prosím o kontrolu logu - přetížené cpu, občas náhlý restart

Zpráva

phermi · #1 Příspěvek od **phermi** » 22 říj 2014 10:12

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr Herman at 2014-10-22 11:05:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 205 GB (83%) free of 247 GB
Total RAM: 3032 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:05:49, on 22.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files\trend micro\Petr Herman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8912 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3871872
\??\C:\Windows\system32\conhost.exe "-997198508878667393875177009-461902897871816583-7605259711552453559-967606522
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
\??\C:\Windows\system32\conhost.exe "623876001480859446-1844878113633685150575872998-576303306-32192234363528675
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k HsfXAudioService
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
"taskhost.exe"
taskeng.exe {59F32CC6-E47A-45CE-810F-72FF3142D1EB}
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\LENOVO\HOTKEY\shtctky.exe
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe"
"C:\Program Files\Lenovo\Zoom\TpScrex.exe"
taskeng.exe {FD9635C7-BA83-46E6-B58B-04DC5C50ACC7}
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
"C:\Program Files\My Lockbox\mylbx.exe" /a
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /SHOWASYNC
"taskhost.exe"
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe"
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -PID:"5456" -RunMxAddonsMgr -UserName:"guest" -AppDataPath:"C:\Users\Petr Herman\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" /prefetch:87E4E14A
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunResMgr -MainFrmIpc:"IPC_M_R_00001550" -UsersFolder:"C:\Users\Petr Herman\AppData\Roaming\Maxthon3\Users\" -UserName:"guest" -AppDataPath:"C:\Users\Petr Herman\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" /prefetch:A9C14CE7
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-normal-0-sp-00001550-0" -MainFrmIpc:"IPC_M_C_00001550" -ResMgrIpc:"IPC_R_C_00001550" -UserName:"guest" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_00001550" -AppDataPath:"C:\Users\Petr Herman\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" /prefetch:6DC8A9CE
taskeng.exe {1CD832FF-10F9-487A-8E1F-0597839722AD}
C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "0x160c_0x12d8_0xbd3f4879"
WicaInventory.exe /apps /fast /ext "exe,sys" /output "C:\Windows\TEMP\CompatTelemetryLogs\WICA_Programs_PHERMI.xml" /log "C:\Windows\TEMP\CompatTelemetryLogs" "C:\Windows\system32\CompatTel"
\??\C:\Windows\system32\conhost.exe "1285511254-177285757-1914154500-423121839146849814166604700814493005271570593743
C:\Windows\system32\msiexec.exe /V
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe"
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-normal-0-sp-00001550-1" -MainFrmIpc:"IPC_M_C_00001550_0004" -ResMgrIpc:"IPC_R_C_00001550_0004" -UserName:"guest" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_00001550_0004" -AppDataPath:"C:\Users\Petr Herman\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" /prefetch:6DC8A9CE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunMxDl -IPC_M_D_NAME:"IPC_M_D_00001550" -IPC_C_D_NAME:"IPC_C_D_000019F0" -IPC_R_D_NAME:"IPC_R_D_00001550" -UpConf:"2" -UpTypes:"WyJibXAiLCAianBlZyIsICJqcGciLCAiZ2lmIiwgInBuZyIsICJ3YXYiLCAicm1hIiwgIm1pZGkiLCAibXAzIiwgIndtYSIsICJhYWMiLCAibXBhIiwgImRvYyIsICJkb2N4IiwgInhscyIsICJ4bHN4IiwgInBwdCIsICJwcHR4IiwgInBwcyIsICJwcHN4IiwgInR4dCIsICJwZGYiLCAid3BzIiwgImVwdWIiLCAib2RmIiwgImFwayJd" -SyEvent:"mxevent_IPC_R_D_00001550" -MxdlConfigFolder:"C:\Users\Petr Herman\AppData\Roaming\Maxthon3\Public\Downloader\" -AppDataPath:"C:\Users\Petr Herman\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" /prefetch:27C674F9
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520

"C:\Users\Petr Herman\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\OAWVDBL.job - C:\Users\Petr Herman\AppData\Roaming\OAWVDBL.exe /infocmdline=CPWvX46f5hIGOY6OxCj5cH+or+yC+Dlnr+s8XR4D93qEG80kVFkKY45S7vUnzVnFjFx50/70KBmbGUHYZTwISKZ8UTej0TOuEy7DuwzOa9Lp3Q8qSzW2QlQh6zCUfds3boIz1gLvgqcHzpLr0YExKlD2LrOkGps7F9iHZDPIT5aNS81g7y/yUv4UykfpwFc456uvijsPXj/8iYMJK63SNAh5mxjMShXv0vI/zcF2HfqdpAJYaLsG27pFGVY19SqpyRinmSCtm6ku+aL9mS8jdhrUywRrI+ys1w4AzI2fyc8+LKLkWFvN7/mePcTrvOrzbpadsfVVP39fEA/HzoS0zQsk9P4+MvxoObwNeMSjY10sAa5dKw+zlTeeTcSYMeXQqfId/raYlMmeXdS+cklU8AvDSVg2ekUvT68J7CoxsYhRUtfn2CnoTiOdOwNmfHeB2ktzwrA2hgiWwXu+BEnmZ4FGDrGYtolpnqtg5J9KjdE+ITT9NegXLCn035NRIeLRqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [2010-02-04 111640]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-05-29 60920]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2014-02-17 384344]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2014-03-14 63832]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2014-09-29 607584]
"mylbx"=C:\Program Files\My Lockbox\mylbx.exe [2013-05-08 2584864]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-13 162584]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-13 386840]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-13 417560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~2\DIGITA~1\DLG.exe [2006-11-03 50688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-13 272896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-09 01:12:34 ----DC---- C:\Program Files\ESET
2015-09-09 01:12:34 ----D---- C:\ProgramData\ESET
2014-10-22 11:05:42 ----DC---- C:\rsit
2014-10-22 11:05:42 ----DC---- C:\Program Files\trend micro
2014-10-22 10:59:41 ----SHDC---- C:\Config.Msi
2014-10-17 03:06:37 ----DC---- C:\1a07ed6190d59251c2a182
2014-10-16 14:55:35 ----A---- C:\Windows\system32\win32k.sys
2014-10-16 14:55:34 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-16 14:55:34 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-16 14:55:34 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 14:55:33 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-16 14:55:33 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 14:55:33 ----A---- C:\Windows\system32\dfshim.dll
2014-10-16 14:55:30 ----A---- C:\Windows\system32\generaltel.dll
2014-10-16 14:55:29 ----A---- C:\Windows\system32\aepdu.dll
2014-10-16 14:55:29 ----A---- C:\Windows\system32\aeinv.dll
2014-10-16 14:55:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-16 14:55:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-16 14:55:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-16 14:55:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 14:55:27 ----A---- C:\Windows\system32\iernonce.dll
2014-10-16 14:55:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-16 14:55:27 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-16 14:55:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-16 14:55:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-16 14:55:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-16 14:55:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-16 14:55:25 ----A---- C:\Windows\system32\urlmon.dll
2014-10-16 14:55:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 14:55:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-16 14:55:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-16 14:55:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-16 14:55:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-16 14:55:24 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-16 14:55:24 ----A---- C:\Windows\system32\iesetup.dll
2014-10-16 14:55:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-16 14:55:24 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-16 14:55:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-16 14:55:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-16 14:55:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-16 14:55:23 ----A---- C:\Windows\system32\iertutil.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-16 14:55:22 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-16 14:55:22 ----A---- C:\Windows\system32\ieui.dll
2014-10-16 14:55:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-16 14:55:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-16 14:55:21 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-16 14:55:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-16 14:55:21 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-16 14:55:21 ----A---- C:\Windows\system32\ieframe.dll
2014-10-16 14:55:20 ----A---- C:\Windows\system32\wininet.dll
2014-10-16 14:55:20 ----A---- C:\Windows\system32\vbscript.dll
2014-10-16 14:55:20 ----A---- C:\Windows\system32\jscript9.dll
2014-10-16 14:55:20 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-16 14:55:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 14:55:19 ----A---- C:\Windows\system32\msrating.dll
2014-10-16 14:55:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-16 14:55:19 ----A---- C:\Windows\system32\mshtml.dll
2014-10-16 14:54:51 ----A---- C:\Windows\system32\msi.dll
2014-10-16 14:54:49 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-16 14:54:39 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-16 14:54:29 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-16 14:54:29 ----A---- C:\Windows\system32\rastls.dll
2014-10-16 14:54:20 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-16 14:54:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-16 14:54:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\winsta.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\winlogon.exe
2014-10-16 14:54:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\termsrv.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-16 14:54:20 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-16 14:54:20 ----A---- C:\Windows\system32\credssp.dll
2014-10-16 14:54:09 ----A---- C:\Windows\system32\mstscax.dll
2014-10-16 14:54:08 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-16 14:54:08 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-16 14:54:08 ----A---- C:\Windows\system32\packager.dll
2014-10-14 13:40:00 ----D---- C:\Program Files (x86)\BlueVoda Website Builder
2014-10-14 13:39:40 ----A---- C:\Windows\BlueVoda Website Builder Setup Log.txt
2014-10-01 15:30:31 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 15:30:31 ----A---- C:\Windows\system32\qdvd.dll
2014-09-27 18:53:41 ----D---- C:\Users\Petr Herman\AppData\Roaming\Cycling '74
2014-09-27 18:53:39 ----D---- C:\Users\Petr Herman\AppData\Roaming\PACE Anti-Piracy
2014-09-27 18:53:39 ----D---- C:\ProgramData\PACE Anti-Piracy
2014-09-27 18:34:53 ----DC---- C:\Program Files\Cycling '74
2014-09-27 18:06:07 ----DC---- C:\Program Files\Common Files\Propellerhead Software
2014-09-27 18:06:06 ----D---- C:\Users\Petr Herman\AppData\Roaming\Ableton
2014-09-24 19:28:29 ----RSHDC---- C:\boot
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\vxblock.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxwave.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxsfs.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxmas.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxinsi64.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxinsa64.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxhpinst.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxdrv.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxcpyi64.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxcpya64.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxafs.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\px.dll
2014-09-24 19:24:32 ----A---- C:\Windows\system32\drivers\psadd.sys
2014-09-24 19:18:57 ----A---- C:\Windows\SYSWOW64\msvcr70.dll
2014-09-24 19:18:57 ----A---- C:\Windows\SYSWOW64\msvcp70.dll
2014-09-24 19:18:57 ----A---- C:\Windows\SYSWOW64\mfc70.dll
2014-09-24 18:06:23 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2014-09-24 14:16:00 ----A---- C:\Windows\system32\rixdicon.dll
2014-09-24 14:16:00 ----A---- C:\Windows\system32\drivers\rixdpx64.sys
2014-09-24 13:13:33 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2014-09-24 13:13:26 ----D---- C:\Program Files (x86)\SlimDrivers
2014-09-24 12:28:13 ----D---- C:\Users\Petr Herman\AppData\Roaming\DRPSu
2014-09-24 10:57:09 ----A---- C:\Windows\delpw64.cmd
2014-09-24 04:01:35 ----DC---- C:\AdwCleaner
2014-09-24 02:11:36 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-09-24 02:11:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-09-24 02:11:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-09-24 02:11:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-09-24 02:11:26 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-24 00:20:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 00:20:51 ----A---- C:\Windows\system32\tzres.dll
2014-09-23 23:53:49 ----A---- C:\Windows\system32\drivers\amdkmafd.sys
2014-09-23 22:58:22 ----A---- C:\Windows\system32\igfxCoIn_v2993.dll
2014-09-23 22:58:20 ----A---- C:\Windows\system32\igfxsrvc.dll
2014-09-23 22:58:17 ----A---- C:\Windows\system32\igfxress.dll
2014-09-23 22:58:13 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2014-09-23 22:58:13 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2014-09-23 22:58:13 ----A---- C:\Windows\system32\igfxcmrt64.dll
2014-09-23 22:58:13 ----A---- C:\Windows\system32\igfxcmjit64.dll
2014-09-23 22:58:00 ----A---- C:\Windows\system32\IccLibDll_x64.dll
2014-09-23 22:58:00 ----A---- C:\Windows\system32\hccutils.dll
2014-09-23 22:33:15 ----D---- C:\Users\Petr Herman\AppData\Roaming\RHEng
2014-09-23 21:48:35 ----D---- C:\Users\Petr Herman\AppData\Roaming\Easeware
2014-09-23 20:03:09 ----DC---- C:\Windows\system32\DRVSTORE

======List of files/folders modified in the last 1 month======

2014-10-22 11:05:47 ----D---- C:\Windows\Prefetch
2014-10-22 11:05:46 ----D---- C:\Windows\Temp
2014-10-22 11:05:42 ----RDC---- C:\Program Files
2014-10-22 10:59:57 ----RD---- C:\Program Files (x86)
2014-10-22 10:59:42 ----SHD---- C:\Windows\Installer
2014-10-22 10:59:41 ----D---- C:\Windows\Tasks
2014-10-22 10:59:41 ----D---- C:\Windows\system32\Tasks
2014-10-22 10:34:54 ----D---- C:\Windows\system32\config
2014-10-22 10:11:21 ----D---- C:\Windows\system32\drivers
2014-10-22 10:07:27 ----D---- C:\Windows\System32
2014-10-22 10:07:27 ----D---- C:\Windows\inf
2014-10-22 10:07:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-22 10:02:28 ----A---- C:\Windows\SYSWOW64\log.txt
2014-10-22 00:18:48 ----SHD---- C:\System Volume Information
2014-10-17 14:00:06 ----D---- C:\Windows\rescache
2014-10-17 13:21:44 ----D---- C:\Windows\Microsoft.NET
2014-10-17 13:18:18 ----RSD---- C:\Windows\assembly
2014-10-17 12:23:35 ----D---- C:\Windows\winsxs
2014-10-17 12:21:11 ----D---- C:\Windows\SysWOW64
2014-10-17 12:21:10 ----SD---- C:\Windows\system32\CompatTel
2014-10-17 12:21:10 ----DC---- C:\Program Files\Internet Explorer
2014-10-17 12:21:10 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-17 12:21:09 ----D---- C:\Windows\system32\en-US
2014-10-17 12:21:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-17 03:03:04 ----D---- C:\Windows\system32\MRT
2014-10-17 03:00:51 ----D---- C:\Windows\debug
2014-10-17 03:00:47 ----A---- C:\Windows\system32\MRT.exe
2014-10-16 14:54:01 ----D---- C:\Windows\system32\catroot
2014-10-16 14:53:49 ----D---- C:\Windows\system32\catroot2
2014-10-14 13:39:40 ----D---- C:\Windows
2014-10-10 05:44:35 ----DC---- C:\Program Files\Lenovo
2014-10-07 20:16:57 ----D---- C:\ProgramData\CanonIJPLM
2014-10-02 15:53:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-30 19:02:18 ----D---- C:\Users\Petr Herman\AppData\Roaming\vlc
2014-09-29 21:15:20 ----DC---- C:\Program Files\Common Files\Microsoft Shared
2014-09-29 21:14:14 ----SD---- C:\ProgramData\Microsoft
2014-09-27 18:53:39 ----HD---- C:\ProgramData
2014-09-27 18:06:07 ----DC---- C:\Program Files\Common Files
2014-09-26 04:45:20 ----D---- C:\Users\Petr Herman\AppData\Roaming\Skype
2014-09-24 22:35:17 ----D---- C:\Program Files (x86)\Lenovo
2014-09-24 22:35:16 ----D---- C:\Windows\Help
2014-09-24 20:06:13 ----D---- C:\Program Files (x86)\Google
2014-09-24 19:35:28 ----D---- C:\Windows\SYSWOW64\drivers
2014-09-24 19:35:26 ----D---- C:\Windows\system32\DriverStore
2014-09-24 19:24:23 ----D---- C:\Windows\Downloaded Installations
2014-09-24 18:12:35 ----DC---- C:\SWTOOLS
2014-09-24 18:03:41 ----DC---- C:\DRIVERS
2014-09-24 12:27:58 ----D---- C:\Windows\Logs
2014-09-24 11:25:20 ----RD---- C:\Program Files (x86)\Skype
2014-09-24 11:24:44 ----D---- C:\Program Files (x86)\Common Files
2014-09-24 11:24:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-09-24 11:00:24 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-24 11:00:24 ----D---- C:\Windows\system32\wbem
2014-09-24 11:00:24 ----D---- C:\Windows\system32\cs-CZ
2014-09-24 11:00:24 ----D---- C:\Windows\PolicyDefinitions
2014-09-24 11:00:24 ----D---- C:\Program Files\Windows Media Player
2014-09-24 11:00:21 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-09-24 10:56:54 ----A---- C:\Windows\systemtype.txt
2014-09-24 04:10:06 ----D---- C:\Windows\SoftwareDistribution
2014-09-24 02:53:21 ----D---- C:\Windows\pss
2014-09-24 01:40:20 ----DC---- C:\Program Files\DIFX
2014-09-24 01:40:20 ----DC---- C:\Program Files\Common Files\System
2014-09-24 01:40:18 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-09-24 01:40:18 ----D---- C:\ProgramData\lenovo
2014-09-24 01:40:15 ----D---- C:\Windows\servicing
2014-09-24 01:40:14 ----D---- C:\Windows\system32\CodeIntegrity
2014-09-24 01:40:12 ----HD---- C:\Windows\system32\WLANProfiles
2014-09-24 01:40:11 ----D---- C:\Windows\registration
2014-09-24 00:51:44 ----D---- C:\Users\Petr Herman\AppData\Roaming\LSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 23944]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2012-11-17 105624]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2013-05-22 15472]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2010-05-10 23736]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-09-03 67072]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-09-03 54784]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-09-03 57856]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2010-12-17 299648]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-05 649216]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2010-04-07 290008]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2010-12-17 1493632]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-13 10629184]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-01-23 8616960]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2014-09-24 40248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-28 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2010-12-17 748160]
S0 amdkmafd;AMD Audio Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmafd.sys [2013-03-14 21600]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 30088]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-05-03 21712]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 27016]
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2014-10-22 16152]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\drivers\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2014-03-14 133464]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2014-03-14 272728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-01-24 915232]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-05-29 44024]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-05-29 62456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2010-02-04 174616]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2014-09-29 616288]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 125424]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-05-27 125488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-02-04 2058776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-05-27 110128]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-17 262320]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-09-03 272776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-03 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 22 říj 2014 17:44

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

phermi · #3 Příspěvek od **phermi** » 22 říj 2014 18:15

# AdwCleaner v4.001 - Report created 22/10/2014 at 19:07:04
# Updated 20/10/2014 by Xplode
# Database : 2014-10-21.1
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Petr Herman - PHERMI
# Running from : C:\Users\Petr Herman\Desktop\adwcleaner_4.001.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Users\Petr Herman\AppData\Roaming\PC Drivers HeadQuarters
Folder Found : C:\Users\Petr Herman\AppData\Roaming\RHEng

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

*************************

AdwCleaner[R5].txt - [1195 octets] - [22/10/2014 19:02:19]
AdwCleaner[R6].txt - [774 octets] - [22/10/2014 19:07:04]
AdwCleaner[S2].txt - [1261 octets] - [22/10/2014 19:05:01]

########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [893 octets] ##########

#4 Příspěvek od **Rudy** » 22 říj 2014 19:23

Dejte nový log RSIT.

phermi · #5 Příspěvek od **phermi** » 22 říj 2014 22:03

Přes den jsem se pokoušel pročistit, zda se povedlo, zatím nevím. Zde aktuální log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr Herman at 2014-10-22 23:01:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 206 GB (83%) free of 247 GB
Total RAM: 3032 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:01:37, on 22.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\Petr Herman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8069 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 30010192
\??\C:\Windows\system32\conhost.exe "-21421504901426237739-660326265-103435831710971699-1043640841-1544002889-703391905
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
\??\C:\Windows\system32\conhost.exe "170431632636690285818956538003552042931393673668-571957521-621581705322338063
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe"
"C:\Program Files\Lenovo\Zoom\TpScrex.exe"
C:\Program Files\LENOVO\HOTKEY\shtctky.exe
taskeng.exe {20EEB3FD-2FD9-446E-89BA-EE6CA0E60FDF}
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
"C:\Program Files\My Lockbox\mylbx.exe" /a
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
C:\Windows\system32\svchost.exe -k HsfXAudioService
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /SHOWASYNC
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {8119991B-8535-49B2-AC63-607C44227229}
C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "0xe74_0x3a4_0x62cf3bc1"

"C:\Users\Petr Herman\Desktop\udrzbapc\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [2010-02-04 111640]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-05-29 60920]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2014-02-17 384344]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2014-03-14 63832]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2014-09-29 607584]
"mylbx"=C:\Program Files\My Lockbox\mylbx.exe [2013-05-08 2584864]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-13 162584]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-13 386840]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-13 417560]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5595336]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2014-05-14 2774936]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-05-14 3681688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-13 272896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\07297893.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\07297893.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-22 21:02:44 ----D---- C:\ProgramData\Sophos
2014-10-22 20:08:56 ----D---- C:\Users\Petr Herman\AppData\Roaming\Spyware Terminator
2014-10-22 20:08:56 ----D---- C:\ProgramData\Spyware Terminator
2014-10-22 20:08:56 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-10-22 20:08:53 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-10-22 20:04:07 ----AC---- C:\TDSSKiller.3.0.0.40_22.10.2014_20.04.07_log.txt
2014-10-22 19:45:27 ----D---- C:\Program Files (x86)\Softwin
2014-10-22 19:29:24 ----D---- C:\ProgramData\F-Secure
2014-10-22 19:02:14 ----DC---- C:\AdwCleaner
2014-10-22 18:48:40 ----D---- C:\Users\Petr Herman\AppData\Roaming\Opera Software
2014-10-22 18:48:32 ----D---- C:\Program Files (x86)\Opera
2014-10-22 18:46:41 ----SHDC---- C:\$RECYCLE.BIN
2014-10-22 18:31:07 ----SDC---- C:\ComboFix
2014-10-22 17:46:10 ----A---- C:\Windows\wininit.ini
2014-10-22 17:20:26 ----A---- C:\Windows\zip.exe
2014-10-22 17:20:26 ----A---- C:\Windows\SWSC.exe
2014-10-22 17:20:26 ----A---- C:\Windows\SWREG.exe
2014-10-22 17:20:26 ----A---- C:\Windows\sed.exe
2014-10-22 17:20:26 ----A---- C:\Windows\PEV.exe
2014-10-22 17:20:26 ----A---- C:\Windows\NIRCMD.exe
2014-10-22 17:20:26 ----A---- C:\Windows\MBR.exe
2014-10-22 17:20:26 ----A---- C:\Windows\grep.exe
2014-10-22 17:19:34 ----DC---- C:\Qoobox
2014-10-22 17:18:51 ----D---- C:\Windows\erdnt
2014-10-22 16:57:07 ----DC---- C:\Program Files\Speccy
2014-10-22 16:29:35 ----D---- C:\Program Files (x86)\Reference Assemblies
2014-10-22 16:29:35 ----D---- C:\Program Files (x86)\MSBuild
2014-10-22 16:29:32 ----D---- C:\Windows\SYSWOW64\XPSViewer
2014-10-22 16:29:31 ----DC---- C:\Program Files\Reference Assemblies
2014-10-22 16:29:31 ----DC---- C:\Program Files\MSBuild
2014-10-22 16:25:30 ----D---- C:\Program Files (x86)\Marcos Velasco Security
2014-10-22 15:55:31 ----AC---- C:\TDSSKiller.3.0.0.40_22.10.2014_15.55.31_log.txt
2014-10-22 15:51:23 ----AC---- C:\TDSSKiller.3.0.0.40_22.10.2014_15.51.23_log.txt
2014-10-22 15:01:58 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2014-10-22 15:01:56 ----D---- C:\ProgramData\RogueKiller
2014-10-22 13:41:54 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-10-22 13:41:40 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-22 12:53:01 ----AC---- C:\autoexec.bat
2014-10-22 12:35:34 ----DC---- C:\Program Files\ESET
2014-10-22 12:35:34 ----D---- C:\ProgramData\ESET
2014-10-22 11:05:42 ----DC---- C:\rsit
2014-10-22 11:05:42 ----DC---- C:\Program Files\trend micro
2014-10-17 03:06:37 ----DC---- C:\1a07ed6190d59251c2a182
2014-10-16 14:55:35 ----A---- C:\Windows\system32\win32k.sys
2014-10-16 14:55:34 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-16 14:55:34 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-16 14:55:34 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 14:55:33 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-16 14:55:33 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 14:55:33 ----A---- C:\Windows\system32\dfshim.dll
2014-10-16 14:55:30 ----A---- C:\Windows\system32\generaltel.dll
2014-10-16 14:55:29 ----A---- C:\Windows\system32\aepdu.dll
2014-10-16 14:55:29 ----A---- C:\Windows\system32\aeinv.dll
2014-10-16 14:55:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-16 14:55:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-16 14:55:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-16 14:55:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-16 14:55:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 14:55:27 ----A---- C:\Windows\system32\iernonce.dll
2014-10-16 14:55:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-16 14:55:27 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-16 14:55:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-16 14:55:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-16 14:55:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-16 14:55:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-16 14:55:25 ----A---- C:\Windows\system32\urlmon.dll
2014-10-16 14:55:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 14:55:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-16 14:55:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-16 14:55:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-16 14:55:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-16 14:55:24 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-16 14:55:24 ----A---- C:\Windows\system32\iesetup.dll
2014-10-16 14:55:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-16 14:55:24 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-16 14:55:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-16 14:55:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-16 14:55:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-16 14:55:23 ----A---- C:\Windows\system32\iertutil.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-16 14:55:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-16 14:55:22 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-16 14:55:22 ----A---- C:\Windows\system32\ieui.dll
2014-10-16 14:55:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-16 14:55:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-16 14:55:21 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-16 14:55:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-16 14:55:21 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-16 14:55:21 ----A---- C:\Windows\system32\ieframe.dll
2014-10-16 14:55:20 ----A---- C:\Windows\system32\wininet.dll
2014-10-16 14:55:20 ----A---- C:\Windows\system32\vbscript.dll
2014-10-16 14:55:20 ----A---- C:\Windows\system32\jscript9.dll
2014-10-16 14:55:20 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-16 14:55:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 14:55:19 ----A---- C:\Windows\system32\msrating.dll
2014-10-16 14:55:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-16 14:55:19 ----A---- C:\Windows\system32\mshtml.dll
2014-10-16 14:54:51 ----A---- C:\Windows\system32\msi.dll
2014-10-16 14:54:49 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-16 14:54:39 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-16 14:54:29 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-16 14:54:29 ----A---- C:\Windows\system32\rastls.dll
2014-10-16 14:54:20 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-16 14:54:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-16 14:54:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\winsta.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\winlogon.exe
2014-10-16 14:54:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\termsrv.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-16 14:54:20 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-16 14:54:20 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-16 14:54:20 ----A---- C:\Windows\system32\credssp.dll
2014-10-16 14:54:09 ----A---- C:\Windows\system32\mstscax.dll
2014-10-16 14:54:08 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-16 14:54:08 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-16 14:54:08 ----A---- C:\Windows\system32\packager.dll
2014-10-14 13:40:00 ----D---- C:\Program Files (x86)\BlueVoda Website Builder
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\epfw.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 08:59:12 ----A---- C:\Windows\system32\drivers\eamonm.sys
2014-10-01 15:30:31 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 15:30:31 ----A---- C:\Windows\system32\qdvd.dll
2014-09-27 18:53:41 ----D---- C:\Users\Petr Herman\AppData\Roaming\Cycling '74
2014-09-27 18:53:39 ----D---- C:\Users\Petr Herman\AppData\Roaming\PACE Anti-Piracy
2014-09-27 18:53:39 ----D---- C:\ProgramData\PACE Anti-Piracy
2014-09-27 18:06:07 ----DC---- C:\Program Files\Common Files\Propellerhead Software
2014-09-27 18:06:06 ----D---- C:\Users\Petr Herman\AppData\Roaming\Ableton
2014-09-24 19:28:29 ----RSHDC---- C:\boot
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\vxblock.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxwave.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxsfs.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxmas.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxinsi64.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxinsa64.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxhpinst.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxdrv.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxcpyi64.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxcpya64.exe
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\pxafs.dll
2014-09-24 19:27:19 ----N---- C:\Windows\SYSWOW64\px.dll
2014-09-24 19:24:32 ----A---- C:\Windows\system32\drivers\psadd.sys
2014-09-24 19:18:57 ----A---- C:\Windows\SYSWOW64\msvcr70.dll
2014-09-24 19:18:57 ----A---- C:\Windows\SYSWOW64\msvcp70.dll
2014-09-24 19:18:57 ----A---- C:\Windows\SYSWOW64\mfc70.dll
2014-09-24 18:06:23 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2014-09-24 14:16:00 ----A---- C:\Windows\system32\rixdicon.dll
2014-09-24 14:16:00 ----A---- C:\Windows\system32\drivers\rixdpx64.sys
2014-09-24 13:13:33 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2014-09-24 12:28:13 ----D---- C:\Users\Petr Herman\AppData\Roaming\DRPSu
2014-09-24 10:57:09 ----A---- C:\Windows\delpw64.cmd
2014-09-24 00:20:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 00:20:51 ----A---- C:\Windows\system32\tzres.dll
2014-09-23 23:53:49 ----A---- C:\Windows\system32\drivers\amdkmafd.sys
2014-09-23 22:58:22 ----A---- C:\Windows\system32\igfxCoIn_v2993.dll
2014-09-23 22:58:20 ----A---- C:\Windows\system32\igfxsrvc.dll
2014-09-23 22:58:17 ----A---- C:\Windows\system32\igfxress.dll
2014-09-23 22:58:13 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2014-09-23 22:58:13 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2014-09-23 22:58:13 ----A---- C:\Windows\system32\igfxcmrt64.dll
2014-09-23 22:58:13 ----A---- C:\Windows\system32\igfxcmjit64.dll
2014-09-23 22:58:00 ----A---- C:\Windows\system32\IccLibDll_x64.dll
2014-09-23 22:58:00 ----A---- C:\Windows\system32\hccutils.dll
2014-09-23 22:33:15 ----D---- C:\Users\Petr Herman\AppData\Roaming\RHEng
2014-09-23 21:48:35 ----D---- C:\Users\Petr Herman\AppData\Roaming\Easeware
2014-09-23 20:03:09 ----DC---- C:\Windows\system32\DRVSTORE

======List of files/folders modified in the last 1 month======

2014-10-22 23:01:35 ----D---- C:\Windows\Temp
2014-10-22 22:53:12 ----D---- C:\Windows\Prefetch
2014-10-22 22:43:20 ----D---- C:\Windows\System32
2014-10-22 22:43:20 ----D---- C:\Windows\inf
2014-10-22 22:43:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-22 22:42:47 ----D---- C:\Windows\system32\config
2014-10-22 22:41:14 ----A---- C:\Windows\SYSWOW64\log.txt
2014-10-22 22:38:49 ----D---- C:\Windows
2014-10-22 22:36:38 ----SHD---- C:\Windows\Installer
2014-10-22 22:36:36 ----RD---- C:\Program Files (x86)
2014-10-22 22:36:00 ----SHD---- C:\System Volume Information
2014-10-22 22:07:51 ----D---- C:\Windows\rescache
2014-10-22 21:02:44 ----HD---- C:\ProgramData
2014-10-22 20:59:16 ----D---- C:\Windows\Tasks
2014-10-22 20:52:55 ----D---- C:\Windows\system32\drivers
2014-10-22 19:45:27 ----D---- C:\Windows\SysWOW64
2014-10-22 18:48:36 ----D---- C:\Windows\system32\Tasks
2014-10-22 18:47:42 ----RDC---- C:\Program Files
2014-10-22 17:57:03 ----D---- C:\Windows\Microsoft.NET
2014-10-22 17:46:13 ----SD---- C:\ProgramData\Microsoft
2014-10-22 17:24:27 ----D---- C:\Windows\Panther
2014-10-22 17:23:44 ----D---- C:\Program Files (x86)\Lenovo
2014-10-22 17:11:45 ----RSD---- C:\Windows\assembly
2014-10-22 17:11:36 ----D---- C:\Windows\Downloaded Installations
2014-10-22 16:30:27 ----D---- C:\Windows\winsxs
2014-10-22 16:29:32 ----D---- C:\Windows\SYSWOW64\wbem
2014-10-22 16:29:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-22 16:29:31 ----RSD---- C:\Windows\Fonts
2014-10-22 16:29:31 ----D---- C:\Windows\system32\wbem
2014-10-22 16:29:31 ----D---- C:\Windows\system32\cs-CZ
2014-10-22 16:28:01 ----DC---- C:\Program Files\Internet Explorer
2014-10-22 16:28:01 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-22 15:39:49 ----DC---- C:\Program Files\Microsoft Games
2014-10-22 15:39:31 ----D---- C:\Windows\system32\spool
2014-10-22 12:59:10 ----D---- C:\Windows\system32\wdi
2014-10-22 12:48:24 ----D---- C:\Windows\pss
2014-10-22 12:36:45 ----D---- C:\Windows\system32\DriverStore
2014-10-22 12:36:45 ----D---- C:\Windows\system32\catroot
2014-10-22 12:28:24 ----D---- C:\Windows\debug
2014-10-17 12:21:10 ----SD---- C:\Windows\system32\CompatTel
2014-10-17 12:21:10 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-17 12:21:09 ----D---- C:\Windows\system32\en-US
2014-10-17 03:03:04 ----D---- C:\Windows\system32\MRT
2014-10-17 03:00:47 ----A---- C:\Windows\system32\MRT.exe
2014-10-16 14:53:49 ----D---- C:\Windows\system32\catroot2
2014-10-10 05:44:35 ----DC---- C:\Program Files\Lenovo
2014-10-07 20:16:57 ----D---- C:\ProgramData\CanonIJPLM
2014-10-02 15:53:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-30 19:02:18 ----D---- C:\Users\Petr Herman\AppData\Roaming\vlc
2014-09-29 21:15:20 ----DC---- C:\Program Files\Common Files\Microsoft Shared
2014-09-27 18:06:07 ----DC---- C:\Program Files\Common Files
2014-09-26 04:45:20 ----D---- C:\Users\Petr Herman\AppData\Roaming\Skype
2014-09-24 22:35:16 ----D---- C:\Windows\Help
2014-09-24 19:35:28 ----D---- C:\Windows\SYSWOW64\drivers
2014-09-24 18:12:35 ----DC---- C:\SWTOOLS
2014-09-24 18:03:41 ----DC---- C:\DRIVERS
2014-09-24 12:27:58 ----D---- C:\Windows\Logs
2014-09-24 11:25:20 ----RD---- C:\Program Files (x86)\Skype
2014-09-24 11:24:44 ----D---- C:\Program Files (x86)\Common Files
2014-09-24 11:24:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-09-24 11:00:24 ----D---- C:\Windows\PolicyDefinitions
2014-09-24 11:00:24 ----D---- C:\Program Files\Windows Media Player
2014-09-24 11:00:21 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-09-24 10:56:54 ----A---- C:\Windows\systemtype.txt
2014-09-24 04:10:06 ----D---- C:\Windows\SoftwareDistribution
2014-09-24 01:40:20 ----DC---- C:\Program Files\DIFX
2014-09-24 01:40:20 ----DC---- C:\Program Files\Common Files\System
2014-09-24 01:40:18 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-09-24 01:40:18 ----D---- C:\ProgramData\lenovo
2014-09-24 01:40:15 ----D---- C:\Windows\servicing
2014-09-24 01:40:14 ----D---- C:\Windows\system32\CodeIntegrity
2014-09-24 01:40:12 ----HD---- C:\Windows\system32\WLANProfiles
2014-09-24 01:40:11 ----D---- C:\Windows\registration
2014-09-24 00:51:44 ----D---- C:\Users\Petr Herman\AppData\Roaming\LSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 23944]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 63160]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2013-05-22 15472]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2010-05-10 23736]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-09-03 67072]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-09-03 54784]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-09-03 57856]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-10-22 51496]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2010-12-17 299648]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-05 649216]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2010-04-07 290008]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2010-12-17 1493632]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-13 10629184]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-01-23 8616960]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2014-09-24 40248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-28 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2010-12-17 748160]
S0 amdkmafd;AMD Audio Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmafd.sys [2013-03-14 21600]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 30088]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-05-03 21712]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 27016]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2014-10-22 16152]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2014-10-22 34808]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\drivers\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2014-03-14 133464]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2014-03-14 272728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-01-24 915232]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-05-29 44024]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-05-29 62456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2010-02-04 174616]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2014-09-29 616288]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-05-14 1146304]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 125424]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-05-27 125488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-02-04 2058776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-05-27 110128]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-17 262320]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-09-03 272776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-03 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 23 říj 2014 18:08

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si poškodit systém, nebo některou aplikaci?

phermi · #7 Příspěvek od **phermi** » 26 říj 2014 13:30

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr Herman at 2014-10-26 13:29:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 203 GB (82%) free of 247 GB
Total RAM: 3032 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:29:26, on 26.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\iWEB Studio\CPUMon\CPUMon.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\Petr Herman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... tsId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CPUMon] C:\Program Files (x86)\iWEB Studio\CPUMon\CPUMon.exe
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8312 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 35727872
\??\C:\Windows\system32\conhost.exe "1354267481-207555360-1735760952357866154149116660-2265021951742849719931677717
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
\??\C:\Windows\system32\conhost.exe "-185946072-212934552080669754244851304-138464443618292818751136563999-1642429690
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {3082091F-02A1-458A-8A04-5E5A7C20A1AA}
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\LENOVO\HOTKEY\shtctky.exe
taskeng.exe {95CA29A4-DCF6-4503-A727-4D38AD8F54B0}
C:\Windows\Explorer.EXE
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe"
"C:\Program Files\Lenovo\Zoom\TpScrex.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
"C:\Program Files\My Lockbox\mylbx.exe" /a
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\iWEB Studio\CPUMon\CPUMon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=gpu-process --channel="5912.0.1328037966\1584812860" --enable-proprietary-media-types-playback --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2555 --enable-proprietary-media-types-playback --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5912.2.1147585114\1013662802" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5912.4.2125783243\993048516" /prefetch:673131151
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5912.6.151132707\478124487" /prefetch:673131151
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Opera\25.0.1614.50\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="5912.7.1225295132\1009034652" /prefetch:673131151
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Users\Petr Herman\Desktop\udrzbapc\RSITx64.exe"
C:\Windows\system32\svchost.exe -k HsfXAudioService
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [2010-02-04 111640]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-05-29 60920]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2014-02-17 384344]
"AcWin7Hlpr"=C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [2014-03-14 63832]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2014-09-29 607584]
"mylbx"=C:\Program Files\My Lockbox\mylbx.exe [2013-05-08 2584864]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5595336]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-12-06 162584]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-12-06 386840]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-12-06 417560]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"CPUMon"=C:\Program Files (x86)\iWEB Studio\CPUMon\CPUMon.exe [2002-02-23 720384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-13 272896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\07297893.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\07297893.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-26 13:18:15 ----DC---- C:\_OTM
2014-10-26 13:13:34 ----DC---- C:\rsit
2014-10-24 11:16:32 ----DC---- C:\Program Files\paint.net
2014-10-23 15:21:49 ----D---- C:\Program Files (x86)\iWEB Studio
2014-10-23 15:21:33 ----A---- C:\Windows\GPInstall.exe
2014-10-23 14:50:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-23 14:49:15 ----D---- C:\ProgramData\CheckPoint
2014-10-22 20:02:44 ----D---- C:\ProgramData\Sophos
2014-10-22 19:08:56 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-10-22 18:29:24 ----D---- C:\ProgramData\F-Secure
2014-10-22 18:02:14 ----DC---- C:\AdwCleaner
2014-10-22 17:48:40 ----D---- C:\Users\Petr Herman\AppData\Roaming\Opera Software
2014-10-22 17:48:32 ----D---- C:\Program Files (x86)\Opera
2014-10-22 17:46:41 ----SHDC---- C:\$RECYCLE.BIN
2014-10-22 16:46:10 ----A---- C:\Windows\wininit.ini
2014-10-22 16:20:26 ----A---- C:\Windows\zip.exe
2014-10-22 16:20:26 ----A---- C:\Windows\SWSC.exe
2014-10-22 16:20:26 ----A---- C:\Windows\SWREG.exe
2014-10-22 16:20:26 ----A---- C:\Windows\sed.exe
2014-10-22 16:20:26 ----A---- C:\Windows\PEV.exe
2014-10-22 16:20:26 ----A---- C:\Windows\NIRCMD.exe
2014-10-22 16:20:26 ----A---- C:\Windows\MBR.exe
2014-10-22 16:20:26 ----A---- C:\Windows\grep.exe
2014-10-22 16:18:51 ----D---- C:\Windows\erdnt
2014-10-22 15:57:07 ----DC---- C:\Program Files\Speccy
2014-10-22 15:29:35 ----D---- C:\Program Files (x86)\Reference Assemblies
2014-10-22 15:29:35 ----D---- C:\Program Files (x86)\MSBuild
2014-10-22 15:29:32 ----D---- C:\Windows\SYSWOW64\XPSViewer
2014-10-22 15:29:31 ----DC---- C:\Program Files\Reference Assemblies
2014-10-22 15:29:31 ----DC---- C:\Program Files\MSBuild
2014-10-22 15:25:30 ----D---- C:\Program Files (x86)\Marcos Velasco Security
2014-10-22 14:01:58 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2014-10-22 14:01:56 ----D---- C:\ProgramData\RogueKiller
2014-10-22 12:41:54 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-10-22 11:53:01 ----AC---- C:\autoexec.bat
2014-10-22 11:35:34 ----DC---- C:\Program Files\ESET
2014-10-22 11:35:34 ----D---- C:\ProgramData\ESET
2014-10-22 10:05:42 ----DC---- C:\Program Files\trend micro
2014-10-17 02:06:37 ----DC---- C:\1a07ed6190d59251c2a182
2014-10-16 13:55:35 ----A---- C:\Windows\system32\win32k.sys
2014-10-16 13:55:34 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-16 13:55:34 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-16 13:55:34 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 13:55:33 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-16 13:55:33 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 13:55:33 ----A---- C:\Windows\system32\dfshim.dll
2014-10-16 13:55:30 ----A---- C:\Windows\system32\generaltel.dll
2014-10-16 13:55:29 ----A---- C:\Windows\system32\aepdu.dll
2014-10-16 13:55:29 ----A---- C:\Windows\system32\aeinv.dll
2014-10-16 13:55:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-16 13:55:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-16 13:55:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-16 13:55:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-16 13:55:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-16 13:55:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-16 13:55:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-16 13:55:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-16 13:55:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-16 13:55:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 13:55:27 ----A---- C:\Windows\system32\iernonce.dll
2014-10-16 13:55:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-16 13:55:27 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-16 13:55:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-16 13:55:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-16 13:55:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-16 13:55:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-16 13:55:25 ----A---- C:\Windows\system32\urlmon.dll
2014-10-16 13:55:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 13:55:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-16 13:55:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-16 13:55:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-16 13:55:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-16 13:55:24 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-16 13:55:24 ----A---- C:\Windows\system32\iesetup.dll
2014-10-16 13:55:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-16 13:55:24 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-16 13:55:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-16 13:55:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-16 13:55:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-16 13:55:23 ----A---- C:\Windows\system32\iertutil.dll
2014-10-16 13:55:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-16 13:55:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-16 13:55:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-16 13:55:22 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-16 13:55:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-16 13:55:22 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-16 13:55:22 ----A---- C:\Windows\system32\ieui.dll
2014-10-16 13:55:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-16 13:55:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-16 13:55:21 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-16 13:55:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-16 13:55:21 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-16 13:55:21 ----A---- C:\Windows\system32\ieframe.dll
2014-10-16 13:55:20 ----A---- C:\Windows\system32\wininet.dll
2014-10-16 13:55:20 ----A---- C:\Windows\system32\vbscript.dll
2014-10-16 13:55:20 ----A---- C:\Windows\system32\jscript9.dll
2014-10-16 13:55:20 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-16 13:55:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 13:55:19 ----A---- C:\Windows\system32\msrating.dll
2014-10-16 13:55:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-16 13:55:19 ----A---- C:\Windows\system32\mshtml.dll
2014-10-16 13:54:51 ----A---- C:\Windows\system32\msi.dll
2014-10-16 13:54:49 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-16 13:54:39 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-16 13:54:29 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-16 13:54:29 ----A---- C:\Windows\system32\rastls.dll
2014-10-16 13:54:20 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-16 13:54:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-16 13:54:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-16 13:54:20 ----A---- C:\Windows\system32\winsta.dll
2014-10-16 13:54:20 ----A---- C:\Windows\system32\winlogon.exe
2014-10-16 13:54:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-16 13:54:20 ----A---- C:\Windows\system32\termsrv.dll
2014-10-16 13:54:20 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-16 13:54:20 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-16 13:54:20 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-16 13:54:20 ----A---- C:\Windows\system32\credssp.dll
2014-10-16 13:54:09 ----A---- C:\Windows\system32\mstscax.dll
2014-10-16 13:54:08 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-16 13:54:08 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-16 13:54:08 ----A---- C:\Windows\system32\packager.dll
2014-10-14 12:40:00 ----D---- C:\Program Files (x86)\BlueVoda Website Builder
2014-10-10 07:59:12 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2014-10-10 07:59:12 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys
2014-10-10 07:59:12 ----A---- C:\Windows\system32\drivers\epfw.sys
2014-10-10 07:59:12 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2014-10-10 07:59:12 ----A---- C:\Windows\system32\drivers\edevmon.sys
2014-10-10 07:59:12 ----A---- C:\Windows\system32\drivers\eamonm.sys
2014-10-01 14:30:31 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 14:30:31 ----A---- C:\Windows\system32\qdvd.dll
2014-09-27 17:53:41 ----D---- C:\Users\Petr Herman\AppData\Roaming\Cycling '74
2014-09-27 17:53:39 ----D---- C:\Users\Petr Herman\AppData\Roaming\PACE Anti-Piracy
2014-09-27 17:53:39 ----D---- C:\ProgramData\PACE Anti-Piracy
2014-09-27 17:06:07 ----DC---- C:\Program Files\Common Files\Propellerhead Software
2014-09-27 17:06:06 ----D---- C:\Users\Petr Herman\AppData\Roaming\Ableton

======List of files/folders modified in the last 1 month======

2014-10-26 13:29:23 ----D---- C:\Windows\Temp
2014-10-26 13:29:21 ----A---- C:\Windows\SYSWOW64\log.txt
2014-10-26 13:23:36 ----D---- C:\Windows\Prefetch
2014-10-26 13:22:32 ----D---- C:\Windows
2014-10-26 13:19:02 ----D---- C:\Windows\system32\config
2014-10-26 13:18:41 ----D---- C:\Windows\SysWOW64
2014-10-26 13:15:20 ----D---- C:\Windows\System32
2014-10-26 13:15:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-26 13:15:19 ----D---- C:\Windows\inf
2014-10-24 11:34:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-24 11:20:16 ----D---- C:\Windows\system32\Tasks
2014-10-24 11:20:12 ----SHD---- C:\Windows\Installer
2014-10-24 11:20:12 ----RD---- C:\Program Files (x86)
2014-10-24 11:20:11 ----D---- C:\Windows\Tasks
2014-10-24 11:19:31 ----SHD---- C:\System Volume Information
2014-10-24 11:18:38 ----D---- C:\Windows\Microsoft.NET
2014-10-24 11:18:25 ----RSD---- C:\Windows\assembly
2014-10-24 11:16:32 ----RDC---- C:\Program Files
2014-10-24 10:38:18 ----D---- C:\Windows\system32\drivers
2014-10-23 15:32:08 ----D---- C:\Program Files (x86)\Lenovo
2014-10-23 15:32:07 ----D---- C:\Windows\Help
2014-10-23 15:04:51 ----D---- C:\Windows\system32\DriverStore
2014-10-23 15:04:51 ----D---- C:\Windows\system32\catroot
2014-10-23 14:52:01 ----D---- C:\Windows\winsxs
2014-10-23 14:49:15 ----HD---- C:\ProgramData
2014-10-23 14:05:32 ----D---- C:\Windows\system32\catroot2
2014-10-23 13:26:00 ----DC---- C:\PerfLogs
2014-10-23 12:55:11 ----D---- C:\Users\Petr Herman\AppData\Roaming\LSC
2014-10-23 12:48:37 ----DC---- C:\Program Files\Lenovo
2014-10-23 12:47:21 ----D---- C:\Windows\Downloaded Installations
2014-10-22 21:07:51 ----D---- C:\Windows\rescache
2014-10-22 16:46:13 ----SD---- C:\ProgramData\Microsoft
2014-10-22 16:24:27 ----D---- C:\Windows\Panther
2014-10-22 15:29:32 ----D---- C:\Windows\SYSWOW64\wbem
2014-10-22 15:29:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-22 15:29:31 ----RSD---- C:\Windows\Fonts
2014-10-22 15:29:31 ----D---- C:\Windows\system32\wbem
2014-10-22 15:29:31 ----D---- C:\Windows\system32\cs-CZ
2014-10-22 15:28:01 ----DC---- C:\Program Files\Internet Explorer
2014-10-22 15:28:01 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-22 14:39:49 ----DC---- C:\Program Files\Microsoft Games
2014-10-22 14:39:31 ----D---- C:\Windows\system32\spool
2014-10-22 11:59:10 ----D---- C:\Windows\system32\wdi
2014-10-22 11:48:24 ----D---- C:\Windows\pss
2014-10-22 11:28:24 ----D---- C:\Windows\debug
2014-10-17 11:21:10 ----SD---- C:\Windows\system32\CompatTel
2014-10-17 11:21:10 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-17 11:21:09 ----D---- C:\Windows\system32\en-US
2014-10-17 02:03:04 ----D---- C:\Windows\system32\MRT
2014-10-17 02:00:47 ----A---- C:\Windows\system32\MRT.exe
2014-10-07 19:16:57 ----D---- C:\ProgramData\CanonIJPLM
2014-10-02 14:53:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-30 18:02:18 ----D---- C:\Users\Petr Herman\AppData\Roaming\vlc
2014-09-29 20:15:20 ----DC---- C:\Program Files\Common Files\Microsoft Shared
2014-09-27 17:06:07 ----DC---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 23944]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 63160]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2014-01-29 152888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2014-01-29 29496]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2013-05-22 15472]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2010-05-10 23736]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-09-03 67072]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-09-03 54784]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-09-03 57856]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2010-12-17 299648]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-05 649216]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2010-04-07 290008]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2010-12-17 1493632]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 57144]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-13 10629184]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-01-23 8616960]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2014-09-24 40248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-28 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-11-15 461040]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2010-12-17 748160]
S0 amdkmafd;AMD Audio Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmafd.sys [2013-03-14 21600]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 30088]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-05-03 21712]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 27016]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2014-10-24 16152]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2014-10-23 34808]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\drivers\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [2014-03-14 133464]
R2 AcSvc;AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [2014-03-14 272728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-01-24 915232]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-02-08 621296]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-02-27 68440]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-05-29 44024]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-05-29 62456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2010-02-04 174616]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-02-08 149744]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2014-09-29 616288]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2014-06-10 125424]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2014-05-27 125488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-02-04 2058776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2014-05-27 110128]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-24 267440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-02-08 273136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-06-18 24560]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2014-01-29 49976]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-03 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

phermi · #8 Příspěvek od **phermi** » 26 říj 2014 13:34

add combofix.. zkoušel jsem různé programy ke zjištění, po přečtení doporučení z fora již vím, že to nebyl dobrý krok a už se do něčeho podobného pouštět nebudu.. nicméně combofix se mi snad ani nepovedlo spustit.. po otm se komp restartoval a pak se dvakrát po sobě sám od sebe vypnul, teď se mi konečně povedlo připojit sem, nový log resit výše

#9 Příspěvek od **Rudy** » 26 říj 2014 17:53

Vše smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

phermi · #10 Příspěvek od **phermi** » 31 říj 2014 11:43

omlouvám se, že odepisuji až teď.. vytížení procesoru kleslo, nicméně stále kolem 50.. zkoušel jsem ještě spyterminator, ten nic nenašel, vím, jaký máte názor na programy typu spyhunter, ale vyzkoušel jsem i ten a našel 270 infiltrací, mimo dvou souborů vše v registračních klíčech a jsou to programy, o kterých vím, že jsem je v počítači měl, eset nebo malwerebytes je poslali do karantény, nicméně spyhunter hlásí infiltraci.. připojuji seznam který vypsal spyhunter, neplánuji jeho plnou verzi ani jsem neléčil, tak zkuste mrknout.. díky

#11 Příspěvek od **Rudy** » 31 říj 2014 18:18

To, co bylo nalezeno jsou opravdu šmejdy. Jinak ale programy typu Spyhunter nijak nepodporujeme, často vidí problém tam, kde není.

phermi · #12 Příspěvek od **phermi** » 01 lis 2014 18:34

ano, dočetl jsem se, fix jsem nepoužil, navíc je pouze v placené verzi.. každopádně jakým způsobem mohu odstranit? může to být ono, co vytěžuje procesor?

#13 Příspěvek od **Rudy** » 01 lis 2014 19:57

Spusťte tento sken: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.

phermi · #14 Příspěvek od **phermi** » 01 lis 2014 22:58

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 1.11.2014
Čas skenování: 22:46:57
Protokol: log.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.11.01.08
Databáze rootkitů: v2014.11.01.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr Herman

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 304740
Uplynulý čas: 9 min, 59 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#15 Příspěvek od **Rudy** » 02 lis 2014 10:17

Takže nic tam není a je opět jasné, že spyhunter kecá. Alespoň vidíte, co je to za program.

VIRY.CZ

prosím o kontrolu logu - přetížené cpu, občas náhlý restart

prosím o kontrolu logu - přetížené cpu, občas náhlý restart

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest

Re: prosím o kontrolu logu - přetížené cpu, občas náhlý rest