VIRY.CZ

Dobrý večer
v poslední době mám comp vytížený pořád skoro na 100% alespoň CPU, paměť není tak strašná 70% třeba teď. Je to i když mám spuštěný třeba jen Firefox. Sice mám v oblibě hodně rozšíření (každej máme nějakou úchylku, no), ale stejně ve správci souborů Firefox spotřebuje 16% CPU a asi 390 Mb (Thinkpad T420 z bazaru, 2 jádro I5, 4G paměti) Mám obavy, že to není jen Firefox. Mrkli by jste se mi na to? Děkuji.

RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by T420 at 2015-03-13 23:05:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 75 GB (61%) free of 122 GB
Total RAM: 3979 MB (23% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 33361952
\??\C:\Windows\system32\conhost.exe "1313275576-202983862-1310246132-75559021656576586920394872212051271544-331153302
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe"
"C:\Program Files (x86)\Cobian Backup 11\cbService.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe" --service
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe"
"C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe"
"C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe" servicemode
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe" -Embedding
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
taskeng.exe {68086CBA-FC97-4125-B80F-1D50DAB958DD}
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {38E7B19B-D4BD-49DD-8F63-04DB55B3AB91}
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
taskeng.exe {45C61194-959D-49F2-AA50-D06D5BBACFFE}
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.FullScreenMagnifier
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4ee6807d-dd71-4ae4-8b0c-8b7078582fd1 -SystemEventPortName:HostProcess-1f614a8d-70d1-4888-bd41-1a8206ebe5a7 -IoCancelEventPortName:HostProcess-416ee00e-5cd9-4d6b-901a-5c7af6565c05 -NonStateChangingEventPortName:HostProcess-2ceff193-acfc-4cd7-874e-b154c14ba2fa -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2cf52ef2-9d7d-4f11-9c0b-ef693094c3e4 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-66f62d59-ff3b-4188-8ca9-7197c28839a7 -SystemEventPortName:HostProcess-d74c0504-d2b7-40a7-9f94-66a7787f014d -IoCancelEventPortName:HostProcess-e85335b3-38ec-45ff-ae8e-b92ec2704df2 -NonStateChangingEventPortName:HostProcess-ce1e16fe-29dc-4f4e-88c7-74c79f266708 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:79ba9880-7370-4643-b7e6-e88ce3d27bd6 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-85e67c8d-b35d-4703-a51d-ddf1119dfe46 -SystemEventPortName:HostProcess-573c75e4-ee51-4fcc-9751-4445fc58d68e -IoCancelEventPortName:HostProcess-351060bd-d3a4-4d39-a35b-ca7e389fc725 -NonStateChangingEventPortName:HostProcess-5806fb58-7e66-4688-ad95-2bdc4016e61d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:eeaf3199-03e9-435c-a723-60775eaf51e2 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe"
"C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe" /start
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe" 30
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe"
"C:\Program Files\Lenovo\Password Manager\password_manager.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe"
"C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE"
"C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe"
"C:\Program Files\Lenovo\Lenovo Mouse Suite\Pelmiced.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hlídač katastru\DRM.WinKlient.exe" -h
"C:\Program Files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
taskmgr.exe /3
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe"
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
"C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe" -silentExitIfNotFirst
"C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "0x1a48_0x19dc_0xc376d612"
"C:\Windows\system32\wuauclt.exe" /RunHandlerComServer

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 900 904 912 65536 908
"C:\Users\T420\Desktop\Security and utils\RSITx64.exe"
"C:\Windows\system32\wermgr.exe" "-outproc" "6588" "5648"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot

=========Mozilla firefox=========

ProfilePath - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\extensions\
cookiemgr@jayapal.com
https-everywhere@eff.org
staged
{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
{5384767E-00D9-40E9-B72F-9CC39D655D6F}
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\searchplugins\
duckduckgo.xml
php-manual.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-14 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-14 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2015-02-20 63776]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2014-02-17 384344]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-05-29 60920]
"ALCKRESI.EXE"=C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [2013-04-15 388600]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-30 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-30 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-30 442352]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-02-16 1297624]
"Daemon for Mouse Suite"=C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [2013-03-26 87040]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-01-31 3860304]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2015-01-31 5456720]
"PasswordManager"=C:\Program Files\Lenovo\Password Manager\password_manager.exe [2015-02-20 1792800]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-11-21 36352]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-02 2823848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-06-27 1516496]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"PeerBlock"=C:\Program Files\PeerBlock\peerblock.exe [2014-01-14 2513992]
"HlidacKatastru"=C:\Program Files (x86)\Hlídač katastru\DRM.WinKlient.exe [2014-05-16 2268672]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
"SoftonicAssistant"=C:\Users\T420\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [2014-11-11 1829832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-30 55808]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-26 5227112]
"Nástroj WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [2012-09-06 1688008]
"Nástroj WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2012-09-19 5236664]
"RemoteControl"=C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2006-07-12 29696]
"LanguageShortcut"=C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [2006-05-18 49152]
"MobileAccess"=C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [2013-01-23 155864]
"ACWLIcon"=C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe [2015-02-20 198944]
"ACTray"=C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe [2015-02-20 432416]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2015-03-02 136992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-01 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-13 23:05:30 ----D---- C:\Program Files\trend micro
2015-03-13 23:05:28 ----D---- C:\rsit
2015-03-13 22:55:34 ----D---- C:\Windows\erdnt
2015-03-13 22:54:12 ----SD---- C:\32788R22FWJFW
2015-03-12 22:55:02 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-12 22:54:58 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-07 18:39:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-02 00:28:25 ----D---- C:\ProgramData\Synaptics
2015-03-02 00:28:25 ----A---- C:\Windows\SYSWOW64\SynCom.dll
2015-03-02 00:28:25 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-02 00:28:25 ----A---- C:\Windows\system32\SynTPCo20.dll
2015-03-02 00:28:25 ----A---- C:\Windows\system32\SynTPAPI.dll
2015-03-02 00:28:25 ----A---- C:\Windows\system32\drivers\SynTP.sys
2015-03-02 00:28:25 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2015-03-01 23:57:44 ----D---- C:\Windows\system32\hotspot
2015-03-01 23:51:01 ----D---- C:\Users\T420\AppData\Roaming\Intel Corporation
2015-03-01 23:37:07 ----D---- C:\ProgramData\SlimWare Utilities, Inc
2015-03-01 23:34:29 ----D---- C:\ProgramData\SlimWare Utilities Inc
2015-03-01 23:33:17 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2015-03-01 23:32:23 ----D---- C:\Program Files (x86)\SlimDrivers
2015-03-01 21:47:34 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-02-20 01:37:38 ----A---- C:\Windows\system32\SET5F91.tmp
2015-02-20 01:37:38 ----A---- C:\Windows\system32\SET5F23.tmp
2015-02-20 01:37:38 ----A---- C:\Windows\system32\SET5E19.tmp
2015-02-20 01:37:38 ----A---- C:\Windows\system32\drivers\SET5CE0.tmp
2015-02-20 01:36:49 ----D---- C:\Program Files\Common Files\SPBA
2015-02-20 01:36:46 ----D---- C:\Program Files\ThinkVantage Fingerprint Software
2015-02-20 01:22:18 ----D---- C:\ProgramData\Intel
2015-02-20 01:21:45 ----D---- C:\Program Files\Common Files\Intel
2015-02-20 01:21:36 ----D---- C:\Program Files (x86)\Cisco
2015-02-20 01:18:57 ----D---- C:\Users\T420\AppData\Roaming\Lenovo
2015-02-20 01:12:25 ----A---- C:\Windows\system32\SETF386.tmp
2015-02-20 01:12:25 ----A---- C:\Windows\system32\SETE88C.tmp
2015-02-20 01:11:37 ----A---- C:\Windows\launchpw.cmd
2015-02-20 01:10:47 ----A---- C:\Windows\Delfg.cmd
2015-02-20 01:10:26 ----A---- C:\Windows\systemtype.txt
2015-02-20 01:10:13 ----A---- C:\Windows\SYSWOW64\mfcm110u.dll
2015-02-20 01:10:13 ----A---- C:\Windows\SYSWOW64\mfcm110.dll
2015-02-20 01:10:13 ----A---- C:\Windows\SYSWOW64\mfc110u.dll
2015-02-20 01:10:12 ----A---- C:\Windows\SYSWOW64\mfc110.dll
2015-02-20 01:06:31 ----D---- C:\ProgramData\Intel(R) Update Manager
2015-02-20 01:04:11 ----D---- C:\Program Files\Intel Corporation
2015-02-20 00:58:53 ----SHD---- C:\Config.Msi
2015-02-20 00:33:20 ----A---- C:\Windows\system32\powertracker.dll
2015-02-20 00:33:19 ----A---- C:\Windows\system32\wdi.dll
2015-02-20 00:33:19 ----A---- C:\Windows\system32\perftrack.dll
2015-02-20 00:33:18 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-16 21:40:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-16 21:40:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-16 21:40:53 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-16 21:40:53 ----A---- C:\Windows\system32\jscript9.dll
2015-02-15 23:40:37 ----A---- C:\Windows\system32\invagent.dll
2015-02-15 23:40:37 ----A---- C:\Windows\system32\generaltel.dll
2015-02-15 23:40:37 ----A---- C:\Windows\system32\appraiser.dll
2015-02-15 23:40:37 ----A---- C:\Windows\system32\aeinv.dll
2015-02-15 23:40:36 ----A---- C:\Windows\system32\devinv.dll
2015-02-15 23:40:36 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-15 23:40:35 ----A---- C:\Windows\system32\aepic.dll
2015-02-15 23:40:35 ----A---- C:\Windows\system32\aepdu.dll
2015-02-15 23:40:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-15 23:40:26 ----A---- C:\Windows\system32\schannel.dll
2015-02-15 23:40:25 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-15 23:40:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-15 23:40:25 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-15 23:40:25 ----A---- C:\Windows\system32\kerberos.dll
2015-02-15 23:40:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-15 23:40:24 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-15 23:40:24 ----A---- C:\Windows\system32\wdigest.dll
2015-02-15 23:40:24 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-15 23:40:24 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-15 23:40:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-15 23:40:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-15 23:40:23 ----A---- C:\Windows\system32\credssp.dll
2015-02-15 23:39:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-15 23:39:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-15 23:39:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-15 23:39:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-15 23:39:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-15 23:39:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-15 23:39:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-15 23:39:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-15 23:39:45 ----A---- C:\Windows\system32\iernonce.dll
2015-02-15 23:39:45 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-15 23:39:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-15 23:39:44 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-15 23:39:44 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-15 23:39:44 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-15 23:39:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-15 23:39:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-15 23:39:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-15 23:39:42 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-15 23:39:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-15 23:39:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-15 23:39:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-15 23:39:41 ----A---- C:\Windows\system32\urlmon.dll
2015-02-15 23:39:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-15 23:39:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-15 23:39:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-15 23:39:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-15 23:39:40 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-15 23:39:40 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-15 23:39:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-15 23:39:38 ----A---- C:\Windows\system32\iesetup.dll
2015-02-15 23:39:38 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-15 23:39:35 ----A---- C:\Windows\system32\iertutil.dll
2015-02-15 23:39:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-15 23:39:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-15 23:39:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-15 23:39:33 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-15 23:39:33 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-15 23:39:32 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-15 23:39:31 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-15 23:39:30 ----A---- C:\Windows\system32\ieui.dll
2015-02-15 23:39:29 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-15 23:39:29 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-15 23:39:29 ----A---- C:\Windows\system32\ieframe.dll
2015-02-15 23:39:24 ----A---- C:\Windows\system32\vbscript.dll
2015-02-15 23:39:23 ----A---- C:\Windows\system32\wininet.dll
2015-02-15 23:39:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-15 23:39:21 ----A---- C:\Windows\system32\msrating.dll
2015-02-15 23:39:19 ----A---- C:\Windows\system32\mshtml.dll
2015-02-15 23:38:44 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-15 23:38:43 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-15 23:38:34 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-15 23:38:34 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-15 23:38:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-15 23:38:34 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-15 23:38:34 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-15 23:38:34 ----A---- C:\Windows\system32\adtschema.dll
2015-02-15 23:38:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-15 23:38:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-15 23:38:33 ----A---- C:\Windows\system32\sspicli.dll
2015-02-15 23:38:33 ----A---- C:\Windows\system32\secur32.dll
2015-02-15 23:38:33 ----A---- C:\Windows\system32\lsass.exe
2015-02-15 23:38:33 ----A---- C:\Windows\system32\auditpol.exe
2015-02-15 23:38:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-15 23:38:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-15 23:38:32 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-15 23:38:32 ----A---- C:\Windows\system32\msobjs.dll
2015-02-15 23:38:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-15 23:38:31 ----A---- C:\Windows\system32\msaudite.dll
2015-02-15 23:38:03 ----A---- C:\Windows\system32\wintrust.dll
2015-02-15 23:38:03 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-15 23:38:03 ----A---- C:\Windows\system32\crypt32.dll
2015-02-15 23:38:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-15 23:38:01 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-15 23:38:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-15 23:37:02 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-15 23:37:02 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-15 23:35:51 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-15 23:35:51 ----A---- C:\Windows\system32\scesrv.dll
2015-02-15 23:35:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-15 23:35:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-15 23:35:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-15 23:35:31 ----A---- C:\Windows\system32\srcore.dll
2015-02-15 23:35:30 ----A---- C:\Windows\system32\rstrui.exe
2015-02-15 23:35:29 ----A---- C:\Windows\system32\srclient.dll
2015-02-15 23:35:28 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-15 23:33:39 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-03-13 23:05:30 ----RD---- C:\Program Files
2015-03-13 23:05:24 ----D---- C:\Windows\Temp
2015-03-13 22:55:34 ----D---- C:\Windows
2015-03-13 22:31:17 ----D---- C:\Windows\system32\MRT
2015-03-13 22:31:13 ----D---- C:\Windows\debug
2015-03-13 22:29:48 ----A---- C:\Windows\system32\MRT.exe
2015-03-13 22:27:06 ----D---- C:\Windows\winsxs
2015-03-13 22:20:37 ----D---- C:\Windows\System32
2015-03-13 22:20:36 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 22:18:18 ----D---- C:\Windows\SysWOW64
2015-03-13 22:17:00 ----SHD---- C:\System Volume Information
2015-03-13 22:10:10 ----D---- C:\Windows\system32\config
2015-03-13 22:03:00 ----D---- C:\ProgramData\Spyware Terminator
2015-03-13 21:56:38 ----D---- C:\Windows\system32\drivers
2015-03-13 21:56:37 ----D---- C:\Windows\inf
2015-03-13 21:54:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-13 00:34:46 ----D---- C:\Program Files (x86)\Password Safe
2015-03-12 23:27:11 ----D---- C:\Windows\system32\Tasks
2015-03-12 23:27:11 ----D---- C:\Program Files (x86)\Opera
2015-03-12 22:51:46 ----D---- C:\Windows\system32\catroot2
2015-03-07 23:30:41 ----D---- C:\Program Files (x86)\PSPad editor
2015-03-07 23:16:09 ----RD---- C:\Program Files (x86)
2015-03-07 23:16:09 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2015-03-07 11:05:21 ----N---- C:\Windows\system32\MpSigStub.exe
2015-03-07 00:48:42 ----D---- C:\Windows\system32\NDF
2015-03-03 01:08:19 ----D---- C:\Windows\Prefetch
2015-03-03 01:08:13 ----D---- C:\Program Files\HeidiSQL
2015-03-02 17:55:55 ----D---- C:\Windows\rescache
2015-03-02 16:28:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-02 16:19:30 ----D---- C:\Windows\system32\catroot
2015-03-02 16:18:03 ----SHD---- C:\Windows\Installer
2015-03-02 16:17:52 ----D---- C:\Program Files\Intel
2015-03-02 16:17:52 ----D---- C:\Program Files (x86)\Intel
2015-03-02 16:16:39 ----D---- C:\Windows\system32\DriverStore
2015-03-02 16:16:18 ----D---- C:\Windows\SYSWOW64\drivers
2015-03-02 16:15:43 ----A---- C:\Windows\SYSWOW64\log.txt
2015-03-02 15:41:29 ----D---- C:\DRIVERS
2015-03-02 00:28:25 ----HD---- C:\ProgramData
2015-03-02 00:28:07 ----A---- C:\Windows\system32\SynCOM.dll
2015-03-01 23:53:27 ----D---- C:\Program Files (x86)\Common Files
2015-03-01 23:51:58 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-03-01 23:39:45 ----A---- C:\Windows\system32\PROUnstl.exe
2015-03-01 23:33:51 ----D---- C:\Windows\Tasks
2015-02-22 21:02:17 ----D---- C:\Windows\tracing
2015-02-22 20:43:22 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-22 20:43:22 ----D---- C:\Windows\system32\en-US
2015-02-20 01:45:03 ----RSD---- C:\Windows\assembly
2015-02-20 01:45:03 ----D---- C:\Windows\Microsoft.NET
2015-02-20 01:43:46 ----RSD---- C:\Windows\Media
2015-02-20 01:43:32 ----N---- C:\Windows\PWMBTHLV.EXE
2015-02-20 01:39:54 ----D---- C:\Windows\Downloaded Installations
2015-02-20 01:38:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-20 01:36:49 ----D---- C:\Program Files\Common Files
2015-02-20 01:24:28 ----D---- C:\ProgramData\Package Cache
2015-02-20 01:20:52 ----D---- C:\ProgramData\Lenovo
2015-02-20 01:14:24 ----D---- C:\Program Files (x86)\Lenovo
2015-02-20 01:10:45 ----D---- C:\Program Files\Lenovo
2015-02-20 01:10:38 ----D---- C:\Windows\Help
2015-02-20 00:31:00 ----D---- C:\ProgramData\Oracle
2015-02-20 00:22:09 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-02-20 00:20:21 ----D---- C:\Program Files (x86)\Java
2015-02-16 16:30:07 ----D---- C:\Users\T420\AppData\Roaming\vlc
2015-02-16 03:30:48 ----SD---- C:\Windows\system32\CompatTel
2015-02-16 03:30:46 ----D---- C:\Windows\system32\appraiser
2015-02-16 03:30:41 ----D---- C:\Windows\system32\cs-CZ
2015-02-16 03:30:38 ----D---- C:\Program Files\Internet Explorer
2015-02-16 03:30:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-16 03:29:52 ----D---- C:\Windows\PolicyDefinitions
2015-02-15 23:16:59 ----D---- C:\Program Files (x86)\Spyware Terminator

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-14 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-14 267632]
R0 DzHDD64;DzHDD64; C:\Windows\System32\DRIVERS\DzHDD64.sys [2014-11-14 29512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-05-30 569152]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-21 28008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496]
R0 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2014-06-27 231376]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-14 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-14 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-14 436624]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-01-30 20184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-01-30 792648]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-01-30 45880]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 Ext2Fsd;Linux ext2 file system driver; C:\Windows\system32\drivers\Ext2Fsd.sys [2014-05-11 769304]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2015-01-15 26528]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-01-30 104608]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2013-05-22 15472]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2014-11-14 20736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-14 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-14 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-14 116728]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-06-29 51496]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2014-03-25 1588440]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2015-03-01 495376]
R3 ecnssndis; Mobile Broadband Driver; C:\Windows\System32\Drivers\wwuss64.sys [2011-06-13 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter; C:\Windows\System32\Drivers\wwussf64.sys [2011-06-13 30248]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2010-08-05 218624]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-01 5363200]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-07 342528]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2015-02-20 25528]
R3 l36wgps; Mobile Broadband GPS Port; C:\Windows\system32\DRIVERS\l36wgps64.sys [2011-07-01 101416]
R3 Mbm3CBus;F5521gw Mobile Broadband Device (WDM); C:\Windows\system32\DRIVERS\Mbm3CBus.sys [2011-04-29 419400]
R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM); C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [2011-04-29 430664]
R3 Mbm3mdfl; Mobile Broadband Modem Port Filter; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [2011-04-29 19528]
R3 Mbm3Mdm; Mobile Broadband Modem Port Driver; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [2011-04-29 483400]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-11-10 129312]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2014-07-01 11524096]
R3 phidmice;USB Mouse Low Filter WU Driver; C:\Windows\system32\DRIVERS\phidmice.sys [2013-03-26 34816]
R3 pmouself;Mouse Suite WU Driver; C:\Windows\system32\DRIVERS\pmouself.sys [2013-03-26 23040]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2014-07-19 40248]
R3 pvendrlf;Mouse Suite I/O WU Driver; C:\Windows\system32\DRIVERS\pvendrlf.sys [2013-03-26 12288]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-02 32936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-02 567464]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 usb3Hub;UoIP Hub; C:\Windows\system32\DRIVERS\usb3Hub.sys [2015-02-20 206744]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-03-04 166016]
S3 ALSysIO;ALSysIO; \??\C:\Users\T420\AppData\Local\Temp\ALSysIO64.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-02-20 35256]
S3 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-04-18 36600]
S3 pbfilter;pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [2014-01-14 22600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2015-03-13 13920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2015-02-20 133408]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2015-02-20 272672]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-14 50344]
R2 cbVSCService11;Cobian Backup 11 Stínová kopie - Requester; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-02-16 7618952]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2012-06-08 201376]
R2 DirMngr;DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2013-10-07 218112]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-02-20 638880]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-03-02 158496]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-05-29 44024]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-05-27 110128]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-05-29 62456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-03-02 409376]
R2 MacheenService;Macheen Service; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [2013-01-23 29920]
R2 PelService;Session Launcher Service; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [2012-03-13 178688]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-02-20 157088]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 SROSVC;Screen Reading Optimizer Service Program; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2015-02-20 446800]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-01-31 3037520]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 125424]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-05-27 125488]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2015-02-20 1668848]
S2 CAMService;CAM Service; C:\Program Files\Intel\CAM\bin\CAMService.exe [2015-02-20 1243344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-02-16 2265304]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-30 279024]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2015-02-20 319536]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-03-02 887256]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [2015-01-15 619776]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-07 148080]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-02-20 268192]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2015-02-20 1664752]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2015-01-15 49648]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim



V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Dobrý den. Něco to asi udělalo, protože využití procesoru je 20-60% a ne 100%.

Log:
# AdwCleaner v4.112 - Logfile created 14/03/2015 at 11:58:01
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : T420 - T420-PC
# Running from : C:\Users\T420\Desktop\Security and utils\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\T420\AppData\Local\SoftonicAssistant
Folder Deleted : C:\Users\T420\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Folder Deleted : C:\Users\T420\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
File Deleted : C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\bloodyvikings@ffs.bplaced.net.xpi
File Deleted : C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\foxydeal.sqlite

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.1 (x86 cs)


-\\ Google Chrome v41.0.2272.89


-\\ Comodo Dragon v36.1.1.21

[C:\Users\T420\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja

-\\ Opera v28.0.1750.40


*************************

AdwCleaner[R0].txt - [1911 bytes] - [14/03/2015 10:21:16]
AdwCleaner[R1].txt - [1970 bytes] - [14/03/2015 11:45:53]
AdwCleaner[S0].txt - [1840 bytes] - [14/03/2015 11:58:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1899 bytes] ##########

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928

• Upozorneni: tento sken zabere od 30 minut po nekolik hodin

Dobrý večer. tak jsem to provedl. Hodina a půl, bál jsem se, že to bude do půlnoci. Ale ne

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 14.3.2015
Scan Time: 19:42:10
Logfile: mbam_log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.14.04
Rootkit Database: v2015.02.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: T420

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 595363
Time Elapsed: 1 hr, 27 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 4
PUP.Optional.OpenCandy, C:\Users\T420\Downloads\AxCrypt-1.7.3156.0-Setup.exe, , [5b11b2938ffbb77fc7691ef1eb1ba858],
PUP.Optional.Softonic, C:\Users\T420\Downloads\SoftonicDownloader_for_password-safe.exe, , [c8a49aab59316bcb5d70afab887837c9],
PUP.Optional.Softonic, C:\VTRoot\HarddiskVolume2\USERS\T420\Downloads\SoftonicDownloader_for_password-safe.exe, , [0567c283404a26105677154544bc52ae],
PUP.Optional.Softonic.A, G:\instalace_programu\UTILITY\SoftonicDownloader_for_double-driver.exe, , [bcb04005aedc00360c7892b929d835cb],

Physical Sectors: 0
(No malicious items detected)


(end)

Nalezy smazte/presunte do karanteny.

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Dobrý den. Ten soubor jsem nemohl stáhnout i když sem vypnul štíty avastu (jednou jsme to zkusil bez jejich vypnutí) a potom se to pořád chovalo jako by Avast byl aktivní. Vypnul jsem ho v Task manageru a ani pak to nešlo. Nakonec to klaplo v jiném prohlířeči.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by T420 (administrator) on T420-PC on 15-03-2015 16:18:36
Running from C:\Users\T420\Desktop
Loaded Profiles: T420 (Available profiles: T420)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Data Perceptions / PowerProgrammer) C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
() C:\Program Files (x86)\Hlídač katastru\DRM.WinKlient.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\PELMICED.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(Lenovo) C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\T420\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63776 2015-02-20] (Lenovo)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [384344 2014-02-17] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (Lenovo Group Limited)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297624 2015-02-16] (COMODO)
HKLM\...\Run: [Daemon for Mouse Suite] => C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [87040 2013-03-26] (Primax Electronics Ltd.)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-01-31] (Crawler Group)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-01-31] (Crawler Group)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2015-02-20] (Lenovo Group Limited)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-03-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM-x32\...\Run: [Nástroj WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [Nástroj WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [29696 2006-07-12] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [49152 2006-05-18] ()
HKLM-x32\...\Run: [MobileAccess] => C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [155864 2013-01-23] (Lenovo)
HKLM-x32\...\Run: [ACWLIcon] => C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe [198944 2015-02-20] (Lenovo)
HKLM-x32\...\Run: [ACTray] => C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe [432416 2015-02-20] (Lenovo)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2015-03-02] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-3846044139-718595797-3487076637-1000\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2014-06-27] (TrueCrypt Foundation)
HKU\S-1-5-21-3846044139-718595797-3487076637-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-3846044139-718595797-3487076637-1000\...\Run: [HlidacKatastru] => C:\Program Files (x86)\Hlídač katastru\DRM.WinKlient.exe [2268672 2014-05-16] ()
HKU\S-1-5-21-3846044139-718595797-3487076637-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3846044139-718595797-3487076637-1000\...\Run: [SoftonicAssistant] => "C:\Users\T420\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
HKU\S-1-5-21-3846044139-718595797-3487076637-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\MATRIX~1.SCR [3013120 2009-02-09] (KellySoftware)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-14] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-14] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
Hosts: 127.0.0.1 http://www.caslavsko3.loc
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default
FF Homepage: http://www.google.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2014-07-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\searchplugins\duckduckgo.xml [2014-08-14]
FF SearchPlugin: C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\searchplugins\php-manual.xml [2014-07-10]
FF Extension: Advanced Cookie Manager - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\cookiemgr@jayapal.com [2014-12-17]
FF Extension: HTTPS-Everywhere - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\https-everywhere@eff.org [2014-10-22]
FF Extension: Empty Cache Button - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-09-18]
FF Extension: EPUBReader - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-02-16]
FF Extension: FireFTP - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-01-31]
FF Extension: Disconnect - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\2.0@disconnect.me.xpi [2014-07-20]
FF Extension: Ageless - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\2341n4m3@gmail.com.xpi [2014-07-27]
FF Extension: Add Bookmark Here ² - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\abhere2@moztw.org.xpi [2014-07-02]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-07-02]
FF Extension: Selenium IDE: C# Formatters - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\csharpformatters@seleniumhq.org.xpi [2014-07-02]
FF Extension: Firebug - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\firebug@software.joehewitt.com.xpi [2014-07-02]
FF Extension: Bookmarks Checker - check for bad links - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\firefoxbookmarkchecker@everhelper.me.xpi [2014-07-04]
FF Extension: FireLogger - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\firelogger@hildebrand.cz.xpi [2014-07-10]
FF Extension: FirePHP - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\FirePHPExtension-Build@firephp.org.xpi [2014-07-10]
FF Extension: ProxTube - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: Selenium IDE: Java Formatters - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\javaformatters@seleniumhq.org.xpi [2014-07-02]
FF Extension: DuckDuckGo Plus - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-08-14]
FF Extension: Memory Restart - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\memoryrestart@teamextension.com.xpi [2014-09-24]
FF Extension: Open With - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\openwith@darktrojan.net.xpi [2014-07-02]
FF Extension: PHP Developer Toolbar - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\php_dev_bar@php_dev_bar.org.xpi [2014-07-10]
FF Extension: Print Edit - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\printedit@DW-dev.xpi [2014-07-02]
FF Extension: Selenium IDE: Python Formatters - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\pythonformatters@seleniumhq.org.xpi [2014-07-02]
FF Extension: Regular Expressions Tester - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\regexptester@sebastianzartner.ath.cx.xpi [2014-09-24]
FF Extension: Selenium IDE: Ruby Formatters - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\rubyformatters@seleniumhq.org.xpi [2014-07-02]
FF Extension: SQL Inject Me - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\sqlime@security.compass.xpi [2014-11-07]
FF Extension: Wappalyzer - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\wappalyzer@crunchlabz.com.xpi [2014-07-02]
FF Extension: XSS Me - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\xssme@security.compass.xpi [2014-11-07]
FF Extension: Copy As Plain Text - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{1a5dabbd-0e74-41da-b532-a364bb552cab}.xpi [2014-11-07]
FF Extension: Quick Translator - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-07-27]
FF Extension: NoScript - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-02]
FF Extension: Selenium IDE - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2014-07-02]
FF Extension: Video DownloadHelper - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF Extension: Web Developer - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-07-02]
FF Extension: eCleaner - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi [2014-07-10]
FF Extension: Adblock Plus - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-02]
FF Extension: Greasemonkey - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-07-21]
FF Extension: QuickJava - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-07-02]
FF Extension: HackBar - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2014-11-07]
FF Extension: SEOpen - C:\Users\T420\AppData\Roaming\Mozilla\Firefox\Profiles\kj6nswbo.default\Extensions\{ff6bdc07-eed6-4815-ad95-d7938b673ab5}.xpi [2014-07-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-26]
FF HKU\S-1-5-21-3846044139-718595797-3487076637-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2015-02-20]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]
CHR Extension: (Google Drive) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-27]
CHR Extension: (YouTube) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-27]
CHR Extension: (Google Search) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-27]
CHR Extension: (avast! Online Security) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-27]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2015-02-22]
CHR Extension: (Google Wallet) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Gmail) - C:\Users\T420\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-14]
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-14] (AVAST Software)
R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2015-02-20] (Intel® Corporation)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-02-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-02-16] (COMODO)
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2015-02-20] (Lenovo.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2015-03-02] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-03-02] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [29920 2013-01-23] (Macheen)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-02-20] ()
R2 PelService; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [178688 2012-03-13] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [167936 2005-08-08] () [File not signed]
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2015-02-20] (Lenovo Group Limited)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-01-31] (Crawler Group)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [49648 2015-01-15] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
R2 WebUpdate4; C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe [278800 2013-01-16] (Data Perceptions / PowerProgrammer)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-02-20] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-14] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-14] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2015-01-30] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-01-30] (COMODO)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB)
R1 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769304 2014-05-11] (http://www.ext2fsd.com)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [26528 2015-01-15] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-01-30] (COMODO)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
S3 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R3 phidmice; C:\Windows\System32\DRIVERS\phidmice.sys [34816 2013-03-26] (TPMX Electronics Ltd.)
R3 pmouself; C:\Windows\System32\DRIVERS\pmouself.sys [23040 2013-03-26] (TPMX Electronics Ltd.)
R3 pvendrlf; C:\Windows\System32\DRIVERS\pvendrlf.sys [12288 2013-03-26] (TPMX Electronics Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-03-02] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-06-29] (Windows (R) Win 7 DDK provider)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2015-03-15] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2015-02-20] (Windows (R) Win 7 DDK provider)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\T420\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 16:18 - 2015-03-15 16:19 - 00032658 _____ () C:\Users\T420\Desktop\FRST.txt
2015-03-15 16:18 - 2015-03-15 16:18 - 00000000 ____D () C:\FRST
2015-03-15 16:16 - 2015-03-15 16:16 - 00015327 _____ () C:\Users\T420\Desktop\LM.bat
2015-03-15 16:12 - 2015-03-15 16:12 - 00112640 _____ (forum.viry.cz) C:\Users\T420\Desktop\FRSTLauncher.exe
2015-03-15 15:50 - 2015-03-15 15:51 - 02095616 _____ (Farbar) C:\Users\T420\Desktop\FRST64.exe
2015-03-15 15:39 - 2015-03-15 15:39 - 00000021 _____ () C:\Windows\S.dirmngr
2015-03-14 23:42 - 2015-03-14 23:43 - 00285696 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2015-03-14 23:41 - 2015-03-14 23:42 - 00289770 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2015-03-14 23:41 - 2015-03-14 23:41 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-03-14 23:16 - 2015-03-14 23:17 - 05455635 _____ ( ) C:\Users\T420\Downloads\i-free-dvd-to-avi-converter.exe
2015-03-14 22:45 - 2015-03-14 22:45 - 00000000 ____D () C:\Users\T420\AppData\Local\GNU
2015-03-14 22:44 - 2015-03-14 22:44 - 00000000 ____D () C:\Users\T420\AppData\Roaming\.kde
2015-03-14 19:36 - 2015-03-15 15:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-14 19:34 - 2015-03-14 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-14 19:34 - 2015-03-14 19:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-14 19:34 - 2015-03-14 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-14 19:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-14 19:34 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-14 19:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-14 19:28 - 2015-03-14 19:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\T420\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-14 12:41 - 2015-03-14 12:41 - 58447196 _____ (Core Services) C:\Users\T420\Downloads\install-ietester-v0.5.4.exe
2015-03-14 10:21 - 2015-03-14 11:58 - 00000000 ____D () C:\AdwCleaner
2015-03-14 00:55 - 2015-03-14 01:12 - 00000000 ____D () C:\Users\T420\AppData\Roaming\Nero
2015-03-14 00:27 - 2015-03-14 00:29 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-03-14 00:24 - 2015-03-14 00:47 - 00002716 _____ () C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2015-03-14 00:24 - 2015-03-14 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-03-14 00:23 - 2015-03-14 00:25 - 00000000 ____D () C:\ProgramData\Nero
2015-03-13 23:57 - 2015-03-13 23:57 - 59902132 _____ (Oleg N. Scherbakov) C:\Users\T420\Downloads\Nero-9.4.12.3_free-notoolbar.exe
2015-03-13 23:05 - 2015-03-13 23:06 - 00000000 ____D () C:\rsit
2015-03-13 23:05 - 2015-03-13 23:05 - 00000000 ____D () C:\Program Files\trend micro
2015-03-13 22:55 - 2015-03-13 22:55 - 00000000 ____D () C:\Windows\erdnt
2015-03-13 22:54 - 2015-03-13 23:00 - 00000000 ___SD () C:\32788R22FWJFW
2015-03-13 21:54 - 2015-03-15 15:56 - 00001491 _____ () C:\Windows\setupact.log
2015-03-13 21:54 - 2015-03-15 15:38 - 00002616 _____ () C:\Windows\PFRO.log
2015-03-13 21:54 - 2015-03-13 21:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-12 23:16 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-12 23:16 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-12 23:16 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-12 23:16 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-12 23:16 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-12 23:16 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-12 23:16 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-12 23:16 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-12 23:16 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-12 23:16 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-12 23:16 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-12 23:13 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-12 23:13 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-12 23:13 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-12 23:13 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-12 23:13 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-12 23:13 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-12 23:13 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-12 23:13 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-12 23:13 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-12 23:13 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-12 23:13 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-12 23:13 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-12 23:13 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-12 23:13 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-12 23:13 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-12 23:13 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-12 23:13 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-12 23:13 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-12 23:13 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-12 23:13 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-12 23:13 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-12 23:13 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-12 23:13 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-12 23:13 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-12 23:12 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-12 23:12 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-12 23:12 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-12 23:12 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-12 23:12 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-12 23:12 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-12 23:12 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-12 23:12 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-12 23:12 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-12 23:12 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-12 23:12 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-12 23:12 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-12 23:12 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-12 23:12 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-12 23:12 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-12 23:12 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-12 23:12 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-12 23:12 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-12 23:12 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-12 23:12 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-12 23:12 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-12 23:12 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-12 23:12 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-12 23:12 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-12 23:11 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-12 23:11 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-12 23:06 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-12 23:06 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-12 23:06 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-12 23:01 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-12 23:01 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-12 23:00 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-12 23:00 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-12 22:59 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-12 22:59 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-12 22:59 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-12 22:59 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-12 22:59 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-12 22:59 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-12 22:59 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-12 22:59 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-12 22:59 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-12 22:59 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-12 22:59 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-12 22:59 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-12 22:59 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-12 22:59 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-12 22:59 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-12 22:59 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-12 22:59 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-12 22:59 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-12 22:59 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-12 22:58 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-12 22:58 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-12 22:58 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-12 22:58 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-12 22:57 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-12 22:57 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-12 22:56 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-12 22:56 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-12 22:56 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-12 22:56 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-12 22:56 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-12 22:56 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-12 22:56 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-12 22:56 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-12 22:56 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-12 22:56 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-12 22:56 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-12 22:56 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-12 22:56 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-12 22:56 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-12 22:56 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-12 22:56 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-12 22:56 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-12 22:56 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-12 22:56 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-12 22:56 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-12 22:56 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-12 22:56 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-12 22:56 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-12 22:56 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-12 22:56 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-12 22:56 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-12 22:56 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-12 22:56 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-12 22:56 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-12 22:56 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-12 22:56 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-12 22:56 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-12 22:55 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-12 22:55 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-12 22:55 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-12 22:55 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-12 22:55 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-12 22:55 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-12 22:55 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-12 22:55 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-12 22:55 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-12 22:55 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-12 22:55 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-12 22:55 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-12 22:55 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-12 22:55 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-12 22:55 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-12 22:55 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-12 22:55 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-12 22:55 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-12 22:55 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-12 22:55 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-12 22:55 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-12 22:55 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-12 22:55 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-12 22:55 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-12 22:55 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-12 22:55 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-12 22:55 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 22:54 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-07 23:28 - 2015-03-07 23:28 - 00990536 _____ () C:\Users\T420\Downloads\php_enhanced_en.chw
2015-03-07 18:39 - 2015-03-07 18:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-03 00:26 - 2015-03-03 00:26 - 04073656 _____ (Jan Fiala ) C:\Users\T420\Downloads\pspad459inst_cz.exe
2015-03-02 16:17 - 2015-03-15 15:42 - 00127095 _____ () C:\Windows\SysWOW64\Gms.log
2015-03-02 16:16 - 2015-03-02 16:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-02 15:39 - 2015-03-02 15:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-03-02 00:30 - 2015-03-02 00:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-03-02 00:28 - 2015-03-02 00:28 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-02 00:28 - 2015-03-02 00:28 - 00567464 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-03-02 00:28 - 2015-03-02 00:28 - 00405672 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-03-02 00:28 - 2015-03-02 00:28 - 00254632 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-03-02 00:28 - 2015-03-02 00:28 - 00208040 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo20.dll
2015-03-02 00:28 - 2015-03-02 00:28 - 00032936 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-03-02 00:28 - 2015-03-02 00:28 - 00000000 ____D () C:\ProgramData\Synaptics
2015-03-01 23:57 - 2015-03-01 23:57 - 00000000 ____D () C:\Windows\system32\hotspot
2015-03-01 23:56 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-01 23:56 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-01 23:51 - 2015-03-01 23:51 - 00000000 ____D () C:\Users\T420\AppData\Roaming\Intel Corporation
2015-03-01 23:42 - 2015-03-01 23:42 - 00000000 ____D () C:\Users\T420\Intel
2015-03-01 23:37 - 2015-03-01 23:37 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2015-03-01 23:34 - 2015-03-01 23:34 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2015-03-01 23:33 - 2015-03-15 15:47 - 00002832 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2015-03-01 23:33 - 2015-03-15 15:47 - 00000408 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2015-03-01 23:33 - 2015-03-15 15:45 - 00013920 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-03-01 23:33 - 2015-03-01 23:33 - 00000000 ____D () C:\Users\T420\AppData\Local\Downloaded Installers
2015-03-01 23:32 - 2015-03-01 23:33 - 00000000 ____D () C:\Users\T420\AppData\Local\SlimWare Utilities Inc
2015-03-01 23:31 - 2015-03-01 23:31 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-03-01 23:30 - 2015-03-01 23:30 - 00928072 _____ (SlimWare Utilities, Inc.) C:\Users\T420\Downloads\SlimDrivers-setup.exe
2015-03-01 23:23 - 2015-03-12 23:27 - 00003828 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1403827600
2015-03-01 21:47 - 2015-03-01 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-22 20:46 - 2015-02-22 20:46 - 00000000 _____ () C:\Users\T420\AppData\Local\{D7244E79-25D6-4276-B27D-A990FE4ED5C0}
2015-02-20 01:44 - 2015-02-20 01:44 - 00003020 _____ () C:\Windows\System32\Tasks\PMTask
2015-02-20 01:37 - 2014-11-07 17:43 - 00084208 _____ (Lenovo.) C:\Windows\system32\SET5E19.tmp
2015-02-20 01:37 - 2014-11-07 17:43 - 00072432 _____ (Lenovo.) C:\Windows\system32\SET5F91.tmp
2015-02-20 01:37 - 2014-11-07 17:43 - 00060112 _____ (Lenovo.) C:\Windows\system32\Drivers\SET5CE0.tmp
2015-02-20 01:37 - 2014-11-07 17:43 - 00040176 _____ (Lenovo.) C:\Windows\system32\SET5F23.tmp
2015-02-20 01:36 - 2015-02-22 20:43 - 00000000 ____D () C:\Program Files\ThinkVantage Fingerprint Software
2015-02-20 01:36 - 2015-02-20 01:36 - 00000000 ____D () C:\Program Files\Common Files\SPBA
2015-02-20 01:22 - 2015-03-02 16:16 - 00000000 ____D () C:\ProgramData\Intel
2015-02-20 01:21 - 2015-02-20 01:21 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-02-20 01:21 - 2015-02-20 01:21 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-02-20 01:18 - 2015-02-20 01:18 - 00000000 ____D () C:\Users\T420\AppData\Roaming\Lenovo
2015-02-20 01:12 - 2015-02-20 01:12 - 00224496 _____ (Synaptics Incorporated) C:\Windows\system32\SETE88C.tmp
2015-02-20 01:12 - 2015-02-20 01:12 - 00173808 _____ (Synaptics Incorporated) C:\Windows\system32\SETF386.tmp
2015-02-20 01:11 - 2015-02-20 01:11 - 00000146 _____ () C:\Windows\launchpw.cmd
2015-02-20 01:10 - 2015-02-20 01:10 - 04456520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc110u.dll
2015-02-20 01:10 - 2015-02-20 01:10 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc110.dll
2015-02-20 01:10 - 2015-02-20 01:10 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110u.dll
2015-02-20 01:10 - 2015-02-20 01:10 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcm110.dll
2015-02-20 01:10 - 2015-02-20 01:10 - 00001577 _____ () C:\Windows\Delfg.cmd
2015-02-20 01:10 - 2015-02-20 01:10 - 00000006 _____ () C:\Windows\systemtype.txt
2015-02-20 01:09 - 2015-02-20 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2015-02-20 01:07 - 2015-02-20 01:07 - 00003864 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2
2015-02-20 01:07 - 2015-02-20 01:07 - 00003616 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon
2015-02-20 01:06 - 2015-02-20 01:06 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2015-02-20 01:05 - 2015-02-20 01:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_usb3Hub_01009.Wdf
2015-02-20 01:05 - 2015-02-20 01:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iwdbus_01009.Wdf
2015-02-20 01:04 - 2015-02-20 01:04 - 00002022 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2015-02-20 01:04 - 2015-02-20 01:04 - 00002010 _____ () C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2015-02-20 01:04 - 2015-02-20 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-02-20 01:04 - 2015-02-20 01:04 - 00000000 ____D () C:\Program Files\Intel Corporation
2015-02-20 01:01 - 2015-02-20 01:07 - 00033142 _____ () C:\Users\T420\AppData\Local\WiDiSetupLog.20150220.010115.wdl
2015-02-20 00:33 - 2015-02-20 00:33 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-20 00:33 - 2015-02-20 00:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-20 00:33 - 2015-02-20 00:33 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-20 00:33 - 2015-02-20 00:33 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-16 00:29 - 2015-02-16 00:29 - 00067391 _____ () C:\Users\T420\AIDS - děti odsouzené zemřít. Blog - MUDr. Leoš Středa (blog.iDNES.cz).htm
2015-02-16 00:29 - 2015-02-16 00:29 - 00000000 ____D () C:\Users\T420\AIDS - děti odsouzené zemřít. Blog - MUDr. Leoš Středa (blog.iDNES.cz)_soubory
2015-02-15 23:40 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-15 23:40 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-15 23:40 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-15 23:40 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-15 23:40 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-15 23:40 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-15 23:40 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-15 23:40 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-15 23:37 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-15 23:37 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-15 23:35 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-15 23:35 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 16:18 - 2014-09-24 16:05 - 02052844 _____ () C:\Windows\WindowsUpdate.log
2015-03-15 15:47 - 2009-07-14 05:45 - 00032768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-15 15:47 - 2009-07-14 05:45 - 00032768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-15 15:45 - 2014-06-26 23:59 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 15:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-15 15:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SchCache
2015-03-15 15:35 - 2014-06-27 14:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-15 13:23 - 2014-06-27 00:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-14 23:06 - 2014-07-08 23:00 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5DA4BA10-CEFB-401A-9649-3E84724ED38D}
2015-03-14 22:45 - 2014-06-29 23:16 - 00000000 ____D () C:\Users\T420\AppData\Roaming\gnupg
2015-03-14 19:35 - 2014-06-27 01:19 - 00000000 ___RD () C:\Users\T420\Desktop\Security and utils
2015-03-14 19:20 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-14 19:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-14 19:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-14 12:44 - 2014-06-27 01:06 - 00001173 _____ () C:\Users\T420\Desktop\IETester.lnk
2015-03-14 12:14 - 2014-06-27 01:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-14 12:02 - 2009-07-14 05:45 - 00304744 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 01:35 - 2014-09-18 21:55 - 00000000 ____D () C:\Users\T420\AppData\Local\QupZilla
2015-03-13 23:04 - 2014-06-27 16:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 22:38 - 2014-06-26 21:42 - 00000000 ____D () C:\Users\T420\AppData\Local\VirtualStore
2015-03-13 22:29 - 2014-06-27 16:36 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-13 22:03 - 2014-06-29 20:45 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2015-03-13 21:55 - 2009-07-14 06:08 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-13 21:54 - 2014-06-27 00:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-13 00:34 - 2015-01-02 03:43 - 00000000 ____D () C:\Program Files (x86)\Password Safe
2015-03-12 23:19 - 2015-01-14 20:43 - 00007605 _____ () C:\Users\T420\AppData\Local\Resmon.ResmonCfg
2015-03-12 23:12 - 2014-06-27 00:00 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-07 23:30 - 2014-06-27 22:15 - 00000000 ____D () C:\Program Files (x86)\PSPad editor
2015-03-07 23:18 - 2014-06-27 22:15 - 00001896 _____ () C:\Users\T420\Desktop\PSPad.lnk
2015-03-07 23:16 - 2015-01-26 21:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-03-07 21:16 - 2014-07-08 22:30 - 00000000 ____D () C:\Users\T420\AppData\Local\MobileAccess
2015-03-07 11:05 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-07 00:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-07 00:47 - 2015-01-02 03:45 - 00000000 ____D () C:\Users\T420\AppData\Local\PasswordSafe
2015-03-03 01:08 - 2014-06-28 21:57 - 00000000 ____D () C:\Program Files\HeidiSQL
2015-03-03 00:28 - 2014-06-27 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPad editor
2015-03-02 17:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-02 16:28 - 2011-04-12 09:34 - 00739764 _____ () C:\Windows\system32\perfh005.dat
2015-03-02 16:28 - 2011-04-12 09:34 - 00202536 _____ () C:\Windows\system32\perfc005.dat
2015-03-02 16:28 - 2009-07-14 06:13 - 01727956 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-02 16:17 - 2014-06-26 23:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-03-02 16:17 - 2014-06-26 23:11 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-03-02 16:17 - 2014-06-26 22:30 - 00000000 ____D () C:\Program Files\Intel
2015-03-02 00:28 - 2014-06-26 23:06 - 00746664 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-03-01 23:51 - 2014-06-26 22:44 - 01751110 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-01 23:42 - 2014-06-26 21:41 - 00000000 ____D () C:\Users\T420
2015-03-01 23:39 - 2014-06-26 22:32 - 00495376 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2015-03-01 23:39 - 2014-06-26 22:32 - 00403256 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2015-02-22 21:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-20 01:43 - 2014-06-26 23:07 - 02692848 ____N (Lenovo Group Limited) C:\Windows\PWMBTHLV.EXE
2015-02-20 01:43 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-02-20 01:39 - 2014-06-26 22:47 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-02-20 01:38 - 2014-06-26 22:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-20 01:36 - 2014-06-26 22:48 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-02-20 01:24 - 2014-11-19 23:34 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-20 01:20 - 2014-06-26 22:47 - 00000000 ____D () C:\ProgramData\Lenovo
2015-02-20 01:14 - 2014-06-26 22:47 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2015-02-20 01:14 - 2014-06-26 22:47 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-02-20 01:10 - 2014-06-26 23:05 - 00000000 ____D () C:\Program Files\Lenovo
2015-02-20 01:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-02-20 01:05 - 2013-11-11 18:28 - 00035256 _____ (Intel Corporation) C:\Windows\system32\Drivers\intelaud.sys
2015-02-20 01:05 - 2013-11-11 18:28 - 00025528 _____ (Intel Corporation) C:\Windows\system32\Drivers\iwdbus.sys
2015-02-20 01:04 - 2013-06-20 19:36 - 00206744 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\usb3Hub.sys
2015-02-20 00:56 - 2014-06-26 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-02-20 00:37 - 2014-06-26 22:48 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2015-02-20 00:31 - 2014-10-22 19:52 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-20 00:22 - 2014-10-22 19:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-20 00:20 - 2014-10-22 19:52 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-16 16:30 - 2014-11-12 23:30 - 00000000 ____D () C:\Users\T420\AppData\Roaming\vlc
2015-02-16 03:32 - 2014-08-02 22:50 - 00325910 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-02-16 03:30 - 2014-12-16 23:14 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-16 03:30 - 2014-06-27 17:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-16 03:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-15 23:40 - 2014-06-26 23:59 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-15 23:40 - 2014-06-26 23:59 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-15 23:40 - 2014-06-26 23:59 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 23:16 - 2014-06-29 20:45 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator

==================== Files in the root of some directories =======

2014-11-13 01:16 - 2014-11-13 01:32 - 0000298 _____ () C:\Users\T420\AppData\Roaming\FotoSketcher.ini
2014-08-25 09:22 - 2014-08-25 09:22 - 0000281 _____ () C:\Users\T420\AppData\Roaming\GPU MeterV2_Settings.ini
2014-07-09 13:01 - 2014-07-09 13:01 - 0022976 _____ (Intel Corporation) C:\Users\T420\AppData\Roaming\JomCap.dll
2014-08-25 09:22 - 2014-08-25 09:22 - 0001176 _____ () C:\Users\T420\AppData\Roaming\Network Meter_Settings.ini
2014-08-25 09:22 - 2014-08-25 09:22 - 0000016 _____ () C:\Users\T420\AppData\Roaming\Network Meter_Usage.ini
2014-10-14 22:29 - 2014-10-14 23:38 - 0000600 _____ () C:\Users\T420\AppData\Roaming\winscp.rnd
2014-11-08 21:55 - 2014-11-08 21:55 - 0000838 _____ () C:\Users\T420\AppData\Local\recently-used.xbel
2015-01-14 20:43 - 2015-03-12 23:19 - 0007605 _____ () C:\Users\T420\AppData\Local\Resmon.ResmonCfg
2014-06-30 22:25 - 2014-06-30 22:26 - 0014426 _____ () C:\Users\T420\AppData\Local\WiDiSetupLog.20140630.232557.wdl
2014-06-30 22:26 - 2014-06-30 22:28 - 0015349 _____ () C:\Users\T420\AppData\Local\WiDiSetupLog.20140630.232651.wdl
2014-06-30 22:29 - 2014-06-30 22:35 - 0015259 _____ () C:\Users\T420\AppData\Local\WiDiSetupLog.20140630.232906.wdl
2014-11-19 21:52 - 2014-11-19 21:53 - 0015338 _____ () C:\Users\T420\AppData\Local\WiDiSetupLog.20141119.215237.wdl
2014-11-19 23:00 - 2014-11-19 23:02 - 0015349 _____ () C:\Users\T420\AppData\Local\WiDiSetupLog.20141119.230058.wdl
2014-11-19 23:40 - 2014-11-19 23:43 - 0020136 _____ () C:\Users\T420\AppData\Local\WiDiSetupLog.20141119.234008.wdl
2015-02-20 01:01 - 2015-02-20 01:07 - 0033142 _____ () C:\Users\T420\AppData\Local\WiDiSetupLog.20150220.010115.wdl
2015-02-22 20:46 - 2015-02-22 20:46 - 0000000 _____ () C:\Users\T420\AppData\Local\{D7244E79-25D6-4276-B27D-A990FE4ED5C0}

Files to move or delete:
====================
C:\Users\T420\IP_Log_Data.js


Some content of TEMP:
====================
C:\Users\T420\AppData\Local\Temp\Quarantine.exe
C:\Users\T420\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-02 17:49

==================== End Of Log ============================

Hosts mate upraveny schvalne?

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Projdete si doplnky ve FireFoxu a nepouzivane odinstalujte/smazte. Do tech Vam zasahovat nebudu... zjistovat zdravi a reputaci kazdeho, abych Vam smazal rozsireni, ktere pouzivate, se mi nechce. Po aplikovani fixlistu (viz nize) sledujte vytizeni CPU pri spustene i pri vypnute mozille. V pripade stale velkeho vytizeni sledujte, ktere 3 procesy vyuzivaji procesor nejvice - lze to vysledovat v klasickem Task Manageru (spravce uloh) - Ctrl + Shift + Esc, karta Procesy.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-01-31] (Crawler Group)
  HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-01-31] (Crawler Group)
  HKU\S-1-5-21-3846044139-718595797-3487076637-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  S3 ALSysIO; \??\C:\Users\T420\AppData\Local\Temp\ALSysIO64.sys [X]
  
  2015-03-15 16:16 - 2015-03-15 16:16 - 00015327 _____ () C:\Users\T420\Desktop\LM.bat
  2015-03-15 16:12 - 2015-03-15 16:12 - 00112640 _____ (forum.viry.cz) C:\Users\T420\Desktop\FRSTLauncher.exe
  2015-03-14 10:21 - 2015-03-14 11:58 - 00000000 ____D () C:\AdwCleaner
  2015-03-13 23:05 - 2015-03-13 23:06 - 00000000 ____D () C:\rsit
  2015-03-13 23:05 - 2015-03-13 23:05 - 00000000 ____D () C:\Program Files\trend micro
  
  CMD: del "C:\Windows\system32\SET*.tmp"
  2015-02-20 01:37 - 2014-11-07 17:43 - 00084208 _____ (Lenovo.) C:\Windows\system32\SET5E19.tmp
  2015-02-20 01:37 - 2014-11-07 17:43 - 00072432 _____ (Lenovo.) C:\Windows\system32\SET5F91.tmp
  2015-02-20 01:37 - 2014-11-07 17:43 - 00060112 _____ (Lenovo.) C:\Windows\system32\Drivers\SET5CE0.tmp
  2015-02-20 01:37 - 2014-11-07 17:43 - 00040176 _____ (Lenovo.) C:\Windows\system32\SET5F23.tmp
  
  Task: {076B12EF-EA63-41C5-89C6-BBC15A09EA1D} - System32\Tasks\{F599E6D9-054F-4CEE-911D-3CBD037369F9} => pcalua.exe -a G:\instalace_programu\grafické\irfanview_plugins_437_setup.exe -d G:\instalace_programu\grafické
  Task: {0FA31CE2-2C5E-48E7-911C-663A035110A0} - System32\Tasks\{DAEA0FC1-2B1B-4223-B645-695F6912E7BE} => pcalua.exe -a C:\Users\T420\Downloads\i2pinstall_0.9.17_windows.exe -d C:\Users\T420\Downloads
  Task: {2875BA68-628E-49EC-89B1-EFC1EB88D384} - System32\Tasks\{B8C894CE-C758-458E-A89D-89E54933E75C} => pcalua.exe -a C:\Users\T420\Downloads\irfanview_plugins_438_setup.exe -d C:\Users\T420\Downloads
  Task: {67664F50-F0E5-460A-946A-942A4E44B9E5} - System32\Tasks\{A28CA17F-0823-4906-A17B-4918B2734BF5} => pcalua.exe -a C:\Users\T420\Downloads\Quick_n_Easy_FTP_Server_2.6.exe -d C:\Users\T420\Downloads
  Task: {6B9AB8A5-480D-45E5-9978-0F1F6B5C86CB} - System32\Tasks\{F32688EE-49BE-4A69-A3D8-5254F35AFAF2} => pcalua.exe -a "C:\Program Files (x86)\YTD\setup.exe" -d "C:\Program Files (x86)\YTD"
  Task: {712BA3BE-5D15-4758-BDAE-3F8E8BE48EF3} - System32\Tasks\{FAD4CE59-7EA3-4883-AEB4-79375792FDA0} => pcalua.exe -a C:\Users\T420\Downloads\iview438_setup.exe -d C:\Users\T420\Downloads
  Task: {87390D0B-A369-47AF-83D1-83C370A4D28B} - System32\Tasks\{D96C320B-730E-40BF-8262-5D75A822445E} => pcalua.exe -a C:\Users\T420\Downloads\ytd-1.43.exe -d C:\Users\T420\Downloads
  Task: {B035B890-3793-40D0-B0D3-D766E8A32309} - System32\Tasks\{C13BC18B-F0A4-4887-920F-4315FCFDE720} => pcalua.exe -a C:\Users\T420\Downloads\AdobeAIRInstaller.exe -d C:\Users\T420\Downloads
  Task: {DAF6F125-33F5-49E5-8BD4-0A74B29D98FA} - System32\Tasks\{6C896D01-5006-41FC-A4D7-9FFE992D3A99} => pcalua.exe -a C:\Users\T420\Downloads\irfanview_lang_czech.exe -d C:\Users\T420\Downloads
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
  
  Folder: C:\Users\T420\AppData\Local\{D7244E79-25D6-4276-B27D-A990FE4ED5C0}
  Folder: C:\32788R22FWJFW
  EmptyTemp:
  End
  

Dobrý den

Ano, Hosts mám upravený záměrně (kdysi jsem pomáhal s nějakými stránkami a mám tam jejich "lokální" verze)

Windows Defender vypnut

Nad těmi rozšířeními se zamyslím (ale vytížení procesoru firefoxem je kolem 0-4% v task manageru, s pamětí je to horší). Nicméně uvažuju o přikoupení paměti. Ale asi neco vyházím - máte pravdu, že toho polovinu nevyužívám.

Log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by T420 at 2015-03-15 22:23:40 Run:1
Running from C:\Users\T420\Desktop
Loaded Profiles: T420 (Available profiles: T420)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-01-31] (Crawler Group)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-01-31] (Crawler Group)
HKU\S-1-5-21-3846044139-718595797-3487076637-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
S3 ALSysIO; \??\C:\Users\T420\AppData\Local\Temp\ALSysIO64.sys [X]

2015-03-15 16:16 - 2015-03-15 16:16 - 00015327 _____ () C:\Users\T420\Desktop\LM.bat
2015-03-15 16:12 - 2015-03-15 16:12 - 00112640 _____ (forum.viry.cz) C:\Users\T420\Desktop\FRSTLauncher.exe
2015-03-14 10:21 - 2015-03-14 11:58 - 00000000 ____D () C:\AdwCleaner
2015-03-13 23:05 - 2015-03-13 23:06 - 00000000 ____D () C:\rsit
2015-03-13 23:05 - 2015-03-13 23:05 - 00000000 ____D () C:\Program Files\trend micro

CMD: del "C:\Windows\system32\SET*.tmp"
2015-02-20 01:37 - 2014-11-07 17:43 - 00084208 _____ (Lenovo.) C:\Windows\system32\SET5E19.tmp
2015-02-20 01:37 - 2014-11-07 17:43 - 00072432 _____ (Lenovo.) C:\Windows\system32\SET5F91.tmp
2015-02-20 01:37 - 2014-11-07 17:43 - 00060112 _____ (Lenovo.) C:\Windows\system32\Drivers\SET5CE0.tmp
2015-02-20 01:37 - 2014-11-07 17:43 - 00040176 _____ (Lenovo.) C:\Windows\system32\SET5F23.tmp

Task: {076B12EF-EA63-41C5-89C6-BBC15A09EA1D} - System32\Tasks\{F599E6D9-054F-4CEE-911D-3CBD037369F9} => pcalua.exe -a G:\instalace_programu\grafické\irfanview_plugins_437_setup.exe -d G:\instalace_programu\grafické
Task: {0FA31CE2-2C5E-48E7-911C-663A035110A0} - System32\Tasks\{DAEA0FC1-2B1B-4223-B645-695F6912E7BE} => pcalua.exe -a C:\Users\T420\Downloads\i2pinstall_0.9.17_windows.exe -d C:\Users\T420\Downloads
Task: {2875BA68-628E-49EC-89B1-EFC1EB88D384} - System32\Tasks\{B8C894CE-C758-458E-A89D-89E54933E75C} => pcalua.exe -a C:\Users\T420\Downloads\irfanview_plugins_438_setup.exe -d C:\Users\T420\Downloads
Task: {67664F50-F0E5-460A-946A-942A4E44B9E5} - System32\Tasks\{A28CA17F-0823-4906-A17B-4918B2734BF5} => pcalua.exe -a C:\Users\T420\Downloads\Quick_n_Easy_FTP_Server_2.6.exe -d C:\Users\T420\Downloads
Task: {6B9AB8A5-480D-45E5-9978-0F1F6B5C86CB} - System32\Tasks\{F32688EE-49BE-4A69-A3D8-5254F35AFAF2} => pcalua.exe -a "C:\Program Files (x86)\YTD\setup.exe" -d "C:\Program Files (x86)\YTD"
Task: {712BA3BE-5D15-4758-BDAE-3F8E8BE48EF3} - System32\Tasks\{FAD4CE59-7EA3-4883-AEB4-79375792FDA0} => pcalua.exe -a C:\Users\T420\Downloads\iview438_setup.exe -d C:\Users\T420\Downloads
Task: {87390D0B-A369-47AF-83D1-83C370A4D28B} - System32\Tasks\{D96C320B-730E-40BF-8262-5D75A822445E} => pcalua.exe -a C:\Users\T420\Downloads\ytd-1.43.exe -d C:\Users\T420\Downloads
Task: {B035B890-3793-40D0-B0D3-D766E8A32309} - System32\Tasks\{C13BC18B-F0A4-4887-920F-4315FCFDE720} => pcalua.exe -a C:\Users\T420\Downloads\AdobeAIRInstaller.exe -d C:\Users\T420\Downloads
Task: {DAF6F125-33F5-49E5-8BD4-0A74B29D98FA} - System32\Tasks\{6C896D01-5006-41FC-A4D7-9FFE992D3A99} => pcalua.exe -a C:\Users\T420\Downloads\irfanview_lang_czech.exe -d C:\Users\T420\Downloads
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

Folder: C:\Users\T420\AppData\Local\{D7244E79-25D6-4276-B27D-A990FE4ED5C0}
Folder: C:\32788R22FWJFW
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => value deleted successfully.
HKU\S-1-5-21-3846044139-718595797-3487076637-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
ALSysIO => Service deleted successfully.
C:\Users\T420\Desktop\LM.bat => Moved successfully.
C:\Users\T420\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.

========= del "C:\Windows\system32\SET*.tmp" =========


========= End of CMD: =========

"C:\Windows\system32\SET5E19.tmp" => File/Directory not found.
"C:\Windows\system32\SET5F91.tmp" => File/Directory not found.
C:\Windows\system32\Drivers\SET5CE0.tmp => Moved successfully.
"C:\Windows\system32\SET5F23.tmp" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{076B12EF-EA63-41C5-89C6-BBC15A09EA1D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{076B12EF-EA63-41C5-89C6-BBC15A09EA1D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F599E6D9-054F-4CEE-911D-3CBD037369F9} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F599E6D9-054F-4CEE-911D-3CBD037369F9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FA31CE2-2C5E-48E7-911C-663A035110A0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA31CE2-2C5E-48E7-911C-663A035110A0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{DAEA0FC1-2B1B-4223-B645-695F6912E7BE} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DAEA0FC1-2B1B-4223-B645-695F6912E7BE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2875BA68-628E-49EC-89B1-EFC1EB88D384}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2875BA68-628E-49EC-89B1-EFC1EB88D384}" => Key deleted successfully.
C:\Windows\System32\Tasks\{B8C894CE-C758-458E-A89D-89E54933E75C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B8C894CE-C758-458E-A89D-89E54933E75C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67664F50-F0E5-460A-946A-942A4E44B9E5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67664F50-F0E5-460A-946A-942A4E44B9E5}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A28CA17F-0823-4906-A17B-4918B2734BF5} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A28CA17F-0823-4906-A17B-4918B2734BF5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B9AB8A5-480D-45E5-9978-0F1F6B5C86CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B9AB8A5-480D-45E5-9978-0F1F6B5C86CB}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F32688EE-49BE-4A69-A3D8-5254F35AFAF2} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F32688EE-49BE-4A69-A3D8-5254F35AFAF2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{712BA3BE-5D15-4758-BDAE-3F8E8BE48EF3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{712BA3BE-5D15-4758-BDAE-3F8E8BE48EF3}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FAD4CE59-7EA3-4883-AEB4-79375792FDA0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FAD4CE59-7EA3-4883-AEB4-79375792FDA0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87390D0B-A369-47AF-83D1-83C370A4D28B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87390D0B-A369-47AF-83D1-83C370A4D28B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D96C320B-730E-40BF-8262-5D75A822445E} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D96C320B-730E-40BF-8262-5D75A822445E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B035B890-3793-40D0-B0D3-D766E8A32309}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B035B890-3793-40D0-B0D3-D766E8A32309}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C13BC18B-F0A4-4887-920F-4315FCFDE720} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C13BC18B-F0A4-4887-920F-4315FCFDE720}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAF6F125-33F5-49E5-8BD4-0A74B29D98FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAF6F125-33F5-49E5-8BD4-0A74B29D98FA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{6C896D01-5006-41FC-A4D7-9FFE992D3A99} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6C896D01-5006-41FC-A4D7-9FFE992D3A99}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\SlimDrivers Startup.job => Moved successfully.

========================= Folder: C:\Users\T420\AppData\Local\{D7244E79-25D6-4276-B27D-A990FE4ED5C0} ========================

The path is not a directory.

========================= Folder: C:\32788R22FWJFW ========================

2013-08-15 04:57 - 2013-08-15 04:57 - 0041424 _____ () C:\32788R22FWJFW\023.dat
2010-11-26 20:07 - 2010-11-26 20:07 - 0002181 _____ () C:\32788R22FWJFW\023v.dat
2010-02-12 18:55 - 2010-02-12 18:55 - 0000660 _____ () C:\32788R22FWJFW\023w7.dat
2012-11-02 12:01 - 2012-11-02 12:01 - 0001218 _____ () C:\32788R22FWJFW\023w8.dat
2012-02-10 19:12 - 2015-03-13 22:54 - 0000690 _____ () C:\32788R22FWJFW\ActiveDrv.vbs
2015-01-22 16:56 - 2015-01-22 16:56 - 0355411 _____ () C:\32788R22FWJFW\AppDataFile.cfx
2015-01-22 16:56 - 2015-01-22 16:56 - 0042412 _____ () C:\32788R22FWJFW\AppDataFolder.cfx
2000-08-31 01:00 - 2000-08-31 01:00 - 0006760 _____ () C:\32788R22FWJFW\appinit.bad
2009-07-13 16:09 - 2009-07-13 16:09 - 0000602 _____ () C:\32788R22FWJFW\asp.str
2010-04-15 15:11 - 2015-03-13 22:54 - 0004144 _____ () C:\32788R22FWJFW\Assoc.cmd
2011-07-19 21:38 - 2015-03-13 22:54 - 0005194 _____ () C:\32788R22FWJFW\Auto-RC.cmd
2012-06-07 11:56 - 2015-03-13 22:54 - 0004638 _____ () C:\32788R22FWJFW\av.cmd
2010-12-15 16:02 - 2015-03-13 22:54 - 0002933 _____ () C:\32788R22FWJFW\av.vbs
2011-06-26 16:16 - 2015-03-13 22:54 - 0000666 _____ () C:\32788R22FWJFW\AWF.cmd
2015-03-08 22:02 - 2015-03-08 22:02 - 1218420 _____ () C:\32788R22FWJFW\badclsid.c
2012-01-03 10:27 - 2012-01-03 10:27 - 0040960 _____ () C:\32788R22FWJFW\BFE.dat
2013-06-27 19:07 - 2015-03-13 22:54 - 0008564 _____ () C:\32788R22FWJFW\Boot.bat
2010-07-27 09:55 - 2015-03-13 22:54 - 0000875 _____ () C:\32788R22FWJFW\BootDrv.vbs
2012-09-11 15:47 - 2015-03-13 22:54 - 0005343 _____ () C:\32788R22FWJFW\Boot-Rk.cmd
2015-03-01 03:53 - 2015-03-13 22:54 - 0065746 _____ () C:\32788R22FWJFW\c.bat
2009-04-17 10:37 - 2015-03-13 22:54 - 0147456 _____ () C:\32788R22FWJFW\catchme.3XE
2010-10-21 09:45 - 2015-03-13 22:54 - 0001080 _____ () C:\32788R22FWJFW\Catch-sub.cmd
2012-10-13 19:00 - 2015-03-13 22:54 - 0031271 _____ () C:\32788R22FWJFW\CF-Script.cmd
2015-03-08 22:02 - 2015-03-08 22:02 - 0274852 _____ () C:\32788R22FWJFW\clsid.c
2015-03-13 23:00 - 2015-03-13 23:00 - 0302592 _____ (Microsoft Corporation) C:\32788R22FWJFW\cmd.3XE
2011-10-30 12:38 - 2015-03-13 22:54 - 0008216 _____ () C:\32788R22FWJFW\Combobatch.bat
2010-08-19 16:16 - 2010-08-19 16:16 - 0001024 _____ () C:\32788R22FWJFW\Combo-Fix.sys
2000-08-31 01:00 - 2015-03-13 22:54 - 0236032 _____ () C:\32788R22FWJFW\ComboFix-Download.3XE
2011-07-12 14:19 - 2015-03-13 22:54 - 0019312 _____ () C:\32788R22FWJFW\Create.cmd
2015-01-22 16:52 - 2015-01-22 16:52 - 0627931 _____ () C:\32788R22FWJFW\Creg.dat
2014-07-18 20:13 - 2015-03-13 22:54 - 0004628 _____ () C:\32788R22FWJFW\CregC.cmd
2010-04-17 10:21 - 2010-04-17 10:21 - 0000472 _____ () C:\32788R22FWJFW\CregC.dat
2011-06-06 10:52 - 2015-03-13 22:54 - 0101376 _____ () C:\32788R22FWJFW\dd.3XE
2009-05-25 02:59 - 2009-05-25 02:59 - 0007983 _____ () C:\32788R22FWJFW\ddsDo.sed
2013-09-10 17:17 - 2015-03-13 22:54 - 0001996 _____ () C:\32788R22FWJFW\DelClsid.bat
2013-09-10 17:17 - 2015-03-13 22:54 - 0002005 _____ () C:\32788R22FWJFW\DelClsid64.bat
2015-03-13 22:56 - 2015-03-13 22:56 - 0000115 _____ () C:\32788R22FWJFW\desktop.ini
2014-08-28 11:14 - 2014-08-28 11:14 - 0021919 _____ () C:\32788R22FWJFW\DesktopFile.cfx
2010-01-23 06:17 - 2010-01-23 06:17 - 0000046 _____ () C:\32788R22FWJFW\Dnl.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0000746 _____ () C:\32788R22FWJFW\DPF.str
2010-04-18 19:44 - 2015-03-13 22:54 - 0000650 _____ () C:\32788R22FWJFW\DrvRun.vbs
2000-08-31 01:00 - 2015-03-13 22:54 - 0051200 _____ () C:\32788R22FWJFW\dumphive.3XE
2000-08-31 01:00 - 2000-08-31 01:00 - 0000303 _____ () C:\32788R22FWJFW\embedded.sed
2005-10-20 13:02 - 2015-03-13 22:54 - 0163328 _____ () C:\32788R22FWJFW\ERDNT.e_e
2000-08-31 01:00 - 2000-08-31 01:00 - 0002815 _____ () C:\32788R22FWJFW\ERDNTDOS.LOC
2000-08-31 01:00 - 2000-08-31 01:00 - 0003275 _____ () C:\32788R22FWJFW\ERDNTWIN.LOC
2005-10-20 13:00 - 2015-03-13 22:54 - 0394752 _____ () C:\32788R22FWJFW\ERUNT.3XE
2000-08-31 01:00 - 2000-08-31 01:00 - 0004090 _____ () C:\32788R22FWJFW\ERUNT.LOC
2014-07-18 20:03 - 2014-07-18 20:03 - 0018262 _____ () C:\32788R22FWJFW\Exe.reg
2000-08-31 01:00 - 2015-03-13 22:54 - 0052736 _____ () C:\32788R22FWJFW\extract.3XE
2010-09-05 09:52 - 2010-09-05 09:52 - 0000020 _____ () C:\32788R22FWJFW\FavoriteFolder.cfx
2014-01-21 18:13 - 2014-01-21 18:13 - 0013797 _____ () C:\32788R22FWJFW\FavoritesFile.cfx
2012-11-02 12:12 - 2015-03-13 22:54 - 0011766 _____ () C:\32788R22FWJFW\FD-SV.cmd
2010-08-29 21:45 - 2010-08-29 21:45 - 0038901 _____ () C:\32788R22FWJFW\ffdefstr.dll
2012-10-13 23:36 - 2012-10-13 23:36 - 0000480 _____ () C:\32788R22FWJFW\ffext.pif
2000-08-31 01:00 - 2015-03-13 22:54 - 0145920 _____ () C:\32788R22FWJFW\FileKill.3XE
2015-03-08 22:02 - 2015-03-08 22:02 - 0003490 _____ () C:\32788R22FWJFW\files.pif
2010-08-09 21:32 - 2010-08-09 21:32 - 0000677 _____ () C:\32788R22FWJFW\Fin.dat
2014-07-20 19:12 - 2015-03-13 22:54 - 0036477 _____ () C:\32788R22FWJFW\FIND3M.bat
2009-04-20 05:56 - 2015-03-13 22:54 - 0060416 _____ (NirSoft) C:\32788R22FWJFW\firefox.exe
2013-10-03 10:05 - 2015-03-13 22:54 - 0079579 _____ () C:\32788R22FWJFW\FIXLSP.bat
2013-10-03 12:05 - 2015-03-13 22:54 - 0066239 _____ () C:\32788R22FWJFW\FIXLSP64.cmd
2011-07-19 21:38 - 2015-03-13 22:54 - 0001115 _____ () C:\32788R22FWJFW\FKMGen.cmd
2013-08-19 09:32 - 2015-03-13 22:54 - 0010802 _____ () C:\32788R22FWJFW\fl0.bat
2013-06-06 12:20 - 2015-03-13 22:54 - 0006103 _____ () C:\32788R22FWJFW\GetHive.cmd
2000-08-31 01:00 - 2015-03-13 22:54 - 0080412 _____ () C:\32788R22FWJFW\grep.3XE
2000-08-31 01:00 - 2015-03-13 22:54 - 0015360 _____ () C:\32788R22FWJFW\gsar.3XE
2008-11-18 06:15 - 2015-03-13 22:54 - 0417136 _____ (Sysinternals) C:\32788R22FWJFW\handle.3XE
2005-08-15 18:54 - 2015-03-13 22:54 - 0001536 _____ () C:\32788R22FWJFW\hidec.3XE
2009-10-20 10:25 - 2015-03-13 22:54 - 0000954 _____ () C:\32788R22FWJFW\history.bat
2010-07-14 17:44 - 2010-07-14 17:44 - 0074529 _____ () C:\32788R22FWJFW\hwid.pif
2009-04-20 05:56 - 2015-03-13 22:54 - 0060416 _____ (NirSoft) C:\32788R22FWJFW\iexplore.exe
2000-08-31 01:00 - 2000-08-31 01:00 - 0001057 _____ () C:\32788R22FWJFW\image001.gif
2010-09-05 00:07 - 2010-09-05 00:07 - 0000224 _____ () C:\32788R22FWJFW\Imefile.dat
2011-07-14 10:30 - 2015-03-13 22:54 - 0008096 _____ () C:\32788R22FWJFW\Install-RC.cmd
2012-09-12 16:28 - 2012-09-12 16:28 - 0001667 _____ () C:\32788R22FWJFW\iphlpsvc.vista.dat
2012-09-12 16:30 - 2012-09-12 16:30 - 0001735 _____ () C:\32788R22FWJFW\iphlpsvc.w7.dat
2012-11-02 13:52 - 2012-11-02 13:52 - 0002363 _____ () C:\32788R22FWJFW\iphlpsvc.w8.dat
2011-03-09 02:49 - 2015-03-13 22:54 - 0001374 _____ () C:\32788R22FWJFW\katch.cmd
2011-07-14 10:29 - 2015-03-13 22:54 - 0001395 _____ () C:\32788R22FWJFW\Kill-All.cmd
2012-09-03 15:04 - 2015-03-13 22:54 - 0000322 _____ () C:\32788R22FWJFW\KNetSvcs.vbs
2012-05-20 21:05 - 2015-03-13 22:54 - 0000315 _____ () C:\32788R22FWJFW\Ksvchost.vbs
2012-06-25 01:55 - 2015-03-13 22:54 - 0254294 _____ () C:\32788R22FWJFW\Lang.bat
2015-02-09 17:42 - 2015-03-13 22:54 - 3298995 _____ () C:\32788R22FWJFW\List.bat
2015-02-09 02:09 - 2015-03-13 22:54 - 0033632 _____ () C:\32788R22FWJFW\List-B.bat
2014-11-10 16:26 - 2015-03-13 22:54 - 0292529 _____ () C:\32788R22FWJFW\List-C.bat
2015-02-13 08:25 - 2015-03-13 22:54 - 0121899 _____ () C:\32788R22FWJFW\List-D.bat
2013-06-12 23:25 - 2015-03-13 22:54 - 0002556 _____ () C:\32788R22FWJFW\lnkread.vbs
2015-01-03 21:44 - 2015-01-03 21:44 - 0034404 _____ () C:\32788R22FWJFW\LocalAppDataFile.cfx
2015-01-03 21:44 - 2015-01-03 21:44 - 0010296 _____ () C:\32788R22FWJFW\LocalAppDataFolder.cfx
2000-08-31 01:00 - 2000-08-31 01:00 - 0000225 _____ () C:\32788R22FWJFW\LocalService.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0000091 _____ () C:\32788R22FWJFW\LocalServiceNetworkRestricted.dat
2015-01-03 21:44 - 2015-01-03 21:44 - 0004522 _____ () C:\32788R22FWJFW\LocalSettingsFile.cfx
2015-01-03 21:44 - 2015-01-03 21:44 - 0000096 _____ () C:\32788R22FWJFW\LocalSettingsFolder.cfx
2000-08-31 01:00 - 2000-08-31 01:00 - 0000198 _____ () C:\32788R22FWJFW\LocalSystemNetworkRestricted.dat
2009-10-24 23:11 - 2015-03-13 22:54 - 0184320 _____ () C:\32788R22FWJFW\mbr.3XE
2010-08-29 04:30 - 2010-08-29 04:30 - 0002141 _____ () C:\32788R22FWJFW\mbr.chk
2015-03-08 22:02 - 2015-03-08 22:02 - 0007344 _____ () C:\32788R22FWJFW\md5sum.pif
2015-03-08 22:02 - 2015-03-08 22:02 - 0000034 _____ () C:\32788R22FWJFW\md5sum00.pif
2012-07-25 21:26 - 2012-07-25 21:26 - 0279004 _____ () C:\32788R22FWJFW\MDWht.dat
2011-07-28 20:06 - 2015-03-13 22:54 - 0002862 _____ () C:\32788R22FWJFW\MoveIt.bat
2012-02-11 05:48 - 2012-02-11 05:48 - 0008192 _____ () C:\32788R22FWJFW\MpsSvc.dat
2000-08-31 01:00 - 2015-03-13 22:54 - 0011264 _____ () C:\32788R22FWJFW\mtee.3XE
2000-08-31 01:00 - 2000-08-31 01:00 - 0000000 _____ () C:\32788R22FWJFW\mynul.dat
2013-01-31 19:43 - 2013-01-31 19:43 - 0000033 _____ () C:\32788R22FWJFW\MZChanged.dat
2011-08-26 13:38 - 2015-03-13 22:54 - 0008543 _____ () C:\32788R22FWJFW\ncmd.com
2012-10-30 16:56 - 2015-03-13 22:54 - 0067554 _____ () C:\32788R22FWJFW\ND_.bat
2012-10-30 16:57 - 2015-03-13 22:54 - 0018996 _____ () C:\32788R22FWJFW\ND_64.bat
2009-12-24 09:12 - 2009-12-24 09:12 - 0000283 _____ () C:\32788R22FWJFW\ndis_combofix.dat
2010-04-14 11:21 - 2010-04-14 11:21 - 0000520 _____ () C:\32788R22FWJFW\netsvc.bad.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0000159 _____ () C:\32788R22FWJFW\netsvc.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0000481 _____ () C:\32788R22FWJFW\netsvc.vista.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0000525 _____ () C:\32788R22FWJFW\netsvc.xp.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0000088 _____ () C:\32788R22FWJFW\NetworkService.dat
2009-04-20 05:56 - 2015-03-13 22:54 - 0060416 _____ (NirSoft) C:\32788R22FWJFW\nir.pif
2009-04-20 05:56 - 2015-03-13 22:54 - 0060416 _____ (NirSoft) C:\32788R22FWJFW\NirCmd.3XE
2000-08-31 01:00 - 2000-08-31 01:00 - 0032317 _____ () C:\32788R22FWJFW\NirCmd.chm
2009-04-20 05:56 - 2015-03-13 22:54 - 0058880 _____ (NirSoft) C:\32788R22FWJFW\NirCmdC.3XE
2013-07-07 17:43 - 2015-03-13 22:54 - 0049591 _____ () C:\32788R22FWJFW\NT-OS.cmd
2000-08-31 01:00 - 2015-03-13 22:54 - 0000977 _____ () C:\32788R22FWJFW\OSid.vbs
2015-03-08 22:01 - 2015-03-13 22:54 - 0029229 _____ () C:\32788R22FWJFW\P.cmd
2002-09-29 06:01 - 2015-03-13 22:54 - 0180224 _____ () C:\32788R22FWJFW\pausep.3XE
2015-01-03 21:44 - 2015-01-03 21:44 - 0020651 _____ () C:\32788R22FWJFW\PersonalFile.cfx
2014-11-09 19:20 - 2014-11-09 19:20 - 0000643 _____ () C:\32788R22FWJFW\PersonalFolder.cfx
2011-06-26 07:45 - 2015-03-13 22:54 - 0256000 _____ () C:\32788R22FWJFW\pev.3XE
2011-01-28 02:28 - 2015-03-13 22:54 - 0102400 _____ () C:\32788R22FWJFW\pevb.3XE
2009-07-05 20:51 - 2009-07-05 20:51 - 0002992 _____ () C:\32788R22FWJFW\Policies.dat
2010-05-13 09:57 - 2010-05-13 09:57 - 0000064 _____ () C:\32788R22FWJFW\powp.dat
2013-08-16 17:55 - 2013-08-16 17:55 - 0002896 _____ () C:\32788R22FWJFW\Prep.inf
2014-12-30 09:42 - 2014-12-30 09:42 - 0039842 _____ () C:\32788R22FWJFW\ProfilesFile.cfx
2014-10-26 17:16 - 2014-10-26 17:16 - 0002051 _____ () C:\32788R22FWJFW\ProfilesFolder.cfx
2014-10-26 17:13 - 2014-10-26 17:13 - 0012690 _____ () C:\32788R22FWJFW\ProgramsFile.cfx
2014-12-10 15:47 - 2014-12-10 15:47 - 0018313 _____ () C:\32788R22FWJFW\ProgramsFolder.cfx
2000-08-31 01:00 - 2000-08-31 01:00 - 0000404 _____ () C:\32788R22FWJFW\Purity.dat
2006-03-02 16:42 - 2015-03-13 22:54 - 0073728 _____ () C:\32788R22FWJFW\PV.3XE
2006-03-02 16:42 - 2015-03-13 22:54 - 0073728 _____ () C:\32788R22FWJFW\pv.com
2015-03-13 22:58 - 2015-03-13 22:58 - 0000140 _____ () C:\32788R22FWJFW\rar_sfx.cmd
2000-08-31 01:00 - 2000-08-31 01:00 - 0007478 _____ () C:\32788R22FWJFW\RCLink.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0003558 _____ () C:\32788R22FWJFW\REGDACL.sed
2000-08-31 01:00 - 2000-08-31 01:00 - 0009203 _____ () C:\32788R22FWJFW\RegDo.sed
2010-09-16 21:03 - 2010-09-16 21:03 - 0001153 _____ () C:\32788R22FWJFW\region.dat
2013-08-01 18:07 - 2015-03-13 22:54 - 0057411 _____ () C:\32788R22FWJFW\RegScan.cmd
2012-11-02 13:55 - 2015-03-13 22:54 - 0022204 _____ () C:\32788R22FWJFW\RegScan64.cmd
2009-05-01 15:26 - 2015-03-13 22:54 - 0000587 _____ () C:\32788R22FWJFW\restore_pt.vbs
2009-11-14 22:35 - 2015-03-13 22:54 - 0000442 _____ () C:\32788R22FWJFW\Rkey.cmd
2010-11-07 18:20 - 2015-03-13 22:54 - 0208896 _____ () C:\32788R22FWJFW\rmbr.3XE
2012-08-30 22:19 - 2015-03-13 22:54 - 0819857 _____ () C:\32788R22FWJFW\RNullFix64.3XE
2012-10-30 18:43 - 2012-10-30 18:43 - 0000810 _____ () C:\32788R22FWJFW\rogues.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0000287 _____ () C:\32788R22FWJFW\run2.sed
2009-06-10 04:38 - 2009-06-10 04:38 - 0000030 _____ () C:\32788R22FWJFW\Rust.str
1999-11-10 17:00 - 2015-03-13 22:54 - 0038400 _____ () C:\32788R22FWJFW\s0rt.3XE
2000-08-31 01:00 - 2000-08-31 01:00 - 0000329 _____ () C:\32788R22FWJFW\safeboot.dat
2009-06-09 19:25 - 2009-06-09 19:25 - 0001464 _____ () C:\32788R22FWJFW\safeboot.def.dat
2010-11-26 19:53 - 2010-11-26 19:53 - 0000482 _____ () C:\32788R22FWJFW\safeboot.def.vista.dat
2012-11-02 07:25 - 2012-11-02 07:25 - 0000610 _____ () C:\32788R22FWJFW\Safeboot.def.w7.dat
2012-11-02 07:48 - 2012-11-02 07:48 - 0000914 _____ () C:\32788R22FWJFW\Safeboot.def.w8.dat
2000-08-31 01:00 - 2015-03-13 22:54 - 0098816 _____ () C:\32788R22FWJFW\sed.3XE
2014-07-12 05:42 - 2015-03-13 22:54 - 0017606 _____ () C:\32788R22FWJFW\SetEnvmt.bat
2000-08-31 01:00 - 2015-03-13 22:54 - 0066172 _____ () C:\32788R22FWJFW\setpath.3XE
2012-05-23 17:10 - 2012-05-23 17:10 - 0376832 _____ () C:\32788R22FWJFW\ShAccess.dat
2011-06-23 19:52 - 2015-03-13 22:54 - 0004634 _____ () C:\32788R22FWJFW\SnapShot.cmd
2009-05-25 01:52 - 2015-03-13 22:54 - 0520621 _____ () C:\32788R22FWJFW\sqlite3.3XE
2012-05-20 07:53 - 2015-03-13 22:54 - 0002147 _____ () C:\32788R22FWJFW\SRestore.cmd
2015-01-22 16:55 - 2015-01-22 16:55 - 0398938 _____ () C:\32788R22FWJFW\srizbi.md5
2014-10-26 17:14 - 2014-10-26 17:14 - 0009377 _____ () C:\32788R22FWJFW\StartMenuFile.cfx
2014-10-26 17:14 - 2014-10-26 17:14 - 0000651 _____ () C:\32788R22FWJFW\StartMenuFolder.cfx
2015-01-22 16:56 - 2015-01-22 16:56 - 0053857 _____ () C:\32788R22FWJFW\StartUpFile.cfx
2012-11-12 09:48 - 2015-03-13 22:54 - 0021075 _____ () C:\32788R22FWJFW\SuppScan.cmd
2009-11-28 23:42 - 2009-11-28 23:42 - 0011987 _____ () C:\32788R22FWJFW\svc_wht.dat
2000-08-31 01:00 - 2015-03-13 22:54 - 0002176 _____ () C:\32788R22FWJFW\SvcDrv.vbs
2012-06-20 14:03 - 2012-06-20 14:03 - 0000582 _____ () C:\32788R22FWJFW\svchost.dat
2000-08-31 01:00 - 2000-08-31 01:00 - 0000668 _____ () C:\32788R22FWJFW\svchost.vista.dat
2010-11-27 06:12 - 2010-11-27 06:12 - 0000749 _____ () C:\32788R22FWJFW\svchost.vista.x64.dat
2013-06-03 18:06 - 2013-06-03 18:06 - 0001117 _____ () C:\32788R22FWJFW\svchost.w7.dat
2013-06-03 18:06 - 2013-06-03 18:06 - 0001467 _____ () C:\32788R22FWJFW\svchost.w7.x64.dat
2013-07-07 17:57 - 2013-07-07 17:57 - 0001348 _____ () C:\32788R22FWJFW\svchost.w8.dat
2012-11-02 08:03 - 2012-11-02 08:03 - 0001268 _____ () C:\32788R22FWJFW\svchost.w8.x64.dat
2000-08-31 01:00 - 2015-03-13 22:54 - 0518144 _____ (SteelWerX) C:\32788R22FWJFW\swreg.3XE
2000-08-31 01:00 - 2015-03-13 22:54 - 0406528 _____ (SteelWerX) C:\32788R22FWJFW\swsc.3XE
2000-08-31 01:00 - 2015-03-13 22:54 - 0212480 _____ (SteelWerX) C:\32788R22FWJFW\swxcacls.3XE
2000-08-31 01:00 - 2000-08-31 01:00 - 0000276 _____ () C:\32788R22FWJFW\system_ini.dat
1999-11-10 01:00 - 2015-03-13 22:54 - 0035328 _____ () C:\32788R22FWJFW\tail.3XE
2014-11-09 19:22 - 2014-11-09 19:22 - 0009587 _____ () C:\32788R22FWJFW\TemplatesFile.cfx
2014-10-26 17:18 - 2014-10-26 17:18 - 0000183 _____ () C:\32788R22FWJFW\TemplatesFolder.cfx
2009-10-30 06:26 - 2009-10-30 06:26 - 0000633 _____ () C:\32788R22FWJFW\toolbar.sed
2013-07-07 11:36 - 2013-07-07 11:36 - 0003184 _____ () C:\32788R22FWJFW\UndoW7_XP.dat
2012-01-10 02:47 - 2015-03-13 22:54 - 0003987 _____ () C:\32788R22FWJFW\Update-CF.cmd
2012-02-18 20:06 - 2012-02-18 20:06 - 0009098 _____ () C:\32788R22FWJFW\VBR.pif
2011-06-22 09:40 - 2011-06-22 09:40 - 0003819 _____ () C:\32788R22FWJFW\VInfo
2014-07-16 11:40 - 2014-07-16 11:40 - 0023250 _____ () C:\32788R22FWJFW\VInfo2
2011-06-22 09:40 - 2011-06-22 09:40 - 0000557 _____ () C:\32788R22FWJFW\VINFO3
2010-05-10 16:30 - 2010-05-10 16:30 - 0000308 _____ () C:\32788R22FWJFW\Vipev.dat
2015-03-13 22:56 - 2015-03-13 22:53 - 0000006 _____ () C:\32788R22FWJFW\Vista.krl
2010-07-26 20:17 - 2010-07-26 20:17 - 0000440 _____ () C:\32788R22FWJFW\vistaMcode.dat
2014-07-18 19:54 - 2014-07-18 19:54 - 0028164 _____ () C:\32788R22FWJFW\vistareg.dat
2010-06-20 21:05 - 2010-06-20 21:05 - 0007584 _____ () C:\32788R22FWJFW\vun.dat
2010-07-31 10:05 - 2010-07-31 10:05 - 0000244 _____ () C:\32788R22FWJFW\VwinTemp.dacl
2015-03-13 22:56 - 2015-03-13 22:56 - 0000006 _____ () C:\32788R22FWJFW\W6432.dat
2015-03-13 22:56 - 2015-03-13 22:53 - 0000006 _____ () C:\32788R22FWJFW\W7.mac
2010-07-23 21:20 - 2010-07-23 21:20 - 0000440 _____ () C:\32788R22FWJFW\w7Mcode.dat
2014-07-18 19:53 - 2014-07-18 19:53 - 0028646 _____ () C:\32788R22FWJFW\w7reg.dat
2014-07-15 07:31 - 2014-07-15 07:31 - 0032098 _____ () C:\32788R22FWJFW\w8reg.dat
2010-12-11 20:38 - 2015-03-13 22:54 - 0001127 _____ () C:\32788R22FWJFW\Wmi_rem.vbs
2010-07-22 15:14 - 2010-07-22 15:14 - 0000440 _____ () C:\32788R22FWJFW\xpmcode.dat
2013-09-04 19:33 - 2013-09-04 19:33 - 0068035 _____ () C:\32788R22FWJFW\xpreg.dat
2010-02-02 11:41 - 2010-02-02 11:41 - 0013090 _____ () C:\32788R22FWJFW\XPSBoot.reg
2000-08-31 01:00 - 2000-08-31 01:00 - 0023773 _____ () C:\32788R22FWJFW\zDomain.dat
2015-01-22 16:51 - 2015-01-22 16:51 - 0133681 _____ () C:\32788R22FWJFW\zhsvc.dat
2000-08-31 01:00 - 2015-03-13 22:54 - 0068096 _____ () C:\32788R22FWJFW\zip.3XE
2015-03-13 22:54 - 2015-03-13 22:54 - 0000000 ____D () C:\32788R22FWJFW\EN-US
2005-08-15 18:54 - 2015-03-13 22:54 - 0001536 _____ () C:\32788R22FWJFW\EN-US\iexplore.exe
2015-03-13 22:54 - 2015-03-13 22:54 - 0000000 ____D () C:\32788R22FWJFW\License
2009-04-01 01:19 - 2009-04-01 01:19 - 0001070 _____ () C:\32788R22FWJFW\License\Curl - license.txt
2009-04-01 04:38 - 2009-04-01 04:38 - 0000383 _____ () C:\32788R22FWJFW\License\dumphive-license.txt
1996-08-18 19:10 - 1996-08-18 19:10 - 0007385 _____ () C:\32788R22FWJFW\License\EXTRACT.TXT
2007-11-14 20:36 - 2007-11-14 20:36 - 0000212 _____ () C:\32788R22FWJFW\License\FI - license.txt
2011-06-26 07:45 - 2015-03-13 22:54 - 0256000 _____ () C:\32788R22FWJFW\License\firefox.exe
2011-06-26 07:45 - 2015-03-13 22:54 - 0256000 _____ () C:\32788R22FWJFW\License\iexplore.exe
2006-10-31 04:06 - 2006-10-31 04:06 - 0000850 _____ () C:\32788R22FWJFW\License\mtee.txt
2011-08-26 13:38 - 2011-08-26 13:38 - 0008543 _____ () C:\32788R22FWJFW\License\ncmd.cfxxe
2006-04-13 07:06 - 2006-04-13 07:06 - 0039183 _____ () C:\32788R22FWJFW\License\pv_5_2_2.zip
2009-04-01 03:34 - 2009-04-01 03:34 - 0075425 _____ () C:\32788R22FWJFW\License\streamtools.zip
2010-12-19 10:48 - 2015-03-13 22:54 - 0000144 _____ () C:\32788R22FWJFW\License\UnxUtilsDist.com
2009-04-01 19:38 - 2009-04-01 19:38 - 0026383 _____ () C:\32788R22FWJFW\License\UnxUtilsDist.html
2010-12-21 16:32 - 2010-12-21 16:32 - 0000388 _____ () C:\32788R22FWJFW\License\UnxUtilsDist.pif
2009-04-01 01:40 - 2009-04-01 01:40 - 0003412 _____ () C:\32788R22FWJFW\License\Zip - license.txt
2015-03-13 22:54 - 2015-03-13 22:54 - 0000000 ____D () C:\32788R22FWJFW\N_

====== End of Folder: ======

EmptyTemp: => Removed 1.7 GB temporary data.


The system needed a reboot.

==== End of Fixlog 22:24:59 ====

Otevrete spravce uloh (Ctrl + Shift + Esc), karta Vykon a vlevo dole jsou Strankovano a Nestrankovano (v MB). Napiste velikost techto pameti.

Pak prejdete na kartu Procesy, kliknutim na Pamet (soukroma pracovni sada) je seradte od nejvyssiho po nejmensi a napiste 3 procesy, ktere pamet vytezuji nejvice a do jake miry.

stránkováno: 221
nestránkováno: 370

V tomto okamžiku Firefox.exe: 392 000
Explorer.exe 29 000
DRM.Winclient.exe (nebo dwm.exe) střídají se kolem 23 000

Normalne s pocitacem pracujte a kontrolujte stav nestrankovane pameti. I 370 MB je vice nez by melo byt. Za par dni nebo hodin dejte vedet, zda se velikost teto pameti zvysila/snizila a na kolik. Obcas to par restartu vydrzi v norme (do 200 MB), ale pak ji zase neco spatne uvolni, takze sledujte.

Dobrý den

Sledoval jsem to jen párkrát, tohle je domácí komp, kde nemám tolik času ale je to +- bez změny
Teď akutálně spuštěn jen Firefox a je to
Stránkováno 264
Nestránkováno 372

shodil jsem i ten firefox - nevímjeslti to na to může mít vliv ale jako pokus - a je to stejné

Start -> spustit -> eventvwr, vlevo rozkliknete Protokoly systemu Windows, pravej klik na System, vyberte Ulozit vsechny udalosti jako, typ souboru *.evtx, vysledny soubor zabalte a upnete na leteckou postu - link (odkaz na stazeni) dejte do pristi odpovedi.

Hotovo
http://leteckaposta.cz/478541427