013-08-16 10:59 - 00000000 _____ C:\Users\Lenovo\regbcm

==================== One Month Modified Files and Folders =======

2013-09-15 21:53 - 2013-09-15 21:53 - 00000000 ____D C:\FRST
2013-09-15 21:53 - 2013-05-25 16:48 - 00017481 _____ C:\Windows\setupact.log
2013-09-15 21:53 - 2012-10-25 01:48 - 04740969 _____ C:\FaceProv.log
2013-09-15 21:53 - 2012-08-23 05:29 - 00000000 ____D C:\ProgramData\VeriFace
2013-09-15 21:53 - 2012-08-23 04:45 - 01173876 _____ C:\Windows\WindowsUpdate.log
2013-09-15 21:52 - 2009-07-14 07:13 - 00006206 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 21:48 - 2012-08-23 05:31 - 00418747 _____ C:\Windows\system32\fastboot.set
2013-09-15 21:48 - 2012-08-23 05:29 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-15 21:47 - 2013-02-11 22:19 - 00000292 _____ C:\Windows\Tasks\AutoKMS.job
2013-09-15 21:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-15 21:14 - 2013-09-15 21:00 - 00000000 ____D C:\AdwCleaner
2013-09-15 21:10 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-15 21:10 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-15 21:05 - 2013-02-11 20:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-15 21:04 - 2013-09-15 21:04 - 00001603 _____ C:\Users\Lenovo\Desktop\AdwCleaner[S0].txt
2013-09-15 20:59 - 2013-09-15 21:00 - 01039554 _____ C:\Users\Lenovo\Desktop\adwcleaner.exe
2013-09-15 20:45 - 2013-09-15 20:02 - 00000000 ____D C:\Users\Lenovo\Desktop\Nový priečinok
2013-09-15 20:45 - 2013-05-25 19:00 - 00000000 ____D C:\Program Files\HijackThis
2013-09-15 20:44 - 2012-08-23 05:29 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-15 20:03 - 2013-05-25 17:07 - 00011443 _____ C:\Users\Lenovo\Desktop\hijackthis.log
2013-09-15 16:29 - 2013-09-15 16:29 - 00002092 _____ C:\Users\Public\Desktop\YoudaSurvivor2.lnk
2013-09-15 16:29 - 2013-09-15 16:29 - 00000000 ____D C:\Program Files (x86)\Games
2013-09-15 15:34 - 2013-09-15 15:34 - 00044741 _____ C:\Users\Lenovo\Desktop\info.txt
2013-09-15 15:30 - 2013-09-15 15:30 - 00000000 ____D C:\rsit
2013-09-15 15:30 - 2013-09-15 15:30 - 00000000 ____D C:\Program Files (x86)\trend micro
2013-09-15 14:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-15 13:31 - 2013-05-25 18:08 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-15 13:31 - 2013-05-25 18:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-15 13:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-14 10:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-13 19:10 - 2012-10-25 01:52 - 00000000 ___RD C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 19:10 - 2012-10-25 01:52 - 00000000 ___RD C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 18:54 - 2009-07-14 06:45 - 00375840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 18:52 - 2013-05-25 16:47 - 00011326 _____ C:\Windows\PFRO.log
2013-09-13 18:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2013-09-13 18:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sk-SK
2013-09-13 18:21 - 2013-07-15 08:19 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 18:20 - 2013-02-11 20:24 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 18:19 - 2013-02-11 20:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 16:44 - 2012-11-23 15:02 - 00000000 ____D C:\Users\Lenovo\Desktop\Obrázky
2013-09-13 16:44 - 2012-11-18 11:06 - 00000000 ____D C:\Users\Lenovo\Desktop\Pesničky
2013-09-13 15:05 - 2013-02-11 20:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 15:05 - 2013-02-11 20:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 15:05 - 2013-02-11 20:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-07 11:44 - 2012-11-28 15:07 - 00000000 ____D C:\Users\Lenovo\Desktop\Fotky
2013-09-04 18:42 - 2012-08-23 05:29 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-04 13:26 - 2012-11-18 19:20 - 00000000 ____D C:\Users\Lenovo\Desktop\Filmy
2013-09-03 13:27 - 2009-07-14 07:08 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-24 21:05 - 2012-11-10 15:28 - 00000000 ____D C:\Users\Lenovo\Documents\Youcam
2013-08-24 12:49 - 2012-12-02 16:48 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Nitro PDF
2013-08-23 19:07 - 2013-08-23 16:38 - 404368631 _____ C:\Users\Lenovo\Downloads\Policajti-na-baterky-(2003)-CZ.avi
2013-08-23 15:19 - 2013-08-23 13:35 - 332982504 _____ C:\Users\Lenovo\Downloads\Anakonda---(2008)---CZ-Dabing.avi
2013-08-23 13:34 - 2013-08-23 11:34 - 371338527 _____ C:\Users\Lenovo\Downloads\Anakonda-1-(1997)-dyvko-dvdrip-xvid-cz.avi
2013-08-23 08:34 - 2013-08-23 08:33 - 00000000 ____D C:\Users\Lenovo\Desktop\Skúšobné testy 2013 Autoškola
2013-08-16 17:08 - 2013-08-16 17:07 - 00000000 ____D C:\ProgramData\FarmFrenzy-PizzaParty
2013-08-16 17:07 - 2013-08-16 17:07 - 00002119 _____ C:\Users\Lenovo\Desktop\Farm Frenzy Pizza Party.lnk
2013-08-16 17:07 - 2013-08-16 17:07 - 00000000 ____D C:\Windows\Farm Frenzy Pizza Party
2013-08-16 17:07 - 2013-08-16 17:07 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Frenzy Pizza Party
2013-08-16 17:07 - 2013-08-16 17:07 - 00000000 ____D C:\Program Files (x86)\Farm Frenzy Pizza Party
2013-08-16 16:49 - 2013-08-16 15:10 - 307328570 _____ C:\Users\Lenovo\Downloads\kraska-a-zviera-CZ-dab-2012 (1).avi
2013-08-16 10:59 - 2013-08-16 10:59 - 00000000 _____ C:\Users\Lenovo\regbcm
2013-08-16 10:59 - 2012-10-25 01:50 - 00000000 ____D C:\Users\Lenovo

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1436999913-4166371001-3170488701-1000\$9d2f925ffb685ba8d983947bba1a46a3

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$9d2f925ffb685ba8d983947bba1a46a3

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2968.dll


Some content of TEMP:
====================
C:\Users\Lenovo\AppData\Local\Temp\EBU8D85.exe
C:\Users\Lenovo\AppData\Local\Temp\EBU95AF.DLL
C:\Users\Lenovo\AppData\Local\Temp\EBUC23A.exe
C:\Users\Lenovo\AppData\Local\Temp\EBUC6AE.EXE
C:\Users\Lenovo\AppData\Local\Temp\EBUD2DD.DLL
C:\Users\Lenovo\AppData\Local\Temp\TMCCSetup_3.81.11.14_1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-14 10:17

==================== End Of Log ============================

A ešte ten druhý:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2013 05
Ran by Lenovo at 2013-09-15 21:54:40
Running from E:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174)
convertXtoDVD 5 plna verze key Crack cz version for Windows (x32 Version: for Windows)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dolby Home Theater v4 (x32 Version: 7.2.7000.7)
Energy Management (x32 Version: 7.0.4.1)
Farm Frenzy 2 (x32)
Farm Frenzy 3 Russian Roulette (x32)
Farm Frenzy 3: Ice Age (x32)
Farm Frenzy Pizza Party (x32 Version: 1.0)
Google Chrome (x32 Version: 29.0.1547.66)
Intel PROSet Wireless
Intel(R) Management Engine Components (x32 Version: 8.0.2.1410)
Intel(R) OpenCL CPU Runtime (x32)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235)
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0642)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Intelligent Touchpad (x32 Version: 1.00.0108)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.5.1.2300)
Lenovo CAPOSD (x32 Version: 1.0.0.6)
Lenovo EasyCamera (x32 Version: 3.3.3.31)
Lenovo EE Boot Optimizer (Version: 0.0.1.9)
Lenovo MuteSync (x32 Version: 1.0.10)
Lenovo OneKey Recovery (Version: 7.0.0.3712)
Lenovo OneKey Recovery (x32 Version: 7.0.0.3712)
Lenovo Registration (x32 Version: 1.0.4)
Lenovo YouCam (x32 Version: 3.1.3728)
Malwarebytes Anti-Malware verzia 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 pre študentov a domácnosti (x32 Version: 14.0.6029.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Czech) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Hungarian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (Slovak) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (Slovak) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Zoo Tycoon (x32)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Nitro Pro 7 (Version: 7.4.1.12)
Nokia Internet Modem (x32 Version: 1.3.283.3)
Nsd (x32 Version: 1.0.1.7)
Onekey Theater (x32 Version: 2.0.2.9)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (x32 Version: 15.4.5722.2)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (x32 Version: 15.4.5722.2)
Power2Go (x32 Version: 5.6.0.7303)
PowerISO 1.00 (x32)
Realtek Ethernet Controller All-In-One Windows Driver (x32 Version: 7.48.823.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6559)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7601.39015)
SugarSync Manager (x32 Version: 1.9.49.86082)
Synaptics Pointing Device Driver (Version: 15.3.33.0)
T-Mobile Communication Center 3.81.11.14 (x32 Version: 3.81.11.14)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
UserGuide (x32 Version: 1.0.0.6)
VeriFace (x32 Version: 4.0.1.1230)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VSO ConvertXtoDVD 5.0.0.33 Final - CRACK version for Windows (x32 Version: for Windows)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (Version: 12/15/2011 7.1.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR archivátor (x32)
YoudaSurvivor2 (x32 Version: 1.0.1.0)

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0864FAAF-FF6E-4B06-B5CD-0294D9631CF4} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {907F1EE0-E2BD-4EEC-806B-28713DB7FF0B} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {A0C7F9DD-2CBD-4B17-8B8C-EB4F24037225} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {A65E2EDC-C997-4605-B873-3B4F255182F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
Task: {A7A378EC-8B60-4986-B512-821E0B7483AE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {AEECB0CA-8FB4-46C4-9F38-1FE169C8CFA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {B685C11D-7C7C-4E7B-9B4E-9AD020058CBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {B9A3B845-0C22-4EDB-8D60-6DBC90EA9149} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {BBB34CEC-C528-468C-845C-9DF7E2B0E9F0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-09 20:00 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2011-06-02 22:58 - 2011-06-02 22:58 - 00201568 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-06-02 22:59 - 2011-06-02 22:59 - 00156000 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2009-07-14 01:37 - 2009-07-14 03:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe
2011-10-10 09:52 - 2011-10-10 09:52 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE
2012-02-15 00:52 - 2012-02-15 00:52 - 00463952 _____ (SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
2012-08-23 05:29 - 2012-08-23 05:29 - 01508192 _____ () C:\Windows\system32\IcnOvrly.dll
2008-12-20 12:20 - 2012-08-23 05:30 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-04-20 01:22 - 2012-08-23 05:30 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-09 00:41 - 2012-08-23 05:30 - 00011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\sk-SK\EMWpfUI.resources.dll
2008-12-20 12:20 - 2012-08-23 05:30 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-08-23 05:12 - 2011-12-23 07:30 - 00823912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2012-08-23 05:12 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2012-08-23 05:12 - 2012-01-20 07:07 - 03845736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2012-08-23 05:12 - 2011-05-02 08:27 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2012-03-20 13:10 - 2011-11-10 14:37 - 02847016 _____ (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2012-03-20 13:10 - 2011-11-10 14:37 - 00416040 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2012-03-20 13:10 - 2011-11-10 14:37 - 00227624 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2012-03-20 13:10 - 2011-11-10 14:37 - 00058664 _____ (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-03-20 13:10 - 2011-11-10 14:38 - 00408872 _____ (Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
2012-03-20 13:10 - 2011-11-10 14:37 - 00121640 _____ (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
2012-02-06 04:38 - 2012-02-06 04:38 - 00258936 _____ () C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
2011-06-01 19:32 - 2011-06-01 19:32 - 00506712 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
2011-06-01 19:32 - 2011-06-01 19:32 - 01070424 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4c.dll
2011-06-01 19:32 - 2011-06-01 19:32 - 00034136 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\Dolby.Interop.dll
2011-06-01 19:32 - 2011-06-01 19:32 - 00030040 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\sk\pcee4c.resources.dll
2012-08-23 05:26 - 2011-12-08 20:12 - 00291272 _____ () C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
2011-12-02 12:31 - 2011-12-02 12:31 - 00142464 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe
2012-08-23 05:26 - 2012-08-23 05:26 - 00099680 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2012-12-14 03:42 - 2012-12-14 03:42 - 00399984 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2012-12-14 03:42 - 2012-12-14 03:42 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrSKY.lrc
2012-12-14 03:42 - 2012-12-14 03:42 - 00172144 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2012-12-14 03:42 - 2012-12-14 03:42 - 00441968 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2012-05-05 13:16 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2012-08-23 05:12 - 2011-11-15 13:18 - 01156712 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2012-08-23 05:12 - 2012-01-31 13:09 - 12446824 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2013-06-11 22:55 - 2012-01-04 21:31 - 00843776 _____ (Slovak Telekom a.s.) C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
2009-07-14 01:41 - 2009-07-14 03:14 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RunDll32.exe
2013-09-15 21:47 - 2013-09-15 21:47 - 01951146 _____ (Farbar) E:\FRST64.exe
2011-06-02 22:57 - 2011-06-02 22:57 - 00161120 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-06-02 22:58 - 2011-06-02 22:58 - 00132448 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 01048496 _____ (wxWidgets development team) C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxmsw28u_core_vc_custom.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00726960 _____ (wxWidgets development team) C:\Program Files (x86)\Nokia\Nokia Internet Modem\wxbase28u_vc_custom.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00061872 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\DriveDetector.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00608688 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\Toolkit.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00147888 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\pcre3.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00861104 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\UIToolkit.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00395184 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\WebClient.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00096688 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\ComCore.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00049584 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\Preferences.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00247728 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\DB.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00132016 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\Discovery.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00360880 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\Device.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00033280 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryGeneric.plugin
2011-12-02 12:31 - 2011-12-02 12:31 - 00099760 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\System.dll
2011-12-02 12:31 - 2011-12-02 12:31 - 00028160 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryMobileBroadband.plugin
2011-12-02 12:31 - 2011-12-02 12:31 - 00018944 _____ () C:\Program Files (x86)\Nokia\Nokia Internet Modem\ressources\plugins\DiscoveryNdis.plugin
2011-06-28 08:28 - 2011-06-28 08:28 - 00042496 _____ () C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
2012-08-23 05:28 - 2012-08-23 05:28 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2013-06-11 22:55 - 2008-07-03 13:43 - 00278528 _____ (Paradoxx Software) C:\Program Files (x86)\T-Mobile Communication Center\PhoneComm.dll
2013-06-11 22:55 - 2012-01-04 21:30 - 00069632 _____ (Slovak Telekom a.s.) C:\Program Files (x86)\T-Mobile Communication Center\NokiaInterface.dll
2013-06-11 22:55 - 2012-01-04 21:30 - 00034304 _____ (Slovak Telekom a.s.) C:\Program Files (x86)\T-Mobile Communication Center\TMCCSK.dll
2013-06-11 22:55 - 2011-02-16 15:15 - 00880640 _____ (DMSoft Technologies) C:\Windows\SysWow64\SkinCrafter3_vs2005.dll
2013-06-11 22:55 - 2012-01-04 21:33 - 02752512 _____ () C:\Program Files (x86)\T-Mobile Communication Center\default.tms

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Windows:nlsPreferences


==================== Faulty Device Manager Devices =============

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/15/2013 09:52:19 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/15/2013 09:52:19 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/15/2013 09:52:19 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/15/2013 09:49:30 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/15/2013 09:49:30 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/15/2013 09:49:30 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/15/2013 09:48:14 PM) (Source: NSDSvc) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (09/15/2013 09:48:14 PM) (Source: NSDSvc) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (09/15/2013 09:48:14 PM) (Source: NSDSvc) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (09/15/2013 09:48:14 PM) (Source: NSDSvc) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).


System errors:
=============
Error: (09/15/2013 09:50:02 PM) (Source: Service Control Manager) (User: )
Description: Služba Function Discovery Resource Publication bola ukončená s nasledujúcou chybou:
%%-2147024891

Error: (09/15/2013 09:48:10 PM) (Source: Service Control Manager) (User: )
Description: Služba IPsec Policy Agent závisí od nasledujúcej služby: BFE. Je možné, že táto služba nie je nainštalovaná.

Error: (09/15/2013 09:48:10 PM) (Source: Service Control Manager) (User: )
Description: Služba IKE and AuthIP IPsec Keying Modules závisí od nasledujúcej služby: BFE. Je možné, že táto služba nie je nainštalovaná.

Error: (09/15/2013 09:47:59 PM) (Source: Service Control Manager) (User: )
Description: Služba Computer Browser bola ukončená s nasledujúcou chybou:
%%1060

Error: (09/15/2013 09:05:30 PM) (Source: Service Control Manager) (User: )
Description: Služba Function Discovery Resource Publication bola ukončená s nasledujúcou chybou:
%%-2147024891

Error: (09/15/2013 09:03:48 PM) (Source: Service Control Manager) (User: )
Description: Služba IPsec Policy Agent závisí od nasledujúcej služby: BFE. Je možné, že táto služba nie je nainštalovaná.

Error: (09/15/2013 09:03:48 PM) (Source: Service Control Manager) (User: )
Description: Služba IKE and AuthIP IPsec Keying Modules závisí od nasledujúcej služby: BFE. Je možné, že táto služba nie je nainštalovaná.

Error: (09/15/2013 09:03:26 PM) (Source: Service Control Manager) (User: )
Description: Služba Computer Browser bola ukončená s nasledujúcou chybou:
%%1060

Error: (09/15/2013 07:29:03 PM) (Source: Service Control Manager) (User: )
Description: Služba Function Discovery Resource Publication bola ukončená s nasledujúcou chybou:
%%-2147024891

Error: (09/15/2013 07:27:09 PM) (Source: Service Control Manager) (User: )
Description: Služba IPsec Policy Agent závisí od nasledujúcej služby: BFE. Je možné, že táto služba nie je nainštalovaná.


Microsoft Office Sessions:
=========================
Error: (09/15/2013 09:52:19 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (09/15/2013 09:52:19 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (09/15/2013 09:52:19 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (09/15/2013 09:49:30 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (09/15/2013 09:49:30 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (09/15/2013 09:49:30 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (09/15/2013 09:48:14 PM) (Source: NSDSvc)(User: )
Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

Error: (09/15/2013 09:48:14 PM) (Source: NSDSvc)(User: )
Description: NSDSvc---Get Poicy Open key suc failed with 0, The Code is:0x422.

Error: (09/15/2013 09:48:14 PM) (Source: NSDSvc)(User: )
Description: NSDSvc---query POLICYVT key success failed with 0, The Code is:0x424.

Error: (09/15/2013 09:48:14 PM) (Source: NSDSvc)(User: )
Description: NSDSvc---Get Poicy Open key suc failed with 0, The Code is:0x422.


==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 3955.32 MB
Available physical RAM: 2682.89 MB
Total Pagefile: 7908.82 MB
Available Pagefile: 6434.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:755.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:21.35 GB) NTFS
Drive e: () (Removable) (Total:1.84 GB) (Free:1.84 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 13BB999C)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 GB) - (Type=12)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)

==================== End Of Log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$9d2f925ffb685ba8d983947bba1a46a3\n.
HKLM\...\Policies\Explorer\Run: [1694] - C:\PROGRA~3\LOCALS~1\Temp\msvxbkiy.com
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32]
MountPoints2: E - E:\Setup.exe
MountPoints2: {f51abc75-2b34-11e2-ac5a-446d57bfc452} - E:\Setup.exe
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe
C:\Windows\inf\ntvdm.vbe
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
C:\Windows\Tasks\AutoKMS.job
C:\Windows\Tasks\SA.DAT
C:\$Recycle.Bin\S-1-5-21-1436999913-4166371001-3170488701-1000\$9d2f925ffb685ba8d983947bba1a46a3
C:\$Recycle.Bin\S-1-5-18\$9d2f925ffb685ba8d983947bba1a46a3
C:\Users\Lenovo\AppData\Local\Temp
End

Uložte na stejný adresář, kde máte FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-09-2013 05
Ran by Lenovo at 2013-09-16 07:56:32 Run:1
Running from C:\Program Files\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$9d2f925ffb685ba8d983947bba1a46a3\n.
HKLM\...\Policies\Explorer\Run: [1694] - C:\PROGRA~3\LOCALS~1\Temp\msvxbkiy.com
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32]
MountPoints2: E - E:\Setup.exe
MountPoints2: {f51abc75-2b34-11e2-ac5a-446d57bfc452} - E:\Setup.exe
HKLM-x32\...\Run: [NtVdmSrv] - C:\Windows\inf\ntvdm.vbe
C:\Windows\inf\ntvdm.vbe
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
C:\Windows\Tasks\AutoKMS.job
C:\Windows\Tasks\SA.DAT
C:\$Recycle.Bin\S-1-5-21-1436999913-4166371001-3170488701-1000\$9d2f925ffb685ba8d983947bba1a46a3
C:\$Recycle.Bin\S-1-5-18\$9d2f925ffb685ba8d983947bba1a46a3
C:\Users\Lenovo\AppData\Local\Temp
End
*****************

HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1694 => Value deleted successfully.
HKCU\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f51abc75-2b34-11e2-ac5a-446d57bfc452} => Key deleted successfully.
HKCR\CLSID\{f51abc75-2b34-11e2-ac5a-446d57bfc452} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value deleted successfully.
"C:\Windows\inf\ntvdm.vbe" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\SA.DAT => Moved successfully.
C:\$Recycle.Bin\S-1-5-21-1436999913-4166371001-3170488701-1000\$9d2f925ffb685ba8d983947bba1a46a3 => Moved successfully.
C:\$Recycle.Bin\S-1-5-18\$9d2f925ffb685ba8d983947bba1a46a3 => Moved successfully.

"C:\Users\Lenovo\AppData\Local\Temp" directory move:

C:\Users\Lenovo\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\BIT14F6.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\btsendto_explorer.txt => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CVR2454.tmp.cvr => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CVR4CAF.tmp.cvr => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CVR78F.tmp.cvr => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CVR7BC5.tmp.cvr => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CVRB6A1.tmp.cvr => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CVRF47C.tmp.cvr => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\DMI5E9C.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\DMI5EFA.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\DMI60B0.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\DMI638E.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\Dump.reg => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\EBU8D85.exe => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\EBU95AF.DLL => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\EBUC23A.exe => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\EBUC6AE.EXE => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\EBUD2DD.DLL => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\etilqs_0UjMfknEj0qgTnY => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\etilqs_IGb47ax3kVdZe55 => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\etilqs_KkTvuaPvVdIU4Rb => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\etilqs_rfKEnbqugbze5r4 => Moved successfully.
Could not move "C:\Users\Lenovo\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Lenovo\AppData\Local\Temp\Lenovo.bmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSI11bba.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSI176c4.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSI21341.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSI3ae96.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSI5204c.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSI60c20.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSI6e08e.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSIa63d.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSIc6631.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSIdd548.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSIdfe3.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\MSIf3cc1.LOG => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\NitroSysFonts01.dat => Moved successfully.
Could not move "C:\Users\Lenovo\AppData\Local\Temp\NokiaInternetModem_AppStart.lmlog" => Scheduled to move on reboot.
C:\Users\Lenovo\AppData\Local\Temp\preferences => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\TMCCSetup_3.81.11.14_1.exe => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\users00 => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog02.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog03.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog04.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog05.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog06.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog07.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog08.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog09.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog10.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog11.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog12.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmplog13.sqm => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~bt6552.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~bt6DFE.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~bt75EF.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~bt944D.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~btB1E3.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF0430F7199CD06EC6.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF066722F9C159A260.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF0D9E02049EDCBFF7.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF137D99970B62B95B.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF13BA93FF69BFCF33.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF23CFEE182B0766AB.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF2A46713E3287DB90.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF319858B7765D9D6E.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF33DF7B4A018D6662.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF3C7030C117E43AFF.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF3CD8A965C82816FB.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF3E62067542669B08.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF3F450378139B945B.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF4107F875886FACDF.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF43E2D25004537AFA.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF46354E60F8AEB505.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF597C01F616B6F777.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF59E1D2A2D7950214.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF5A7DD8964B94BCC4.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF5B53C21688818EC6.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF64E768D00A80F836.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF7F453FE3262A6351.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF8115048DB2EB89EB.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF81418AA4FCAE380C.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF818434F8AA7FF277.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF83FC5A2C05DC6A60.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF8AE30021E9A3399E.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF8D0A025F5BDA680C.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DF909505EF3873A40A.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFA36743F3A02E2444.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFA7B5B1A3C5D1AA48.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFAE0DF5AD180AC9C0.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFB523677C7B04B3BF.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFB71277A5576BC04F.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFC026087ECFC1582B.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFC5B6C5F533668E28.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFC7A7FCCBCD9F9DC6.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFD9A0718A5755ACE0.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFDB533A6BBFAE9F77.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFE2EB5423DCE5BBE5.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFE9E34AD366F7FCFF.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFF39A998E18E1D109.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~DFF8AB6E27966F05CF.TMP => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fm40AA.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fm489A.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fm5B2F.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fm6540.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fm6DFC.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fm75DD.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fm944B.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fmABD5.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fmB1E1.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fmBA24.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fmBA2F.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fmD58.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~fmF0B1.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ft40A9.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ft4899.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ft5B0F.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ft653F.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ft6DFB.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ft75DC.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ft944A.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ftABD4.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ftB1E0.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ftBA23.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ftBA2E.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ftD57.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ftF0B0.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hm40A8.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hm4888.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hm5B0E.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hm653E.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hm6DDB.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hm75DB.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hm9449.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hmABD3.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hmB1DF.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hmBA1E.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hmBA22.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hmD56.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~hmF0AF.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~tt6551.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~tt6DFD.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~tt75DE.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~tt944C.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\~ttB1E2.tmp => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1940ffc.~lk\0.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1940ffc.~lk\1.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1940ffc.~lk\2.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1940ffc.~lk\3.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1940ffc.~lk\4.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd15c0f34.~lk\0.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd15c0f34.~lk\1.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd15c0f34.~lk\2.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd15c0f34.~lk\3.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd15c0f34.~lk\4.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1590010.~lk\0.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1590010.~lk\1.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1590010.~lk\2.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1590010.~lk\3.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1590010.~lk\4.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1580d0c.~lk\0.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1580d0c.~lk\1.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1580d0c.~lk\2.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1580d0c.~lk\3.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\wrd1580d0c.~lk\4.mdd => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\jquery-1.5.1.min.js => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\jquery-1.8.1.min.js => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\JQueyExtensions.js => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\uninstall_cp.css => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\Uninstall_cp.html => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\cp-bg.png => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\cp_logo.png => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\downBtn.png => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\loader.gif => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\uninstall-bg.png => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\upBtn.png => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\Lenovo\TouchZone\NoteDatas.xml => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.fingerprint => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json => Moved successfully.
Could not move "C:\Users\Lenovo\AppData\Local\Temp" directory. => Scheduled to move on reboot.


=========== Result of Scheduled Files to move ===========

C:\Users\Lenovo\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp\NokiaInternetModem_AppStart.lmlog => Moved successfully.
C:\Users\Lenovo\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

Vše smazáno. Nastala nějaká změna?

Potvrdzujem zmazanie (niekoľkokrát som to prebehol cez Mbam). Navrhujete ešte nejaké čistenie (registry atd.) ? Ak nie tak je problém vyriešený a môžete túto tému uzamknúť.
Veľmi pekne Vám ďakujem. Za všetko

Na odstranění zbytečností (i v registry) použijte CCleaner: http://forum.viry.cz/viewtopic.php?f=46&t=7478 . Jinak je to vše. Nemáte zač!