Snizeni vykonu

Zpráva

Rolandman · #1 Příspěvek od **Rolandman** » 06 pro 2012 12:32

Zdravim,dneska mi ps vyhodil zpravu ze doslo ke snizeni vykonu a dal mi na vyber jestli nechci zmenit schenma windows 7 na basic..neco jsem cetl a pry to muze byt neco na základni desce,EPU nebo co,muzete mi prosim poradit,predem děkuji

#2 Příspěvek od **Rudy** » 06 pro 2012 19:32

Také zdravím!
Dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 . Možná, že se něco dovíme.

Rolandman · #3 Příspěvek od **Rolandman** » 07 pro 2012 06:06

Tak tady to je

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakub at 2012-12-07 06:06:35
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 9 GB (20%) free of 45 GB
Total RAM: 4095 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:06:38, on 7.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
D:\Programy\avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Program Files\trend micro\Jakub.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avast] "D:\Programy\avast\avastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\Programy\office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\office\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
O23 - Service: WebOptimizer - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6570 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Programy\avast\AvastSvc.exe"
atieclxx
taskeng.exe {156E6D52-2303-457B-93EC-7511680DBE07}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Web Assistant\ExtensionUpdaterService.exe"
C:\Windows\system32\dmwu.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2456
"D:\Programy\avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3860.5402900.349378056 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3860 "\\.\pipe\gecko-crash-server-pipe.3860" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe" --proxy-stub-channel=Flash3412.6D8D3AA0.41 --host-broker-channel=Flash3412.6D8D3AA0.18467 --host-pid=3412 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe" --channel=1608.0036F414.1375206385 --proxy-stub-channel=Flash3412.6D8D3AA0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\wuauclt.exe"
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
taskhost.exe $(Arg0)
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jakub\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\tdjrh47j.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.110 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.110 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - D:\Programy\avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-09 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-09 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension32.dll [2012-09-03 167256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\Programy\avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - D:\Programy\avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - D:\Programy\avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programy\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 641704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VDownloader]
D:\Programy\VDownloader\VDownloader.exe [2012-09-27 881664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"avast"=D:\Programy\avast\avastUI.exe [2012-10-30 4297136]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2029-11-23 16:57:12 ----A---- C:\Windows\system32\drivers\aswSP.sys
2029-11-23 16:57:12 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2029-11-23 16:57:05 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2029-11-23 16:57:04 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2029-11-23 16:57:03 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2029-11-23 16:57:02 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2029-11-23 16:57:02 ----A---- C:\Windows\system32\aswBoot.exe
2012-11-25 20:54:22 ----SHD---- C:\$RECYCLE.BIN
2012-11-25 19:22:57 ----D---- C:\ProgramData\ATI
2012-11-25 19:22:55 ----D---- C:\Program Files (x86)\AMD AVT
2012-11-25 19:22:11 ----D---- C:\Program Files (x86)\ATI Technologies
2012-11-25 13:23:34 ----D---- C:\Windows\temp
2012-11-25 12:05:58 ----D---- C:\Windows\erdnt
2012-11-24 17:08:19 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-24 17:08:19 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-24 17:08:19 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-24 17:06:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-24 17:06:56 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-24 17:06:56 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2012-11-24 17:06:53 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2012-11-24 17:06:53 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2012-11-24 17:06:49 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2012-11-24 17:06:49 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2012-11-24 17:06:49 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2012-11-24 17:06:49 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-11-24 17:06:49 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2012-11-24 17:06:49 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2012-11-24 17:06:49 ----A---- C:\Windows\system32\wksprtPS.dll
2012-11-24 17:06:49 ----A---- C:\Windows\system32\wksprt.exe
2012-11-24 17:06:49 ----A---- C:\Windows\system32\TSWbPrxy.exe
2012-11-24 17:06:49 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2012-11-24 17:06:49 ----A---- C:\Windows\system32\tsgqec.dll
2012-11-24 17:06:49 ----A---- C:\Windows\system32\rdpudd.dll
2012-11-24 17:06:49 ----A---- C:\Windows\system32\rdpendp_winip.dll
2012-11-24 17:06:49 ----A---- C:\Windows\system32\mstsc.exe
2012-11-24 17:06:49 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2012-11-24 17:06:49 ----A---- C:\Windows\system32\aaclient.dll
2012-11-24 17:06:48 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-11-24 17:06:48 ----A---- C:\Windows\system32\rdpcorets.dll
2012-11-24 17:06:48 ----A---- C:\Windows\system32\mstscax.dll
2012-11-24 17:01:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-24 17:01:36 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-24 17:01:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-24 17:01:35 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-24 17:01:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-24 17:01:35 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-24 17:01:35 ----A---- C:\Windows\system32\url.dll
2012-11-24 17:01:35 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-24 17:01:35 ----A---- C:\Windows\system32\ieui.dll
2012-11-24 17:01:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-24 17:01:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-24 17:01:34 ----A---- C:\Windows\system32\urlmon.dll
2012-11-24 17:01:34 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-24 17:01:34 ----A---- C:\Windows\system32\jscript9.dll
2012-11-24 17:01:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-24 17:01:33 ----A---- C:\Windows\system32\wininet.dll
2012-11-24 17:01:33 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-24 17:01:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-24 17:01:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-24 17:01:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-24 17:01:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-24 17:01:32 ----A---- C:\Windows\system32\vbscript.dll
2012-11-24 17:01:32 ----A---- C:\Windows\system32\jscript.dll
2012-11-24 17:01:32 ----A---- C:\Windows\system32\iertutil.dll
2012-11-24 17:01:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-24 17:01:30 ----A---- C:\Windows\system32\mshtml.dll
2012-11-24 17:01:29 ----A---- C:\Windows\system32\ieframe.dll
2012-11-24 17:01:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-24 16:59:33 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-24 16:59:33 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-24 16:59:32 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-24 16:59:32 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-24 16:59:32 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-24 16:59:31 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-24 16:59:31 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-24 16:57:28 ----A---- C:\Windows\system32\msxml6.dll
2012-11-24 16:57:27 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-11-24 16:57:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-11-24 16:57:27 ----A---- C:\Windows\system32\msxml3.dll
2012-11-24 16:57:26 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-11-24 16:57:26 ----A---- C:\Windows\system32\msxml3r.dll
2012-11-24 16:57:20 ----A---- C:\Windows\system32\d3d10level9.dll
2012-11-24 16:57:19 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-11-24 16:57:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-11-24 16:57:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-11-24 16:57:13 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-11-24 16:57:09 ----A---- C:\Windows\system32\winsrv.dll
2012-11-24 16:57:09 ----A---- C:\Windows\system32\KernelBase.dll
2012-11-24 16:57:09 ----A---- C:\Windows\system32\kernel32.dll
2012-11-24 16:57:09 ----A---- C:\Windows\system32\conhost.exe
2012-11-24 16:57:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-11-24 16:57:08 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-11-24 16:57:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-11-24 16:57:08 ----A---- C:\Windows\system32\wow64.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-24 16:57:07 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-24 16:57:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-11-24 16:57:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-11-24 16:57:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-11-24 16:57:07 ----A---- C:\Windows\system32\wow64win.dll
2012-11-24 16:57:07 ----A---- C:\Windows\system32\wow64cpu.dll
2012-11-24 16:57:07 ----A---- C:\Windows\system32\ntvdm64.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-24 16:57:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-24 16:57:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-24 16:57:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-11-24 16:57:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-24 16:57:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-11-24 16:57:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-11-24 16:57:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-11-24 16:57:04 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-24 16:57:04 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-24 16:57:04 ----A---- C:\Windows\SYSWOW64\user.exe
2012-11-24 16:57:00 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-11-24 16:57:00 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-11-24 16:57:00 ----A---- C:\Windows\system32\schannel.dll
2012-11-24 16:57:00 ----A---- C:\Windows\system32\ncrypt.dll
2012-11-24 16:57:00 ----A---- C:\Windows\system32\lsasrv.dll
2012-11-24 16:57:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-11-24 16:57:00 ----A---- C:\Windows\system32\drivers\cng.sys
2012-11-24 16:56:59 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-11-24 16:56:59 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-11-24 16:56:57 ----A---- C:\Windows\system32\shell32.dll
2012-11-24 16:56:55 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-11-24 16:56:52 ----A---- C:\Windows\system32\win32k.sys
2012-11-24 16:56:51 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-24 16:56:51 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-24 16:56:51 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-24 16:56:51 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-24 16:56:49 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-11-24 16:56:49 ----A---- C:\Windows\system32\qdvd.dll
2012-11-24 16:56:48 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-11-24 16:56:47 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-11-24 16:56:47 ----A---- C:\Windows\system32\rdpwsx.dll
2012-11-24 16:56:47 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-11-24 16:56:46 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-11-24 16:56:46 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-11-24 16:56:45 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-11-24 16:56:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-11-24 16:56:21 ----A---- C:\Windows\system32\tzres.dll
2012-11-24 16:54:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-11-24 16:54:42 ----A---- C:\Windows\system32\crypt32.dll
2012-11-24 16:54:41 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-11-24 16:54:41 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-11-24 16:54:41 ----A---- C:\Windows\system32\cryptsvc.dll
2012-11-24 16:54:41 ----A---- C:\Windows\system32\cryptnet.dll
2012-11-24 16:54:06 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-24 16:54:06 ----A---- C:\Windows\system32\ncsi.dll
2012-11-24 16:54:06 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-24 16:54:06 ----A---- C:\Windows\system32\drivers\netio.sys
2012-11-24 16:54:05 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-24 16:54:05 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-24 16:54:05 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-24 16:54:05 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-24 16:54:05 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-24 16:54:05 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-24 16:54:05 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-24 16:54:05 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-11-24 16:54:04 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-24 16:54:04 ----A---- C:\Windows\system32\netevent.dll
2012-11-24 16:54:00 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-11-24 16:53:59 ----A---- C:\Windows\system32\cdosys.dll
2012-11-24 16:53:57 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-24 16:53:57 ----A---- C:\Windows\system32\synceng.dll
2012-11-24 16:53:49 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-11-24 16:53:49 ----A---- C:\Windows\system32\kerberos.dll
2012-11-24 16:53:43 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-11-24 16:53:43 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-11-24 16:53:43 ----A---- C:\Windows\system32\netapi32.dll
2012-11-24 16:53:43 ----A---- C:\Windows\system32\browser.dll
2012-11-24 16:53:43 ----A---- C:\Windows\system32\browcli.dll
2012-11-24 16:53:36 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-11-24 16:53:34 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-11-24 16:53:34 ----A---- C:\Windows\system32\srcore.dll
2012-11-24 16:53:33 ----A---- C:\Windows\system32\profsvc.dll
2012-11-24 16:53:32 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-11-24 16:53:32 ----A---- C:\Windows\system32\wintrust.dll
2012-11-24 16:53:31 ----A---- C:\Windows\system32\msi.dll
2012-11-24 16:53:30 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-11-24 16:53:28 ----A---- C:\Windows\system32\win32spl.dll
2012-11-24 16:53:27 ----A---- C:\Windows\system32\spoolsv.exe
2012-11-24 16:53:26 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-11-24 16:53:25 ----A---- C:\Windows\splwow64.exe
2012-11-24 16:53:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-11-24 16:53:20 ----A---- C:\Windows\system32\localspl.dll
2012-11-23 20:12:58 ----D---- C:\rsit
2012-11-20 20:44:46 ----D---- C:\Users\Jakub\AppData\Roaming\Theta

======List of files/folders modified in the last 1 month======

2029-11-23 16:56:41 ----D---- C:\ProgramData\AVAST Software
2012-12-07 06:06:38 ----D---- C:\Windows\Prefetch
2012-12-07 06:06:36 ----D---- C:\Program Files\trend micro
2012-12-07 06:01:29 ----D---- C:\Windows\system32\config
2012-12-06 15:51:25 ----SHD---- C:\System Volume Information
2012-12-06 15:06:44 ----D---- C:\Windows\System32
2012-12-06 15:06:44 ----D---- C:\Windows\inf
2012-12-06 15:06:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-06 07:28:17 ----D---- C:\ProgramData\PMB Files
2012-12-05 12:05:53 ----D---- C:\Users\Jakub\AppData\Roaming\uTorrent
2012-12-01 11:35:57 ----D---- C:\Windows\rescache
2012-11-29 15:15:43 ----SHD---- C:\Windows\Installer
2012-11-29 15:09:25 ----D---- C:\Windows
2012-11-29 15:07:04 ----D---- C:\Program Files (x86)\Adobe
2012-11-27 19:38:00 ----D---- C:\Users\Jakub\AppData\Roaming\Audacity
2012-11-27 16:03:50 ----D---- C:\Windows\system32\LogFiles
2012-11-25 21:19:04 ----D---- C:\Windows\system32\catroot2
2012-11-25 20:56:22 ----D---- C:\Windows\system32\catroot
2012-11-25 20:53:48 ----D---- C:\Windows\system32\drivers
2012-11-25 19:22:57 ----D---- C:\ProgramData
2012-11-25 19:22:56 ----D---- C:\ProgramData\AMD
2012-11-25 19:22:55 ----RD---- C:\Program Files (x86)
2012-11-25 19:22:55 ----D---- C:\Windows\SysWOW64
2012-11-25 19:22:38 ----D---- C:\Program Files\ATI Technologies
2012-11-25 19:20:40 ----D---- C:\Windows\system32\DriverStore
2012-11-25 18:05:01 ----D---- C:\Program Files (x86)\Common Files
2012-11-25 18:04:58 ----D---- C:\Program Files\Common Files
2012-11-25 18:02:03 ----D---- C:\Users\Jakub\AppData\Roaming\OpenCandy
2012-11-25 13:36:43 ----D---- C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2012-11-25 13:25:13 ----A---- C:\Windows\system.ini
2012-11-25 13:25:06 ----D---- C:\Windows\system32\drivers\etc
2012-11-25 13:21:57 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-25 13:21:57 ----D---- C:\Windows\AppPatch
2012-11-25 12:16:34 ----D---- C:\Windows\system32\wdi
2012-11-25 11:04:18 ----D---- C:\Windows\Microsoft.NET
2012-11-25 11:03:50 ----RSD---- C:\Windows\assembly
2012-11-24 17:14:25 ----D---- C:\Windows\winsxs
2012-11-24 17:13:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-11-24 17:12:05 ----D---- C:\Windows\SYSWOW64\wbem
2012-11-24 17:12:05 ----D---- C:\Windows\SYSWOW64\en-US
2012-11-24 17:12:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-11-24 17:12:05 ----D---- C:\Windows\system32\wbem
2012-11-24 17:12:05 ----D---- C:\Windows\system32\en-US
2012-11-24 17:12:05 ----D---- C:\Windows\system32\drivers\en-US
2012-11-24 17:12:05 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-24 17:12:05 ----D---- C:\Windows\system32\cs-CZ
2012-11-24 17:12:05 ----D---- C:\Windows\PolicyDefinitions
2012-11-24 17:12:03 ----D---- C:\Windows\SYSWOW64\migration
2012-11-24 17:12:03 ----D---- C:\Windows\system32\migration
2012-11-24 17:12:03 ----D---- C:\Program Files\Internet Explorer
2012-11-24 17:12:03 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-24 17:12:02 ----RSD---- C:\Windows\Fonts
2012-11-24 17:00:03 ----D---- C:\Windows\debug
2012-11-24 10:41:42 ----SD---- C:\Users\Jakub\AppData\Roaming\Microsoft
2012-11-24 10:41:42 ----SD---- C:\ProgramData\Microsoft
2012-11-23 20:10:38 ----D---- C:\Windows\Logs
2012-11-23 18:50:36 ----D---- C:\Windows\system32\Tasks
2012-11-20 18:55:34 ----D---- C:\Windows\SYSWOW64\directx
2012-11-16 10:56:44 ----D---- C:\ProgramData\Adobe
2012-11-16 10:56:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-11-11 12:57:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-21 279616]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Programy\Garena\Garena Classic\safedrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-04 238080]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\avast\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-06-22 76888]
R2 Web Assistant Updater;Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-09-03 188760]
R2 WebOptimizer;WebOptimizer; C:\Windows\system32\dmwu.exe [2012-09-13 1259888]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-01-30 103992]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-01-30 123960]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-01-30 51272]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-01-30 141376]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-01-30 141376]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-01-30 141376]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 07 pro 2012 18:42

Nic nebezpečného nevidím. Zkuste provést kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Rolandman · #5 Příspěvek od **Rolandman** » 11 pro 2012 13:30

TAk tady to je,zadny malware nebyl zjisten

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.12.11.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jakub :: JAKUB-PC [administrátor]

11.12.2012 12:53:28
mbam-log-2012-12-11 (12-53-28).txt

Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 365739
Uplynulý čas: 36 minut, 22 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#6 Příspěvek od **Rudy** » 11 pro 2012 17:46

Ano. Viry problém nezpůsobily. Váš problém bude nejspíše hardwarový. Zkuste otestovat PC pomocí Everestu: http://www.stahuj.centrum.cz/utility_a_ ... y/everest/ . Cítíte, že se PC zpomalil, příp. ztratil výkon?

Rolandman · #7 Příspěvek od **Rolandman** » 11 pro 2012 18:32

S Everestem jsem jeste nepracoval,chcete sem log? jedine s cim si vsimam ze je problem je vetracek u procesoru,huci a pritom procesor neni nijak zatizen,ikdyz nic nedelem presto huci.

#8 Příspěvek od **Rudy** » 11 pro 2012 19:49

Rolandman píše:S Everestem jsem jeste nepracoval,chcete sem log? jedine s cim si vsimam ze je problem je vetracek u procesoru,huci a pritom procesor neni nijak zatizen,ikdyz nic nedelem presto huci.

Koukněte do Everestu, měl byste v něm najít teploty komponent. Neměly by být trvale vyší než 65°C (u NB 70°C).

Rolandman · #9 Příspěvek od **Rolandman** » 12 pro 2012 17:48

To je v pořádku,nejvýšší teplota je 44 stupnu u druheho jadra procesoru..

#10 Příspěvek od **Rudy** » 12 pro 2012 18:35

To je OK. Zkuste obnovu systému k datu, kdy korektně fungoval.

Rolandman · #11 Příspěvek od **Rolandman** » 12 pro 2012 19:45

To už mě taky napadlo ale bohužel nemám žádný bod obnovy k datu kdy bylo vše ok

#12 Příspěvek od **Rudy** » 12 pro 2012 20:02

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim

s rezidentem antispyware

Rolandman · #13 Příspěvek od **Rolandman** » 12 pro 2012 20:30

Tady to je

ComboFix 12-12-10.01 - Jakub 12.12.2012 20:23:54.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.4095.2777 [GMT 1:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-12 do 2012-12-12 )))))))))))))))))))))))))))))))
.
.
2029-11-23 15:57 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2029-11-23 15:57 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2029-11-23 15:57 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2029-11-23 15:57 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2029-11-23 15:57 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2029-11-23 15:57 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2029-11-23 15:57 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-12 19:27 . 2012-12-12 19:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-11 11:53 . 2012-12-11 11:53 -------- d-----w- c:\users\Jakub\AppData\Roaming\Malwarebytes
2012-12-11 11:52 . 2012-12-11 11:52 -------- d-----w- c:\programdata\Malwarebytes
2012-11-25 18:22 . 2012-11-25 18:22 -------- d-----w- c:\programdata\ATI
2012-11-25 18:22 . 2012-11-25 18:22 -------- d-----w- c:\program files (x86)\AMD AVT
2012-11-25 18:22 . 2012-11-25 18:22 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-11-24 16:08 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-24 16:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-24 16:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-24 16:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-24 16:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-24 16:01 . 2012-10-08 12:29 174216 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-11-24 15:59 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-24 15:59 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-24 15:59 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-24 15:59 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-24 15:59 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-24 15:59 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-24 15:59 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-24 15:56 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-24 15:54 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-11-24 15:53 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2012-11-23 19:12 . 2012-11-23 19:13 -------- d-----w- C:\rsit
2012-11-20 19:44 . 2012-11-20 19:44 -------- d-----w- c:\users\Jakub\AppData\Roaming\Theta
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 09:56 . 2012-07-18 15:01 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-16 09:56 . 2011-11-21 10:06 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 22:51 . 2011-11-21 07:42 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-11-21 07:42 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-29 20:04 . 2011-11-21 06:43 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2010-01-26 09:11 . 2012-10-21 08:21 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2012-09-03 07:13 167256 ----a-w- c:\program files\Web Assistant\Extension32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast"="d:\programy\avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-01-30 123960]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 GGSAFERDriver;GGSAFER Driver;d:\programy\Garena\Garena Classic\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-21 279616]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- d:\programy\avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page =
IE: E&xportovat do aplikace Microsoft Office Excel - d:\programy\office\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\tdjrh47j.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2029-11-23 16:56; wrc@avast.com; d:\programy\avast\WebRep\FF
.
.
Celkový čas: 2012-12-12 20:29:03
ComboFix-quarantined-files.txt 2012-12-12 19:29
.
Před spuštěním: 8 844 926 976
Po spuštění: 8 859 557 888
.
- - End Of File - - FF8F0E4134FEB35A7096838E1A3BB95A

#14 Příspěvek od **Rudy** » 12 pro 2012 21:47

Toto je zcela OK. Virový problém to asi nebude. Udělejte kontrolu disku CrystalDiskInfo:http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

Rolandman · #15 Příspěvek od **Rolandman** » 13 pro 2012 14:41

----------------------------------------------------------------------------
CrystalDiskInfo 5.1.1 Shizuku Edition (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/12/13 14:41:47

-- Controller Map ----------------------------------------------------------
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- ST3500418AS ATA Device
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- HL-DT-ST DVD-RAM GH22LP20 ATA Device
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) ST3500418AS : 500,1 GB [0/2/0, pd1] - st

----------------------------------------------------------------------------
(1) ST3500418AS
----------------------------------------------------------------------------
Model : ST3500418AS
Firmware : CC37
Serial Number : 5VM2XJQD
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 7382 hod.
Power On Count : 2017 krát
Temparature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : FE00h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 0000091B4840 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 _97 _97 _20 000000000FCC Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _82 _60 _30 00000A8F38EF Počet chybných hledání
09 _92 _92 __0 000000001CD6 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 0000000007E1 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB _98 _98 __0 000000000002 Ohlášeno neopravitelných chyb
BC 100 _98 __0 0000000003D6 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _76 _63 _45 000018140018 Teplota toku vzduchu
C2 _24 _40 __0 000D00000018 Teplota
C3 _44 _29 __0 0000091B4840 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 AEF700003247 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000BA04B2CA Total LBAs Written
F2 100 253 __0 0000936D2A7E Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3556 4D32 584A 5144
020: 0000 8000 0004 4343 3337 2020 2020 5354 3335 3030
030: 3431 3841 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0506 0000 0048 0040
080: 01F0 0029 346B 7F01 4163 3469 BE01 4163 207F 0029
090: 0029 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500
110: 1930 9BC1 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 004F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3F00 9800
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B6A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 75 63 40 48 1B 09 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 61 61 CC
020: 0F 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 52 3C EF 38 8F 0A 00 00 00 09 32
040: 00 5C 5C D6 1C 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 63 63 E1 07 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 62 62 02
080: 00 00 00 00 00 00 BC 32 00 64 62 D6 03 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 4C 3F 18 00 14 18 00 00 00 C2 22 00 18 28 18
0B0: 00 00 00 0D 00 00 C3 1A 00 2C 1D 40 48 1B 09 00
0C0: 00 00 C5 12 00 64 64 00 00 00 00 00 00 00 C6 10
0D0: 00 64 64 00 00 00 00 00 00 00 C7 3E 00 C8 C8 00
0E0: 00 00 00 00 00 00 F0 00 00 64 FD 47 32 00 00 F7
0F0: AE 18 F1 00 00 64 FD CA B2 04 BA 00 00 00 F2 00
100: 00 64 FD 7E 2A 6D 93 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 58 02 00 7B
170: 03 00 01 00 01 58 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 01 03 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 96 EA D2 CB 30 18 00 00
1B0: 00 00 00 00 01 00 8F 00 CA B2 04 BA 55 00 00 00
1C0: 7E 2A 6D 93 F4 06 00 00 00 00 00 00 EA 28 45 01
1D0: 00 00 00 01 00 00 00 00 F6 11 00 00 4F 00 06 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E7

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 C2 00 00 00 00 00
0B0: 00 00 00 00 00 00 C3 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 F0 00 00 00 00 00 00 00 00 00
0F0: 00 00 F1 00 00 00 00 00 00 00 00 00 00 00 F2 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60

VIRY.CZ

Snizeni vykonu

Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu

Re: Snizeni vykonu