prosím o kontrolu

[Márty84]

MBAM opet odinstalujte.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[jarka112]

RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 8 (6.2.9200 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Romana [Práva Správcu]
Režim : Kontrola -- Dátum : 02/17/2013 12:23:53
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MQ01ABD050 +++++
--- User ---
[MBR] a84dd93b5b19931ceaddbccc47850486
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1]_S_02172013_02d1223.txt >>
RKreport[1]_S_02172013_02d1223.txt

[Márty84]

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[jarka112]

RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 8 (6.2.9200 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Romana [Práva Správcu]
Režim : Odebrať -- Dátum : 02/17/2013 12:36:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MQ01ABD050 +++++
--- User ---
[MBR] a84dd93b5b19931ceaddbccc47850486
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[4]_D_02172013_02d1236.txt >>
RKreport[1]_S_02172013_02d1223.txt ; RKreport[2]_D_02172013_02d1231.txt ; RKreport[3]_S_02172013_02d1234.txt ; RKreport[4]_D_02172013_02d1236.txt

[jarka112]

RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 8 (6.2.9200 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Romana [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 02/17/2013 12:37:50
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončené : << RKreport[5]_H_02172013_02d1237.txt >>
RKreport[1]_S_02172013_02d1223.txt ; RKreport[2]_D_02172013_02d1231.txt ; RKreport[3]_S_02172013_02d1234.txt ; RKreport[4]_D_02172013_02d1236.txt ; RKreport[5]_H_02172013_02d1237.txt

[Márty84]

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe , ulozte ho na plochu a spustte jako spravce.
Kliknete na Report
Za chvili vyskoci log s nazvem MBRScan.txt, ten mi sem zkopirujte.

[jarka112]

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 8  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
BOOT           : Normal Boot
DATE           : 2013/02/17 (ISO 8601) at 12:41:13
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __TOSHIBA MQ01ABD050 (AX003M)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : dword aligned
________________________________________________________________________________

Device\Harddisk0\DR0	465.8 Go  [Fixed] ==> Unknown MBR Code...

MBR_MD5   : A84DD93B5B19931CEADDBCCC47850486
MBR_SHA1  : B0944268147995B9E49E326C04D7E26FE43632AA

Device\Harddisk0\Partition1	2.00 To  	0xEE EFI GPT[1] 
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\windows\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0xFCA00000
SIZE    : 7.28 Mo

DRIVER  : C:\windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0xFD148000
SIZE    : 432.0 Ko

DRIVER  : C:\windows\system32\kd.dll => Invisible on the disk
ADDRESS : 0xFBE1C000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C8E000
SIZE    : 380.0 Ko

DRIVER  : C:\windows\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00CED000
SIZE    : 368.0 Ko

DRIVER  : C:\windows\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0x00D49000
SIZE    : 140.0 Ko

DRIVER  : C:\windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 508.0 Ko

DRIVER  : C:\windows\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x00D8B000
SIZE    : 396.0 Ko

DRIVER  : C:\windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x01001000
SIZE    : 776.0 Ko

DRIVER  : C:\windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x010C3000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0x010D3000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0x010EA000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x010F5000
SIZE    : 436.0 Ko

DRIVER  : C:\windows\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x01162000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x0116C000
SIZE    : 560.0 Ko

DRIVER  : C:\windows\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00DEE000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x012C5000
SIZE    : 244.0 Ko

DRIVER  : C:\windows\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x01302000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0x0130F000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x01326000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0x01340000
SIZE    : 292.0 Ko

DRIVER  : C:\windows\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x01389000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 384.0 Ko

DRIVER  : C:\windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x01260000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\System32\drivers\iaStorA.sys => Invisible on the disk
ADDRESS : 0x0147C000
SIZE    : 2.79 Mo

DRIVER  : C:\windows\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0x01746000
SIZE    : 340.0 Ko

DRIVER  : C:\windows\System32\drivers\EhStorClass.sys => Invisible on the disk
ADDRESS : 0x0179B000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 384.0 Ko

DRIVER  : C:\windows\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x01460000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x018CC000
SIZE    : 1.89 Mo

DRIVER  : C:\windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x01AAF000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01ACA000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01ADB000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x01AE5000
SIZE    : 1004.0 Ko

DRIVER  : C:\windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 444.0 Ko

DRIVER  : C:\windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x0186F000
SIZE    : 188.0 Ko

DRIVER  : C:\windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01CB2000
SIZE    : 2.21 Mo

DRIVER  : C:\windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01EE9000
SIZE    : 416.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wfplwfs.sys => Invisible on the disk
ADDRESS : 0x01F51000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01F6C000
SIZE    : 472.0 Ko

DRIVER  : C:\windows\System32\drivers\wd.sys => Invisible on the disk
ADDRESS : 0x01FE2000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01C00000
SIZE    : 340.0 Ko

DRIVER  : C:\windows\System32\drivers\tos_sps64.sys => Invisible on the disk
ADDRESS : 0x020C6000
SIZE    : 504.0 Ko

DRIVER  : C:\windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x0214E000
SIZE    : 236.0 Ko

DRIVER  : C:\windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x02189000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x021AC000
SIZE    : 112.0 Ko

DRIVER  : C:\windows\System32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x02000000
SIZE    : 344.0 Ko

DRIVER  : C:\windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x02056000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0x03998000
SIZE    : 196.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswSnx.SYS => Invisible on the disk
ADDRESS : 0x03A11000
SIZE    : 976.0 Ko

DRIVER  : C:\windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x03B05000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x03B0E000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0x03B16000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x03205000
SIZE    : 1.40 Mo

DRIVER  : C:\windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x0336C000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x0337D000
SIZE    : 312.0 Ko

DRIVER  : C:\windows\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0x033CB000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x033DC000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x033EE000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x03B23000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x03B45000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x03B53000
SIZE    : 352.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswrdr2.sys => Invisible on the disk
ADDRESS : 0x03BAB000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x03600000
SIZE    : 584.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x03BBB000
SIZE    : 168.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x03BE5000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x03A00000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x03CBC000
SIZE    : 456.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03D2E000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x03D48000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0x03D56000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x03D62000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x03D6E000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x03D7F000
SIZE    : 132.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswSP.SYS => Invisible on the disk
ADDRESS : 0x03C00000
SIZE    : 388.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswnet.sys => Invisible on the disk
ADDRESS : 0x03E3C000
SIZE    : 468.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x03EB1000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x03EBD000
SIZE    : 188.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x03EEC000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x03F0A000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x03F22000
SIZE    : 176.0 Ko

DRIVER  : C:\windows\System32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x03F4E000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\kdnic.sys => Invisible on the disk
ADDRESS : 0x03F5D000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\Drivers\pcouffin.sys => Invisible on the disk
ADDRESS : 0x03F68000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x03F7D000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x04ACA000
SIZE    : 8.57 Mo

DRIVER  : C:\windows\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0x0535D000
SIZE    : 348.0 Ko

DRIVER  : C:\windows\System32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0x053B4000
SIZE    : 224.0 Ko

DRIVER  : C:\windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x04A00000
SIZE    : 220.0 Ko

DRIVER  : C:\windows\System32\drivers\HECIx64.sys => Invisible on the disk
ADDRESS : 0x04A37000
SIZE    : 76.0 Ko

DRIVER  : C:\windows\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x04A4A000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x046FB000
SIZE    : 492.0 Ko

DRIVER  : C:\windows\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x04776000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rtwlane.sys => Invisible on the disk
ADDRESS : 0x04849000
SIZE    : 1.52 Mo

DRIVER  : C:\windows\System32\drivers\vwifibus.sys => Invisible on the disk
ADDRESS : 0x049CD000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Rt630x64.sys => Invisible on the disk
ADDRESS : 0x04600000
SIZE    : 684.0 Ko

DRIVER  : C:\windows\System32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x049DA000
SIZE    : 128.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\SynTP.sys => Invisible on the disk
ADDRESS : 0x0478C000
SIZE    : 460.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x04800000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x0480B000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x0481A000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tdcmdpst.sys => Invisible on the disk
ADDRESS : 0x04829000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Smb_driver_Intel.sys => Invisible on the disk
ADDRESS : 0x04835000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\System32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0x046AB000
SIZE    : 28.0 Ko

DRIVER  : C:\windows\System32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x046B2000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0x046BE000
SIZE    : 112.0 Ko

DRIVER  : C:\windows\System32\drivers\TVALZ_O.SYS => Invisible on the disk
ADDRESS : 0x046DA000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\TVALZFL.sys => Invisible on the disk
ADDRESS : 0x046E6000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\System32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x046EE000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\drivers\tosrfec.sys => Invisible on the disk
ADDRESS : 0x04A60000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x04A68000
SIZE    : 132.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x04A89000
SIZE    : 148.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x04AAE000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x04844000
SIZE    : 8.0 Ko

DRIVER  : C:\windows\System32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x03F8F000
SIZE    : 316.0 Ko

DRIVER  : C:\windows\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0x053EC000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x03FDE000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0x04295000
SIZE    : 504.0 Ko

DRIVER  : C:\windows\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0x04313000
SIZE    : 460.0 Ko

DRIVER  : C:\windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x060AE000
SIZE    : 3.90 Mo

DRIVER  : C:\windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x06494000
SIZE    : 300.0 Ko

DRIVER  : C:\windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x064DF000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x06501000
SIZE    : 24.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk
ADDRESS : 0x06507000
SIZE    : 352.0 Ko

DRIVER  : C:\windows\System32\drivers\Thotkey.sys => Invisible on the disk
ADDRESS : 0x0655F000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\drivers\mshidkmdf.sys => Invisible on the disk
ADDRESS : 0x0656C000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x06575000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x06590000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\System32\Drivers\RtsUStor.sys => Invisible on the disk
ADDRESS : 0x06598000
SIZE    : 260.0 Ko

DRIVER  : C:\windows\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0x065D9000
SIZE    : 140.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\RtkBtfilter.sys => Invisible on the disk
ADDRESS : 0x06000000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\Drivers\BTHUSB.sys => Invisible on the disk
ADDRESS : 0x0600C000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\System32\Drivers\bthport.sys => Invisible on the disk
ADDRESS : 0x03692000
SIZE    : 1.14 Mo

DRIVER  : C:\windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x0013D000
SIZE    : 3.95 Mo

DRIVER  : C:\windows\System32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0x06023000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x06030000
SIZE    : 208.0 Ko

DRIVER  : C:\windows\System32\drivers\mouhid.sys => Invisible on the disk
ADDRESS : 0x06064000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x06070000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\BthLEEnum.sys => Invisible on the disk
ADDRESS : 0x04386000
SIZE    : 220.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rfcomm.sys => Invisible on the disk
ADDRESS : 0x0607E000
SIZE    : 172.0 Ko

DRIVER  : C:\windows\System32\drivers\BthEnum.sys => Invisible on the disk
ADDRESS : 0x043BD000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\bthpan.sys => Invisible on the disk
ADDRESS : 0x043CF000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\System32\drivers\bthmodem.sys => Invisible on the disk
ADDRESS : 0x04200000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\system32\drivers\modem.sys => Invisible on the disk
ADDRESS : 0x04215000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\drivers\BthA2DP.sys => Invisible on the disk
ADDRESS : 0x04224000
SIZE    : 116.0 Ko

DRIVER  : C:\windows\system32\drivers\btampm.sys => Invisible on the disk
ADDRESS : 0x04241000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\System32\drivers\BthAvrcpTg.sys => Invisible on the disk
ADDRESS : 0x0424D000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0x04255000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\Drivers\dump_iaStorA.sys => Invisible on the disk
ADDRESS : 0x17643000
SIZE    : 2.79 Mo

DRIVER  : C:\windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x1790D000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x0073A000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x008CE000
SIZE    : 216.0 Ko

DRIVER  : C:\windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x17921000
SIZE    : 160.0 Ko

DRIVER  : C:\windows\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x17949000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\System32\Drivers\aswFsBlk.SYS => Invisible on the disk
ADDRESS : 0x1796B000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x17974000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x17988000
SIZE    : 440.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x17600000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x17614000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0x1762C000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0x17639000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x037B7000
SIZE    : 880.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x04262000
SIZE    : 128.0 Ko

DRIVER  : C:\windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x03893000
SIZE    : 392.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x03C61000
SIZE    : 300.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x03DA0000
SIZE    : 232.0 Ko

DRIVER  : C:\windows\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0x03E17000
SIZE    : 112.0 Ko

DRIVER  : C:\windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x1802C000
SIZE    : 812.0 Ko

DRIVER  : C:\windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x180F7000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x18102000
SIZE    : 272.0 Ko

DRIVER  : C:\windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x18146000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x038F5000
SIZE    : 636.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x1816A000
SIZE    : 564.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN  NOVGA

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î.............
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

[Márty84]

Jeste jeden si dame


Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe , ulozte na plochu a spustte.
Kliknete na Scan
Pak kliknete na Save log a ulozte ho treba na plochu
Obsah logu mi sem zkopirujte

[jarka112]

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-17 12:46:22
-----------------------------
12:46:22.937 OS Version: Windows x64 6.2.9200
12:46:22.937 Number of processors: 2 586 0x2A07
12:46:22.937 ComputerName: ROMANA UserName: Romana
12:46:23.187 Initialze error 1
12:46:24.062 AVAST engine defs: 13021400
12:46:27.421 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
12:46:27.437 Disk 0 Vendor: TOSHIBA_MQ01ABD050 AX003M Size: 476940MB BusType: 11
12:46:27.453 Disk 0 MBR read successfully
12:46:27.453 Disk 0 MBR scan
12:46:27.468 Disk 0 unknown MBR code
12:46:27.468 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
12:46:27.468 Disk 0 scanning C:\windows\system32\drivers
12:46:27.468 Service scanning
12:46:28.203 Modules scanning
12:46:28.203 Disk 0 trace - called modules:
12:46:28.218 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
12:46:28.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8015e66540]
12:46:28.250 3 CLASSPNP.SYS[fffff880020028aa] -> nt!IofCallDriver -> \Device\00000038[0xfffffa8014f07720]
12:46:28.781 AVAST engine scan C:\windows
12:46:28.781 AVAST engine scan C:\windows\system32
12:46:28.796 AVAST engine scan C:\windows\system32\drivers
12:46:28.812 AVAST engine scan C:\Users\Romana
12:46:28.828 AVAST engine scan C:\ProgramData
12:46:28.843 Scan finished successfully
12:46:55.907 Disk 0 MBR has been saved successfully to "C:\Users\Romana\Documents\MBR.dat"
12:46:55.923 The log file has been saved successfully to "C:\Users\Romana\Documents\aswMBR.txt"

[Márty84]

Najdete tento soubor C:\Users\Romana\Documents\MBR.dat a otestujte ho na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.

[jarka112]

http://www.virustotal.com/en/file/a8cc7 ... 361102287/

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[jarka112]

po spusteni combofix sa nic nedeje.Nieco tam vypise,potvrdim OK a program sa zavrie

[Márty84]

Co vypise?

CF jeste asi neni urcen na W8

Tak dejte novy log z RSIT

[jarka112]

Ano CF nie je ešte pre W8.Prikladám:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Romana at 2013-02-17 16:26:12
Microsoft Windows 8
System drive C: has 427 GB (92%) free of 466 GB
Total RAM: 3980 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:26:18, on 17.2.2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16482)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Free Ride Games\GPlayer.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\Program Files\trend micro\Romana.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ToshibaDynamicIconUtility] "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
O4 - HKLM\..\Run: [TPUReg(x86)] "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
O4 - HKLM\..\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9755 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 556735514048
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {3207f769-472e-4f57-b3d05a08d3d44586}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
taskhostex.exe
C:\windows\Explorer.EXE
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
"C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
"C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
C:\windows\System32\svchost.exe -k swprv
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5788.cd7aa00.223794049 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 5788 "\\.\pipe\gecko-crash-server-pipe.5788" plugin
"C:\windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe" --proxy-stub-channel=Flash6044.6CA4FFD0.41 --host-broker-channel=Flash6044.6CA4FFD0.18467 --host-pid=6044 --host-npapi-version=27 --plugin-path="C:\windows\SYSTEM32\Macromed\Flash\NPSWF32_11_5_502_149.dll"
"C:\windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe" --channel=6076.007AF624.1720831954 --proxy-stub-channel=Flash6044.6CA4FFD0.41 --plugin-path="C:\windows\SYSTEM32\Macromed\Flash\NPSWF32_11_5_502_149.dll" --host-npapi-version=27 --type=renderer
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Users\Romana\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-08-08 170304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-08-08 398656]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-08-08 440640]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-13 12936848]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2012-08-14 2608040]
"TODDMain"=C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [2012-08-04 213136]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2012-08-14 169896]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2012-07-11 356776]
"SRS Premium Sound HD"=C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2012-07-27 2170784]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"=C:\Program Files (x86)\Free Ride Games\GPlayer.exe [2012-12-04 4936152]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaDynamicIconUtility"=C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [2012-08-09 1498624]
"TPUReg(x86)"=C:\Program Files\TOSHIBA\Password Utility\TosPU.exe /Retimes []
"TPUReg"=C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [2012-08-23 6884352]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-08-06 439296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]