Prosím o kontrolu logu

Zpráva

JiriHrabcuk · #1 Příspěvek od **JiriHrabcuk** » 24 zář 2013 20:16

CPU v nečinosti jede pořád na 30% , PC nejde vypnou hned na poprvé

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:15:39, on 24. 9. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16688)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\windows\inf\msnnqdos\msnnqdos.exe
C:\windows\inf\msbkppwt\msbkppwt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\HellShare Upload Manager\jre6\bin\javaw.exe
C:\Users\Jiri\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.downha.com/vb/members/downha1398/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPDTDFJS
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPlugin_Protection.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [msloeghSrv] C:\windows\inf\msloegh.vbe
O4 - HKLM\..\Run: [msdksfbSrv] C:\windows\inf\msdksfb.vbe
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11656 bytes

#2 Příspěvek od **Rudy** » 24 zář 2013 20:48

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=24&t=130784 . Je podrobnější, než HijackThis.

JiriHrabcuk · #3 Příspěvek od **JiriHrabcuk** » 24 zář 2013 21:03

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jiri at 2013-09-24 21:54:58
Microsoft Windows 8
System drive C: has 418 GB (44%) free of 948 GB
Total RAM: 8132 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:55:02, on 24. 9. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16688)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\windows\inf\msnnqdos\msnnqdos.exe
C:\windows\inf\msbkppwt\msbkppwt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\HellShare Upload Manager\jre6\bin\javaw.exe
C:\Program Files\trend micro\Jiri.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.downha.com/vb/members/downha1398/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPDTDFJS
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPlugin_Protection.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [msloeghSrv] C:\windows\inf\msloegh.vbe
O4 - HKLM\..\Run: [msdksfbSrv] C:\windows\inf\msdksfb.vbe
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11657 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe"
dashost.exe {24cde463-e29b-44fb-86baa31e476a8b23}
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Defender\MsMpEng.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe"
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
C:\windows\inf\msnnqdos\msnnqdos.exe -o stratum+tcp://mint.bitminter.com:3333 -u kansasan_kansasboy -p desertpete
C:\windows\inf\msbkppwt\msbkppwt.exe -o stratum+tcp://mint.bitminter.com:3333 -u kansasan_kansasboy -p desertpete
\??\C:\windows\system32\conhost.exe 0x4
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\system32\NOTEPAD.EXE" C:\Users\Jiri\Documents\Jack Hunter.txt
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\HellShare Upload Manager\jre6\bin\javaw.exe" -jar "C:\Program Files (x86)\HellShare Upload Manager\UploadManager.exe" -noUpdate
taskeng.exe {6B18348E-74E9-4303-974D-4DF957013881}
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe20_ Global\UsGthrCtrlFltPipeMssGthrPipe20 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Users\Jiri\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AmiUpdXp.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForJiri.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-06-13 205472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2013-03-09 877760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2013-07-13 2328776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2013-03-09 704704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPlugin_Protection.dll [2013-04-24 659264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2013-07-13 1724616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-09-19 37888]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-09-19 1425408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-04-18 491840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-02 491120]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []
"PowerDVD12DMREngine"=C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2013-01-22 505096]
"PowerDVD12Agent"=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [2013-01-22 373784]
"msloeghSrv"=C:\windows\inf\msloegh.vbe [2013-08-27 1558]
"msdksfbSrv"=C:\windows\inf\msdksfb.vbe [2013-08-27 1558]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

JiriHrabcuk · #4 Příspěvek od **JiriHrabcuk** » 24 zář 2013 21:04

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-24 21:55:00 ----D---- C:\Program Files\trend micro
2013-09-24 21:54:58 ----D---- C:\rsit
2013-09-24 14:44:22 ----HD---- C:\$SysReset
2013-09-24 12:09:18 ----A---- C:\windows\SYSWOW64\AVERM.dll
2013-09-24 12:09:18 ----A---- C:\windows\SYSWOW64\AVEQT.dll
2013-09-24 12:09:17 ----D---- C:\Program Files (x86)\Allok MP3 to AMR Converter
2013-09-19 19:53:28 ----RSHD---- C:\Leawo_Video_Cache
2013-09-18 23:02:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-09-16 17:15:39 ----SH---- C:\windows\SYSWOW64\AVSredirect.dll
2013-09-16 17:15:39 ----SH---- C:\windows\SYSWOW64\avisynth.dll
2013-09-16 17:06:40 ----A---- C:\windows\SYSWOW64\drvc.dll
2013-09-16 01:09:01 ----D---- C:\Users\Jiri\AppData\Roaming\Digiarty
2013-09-16 01:08:29 ----D---- C:\Program Files (x86)\Digiarty
2013-09-16 00:07:30 ----A---- C:\windows\SYSWOW64\xvidcore.dll
2013-09-16 00:07:29 ----A---- C:\windows\SYSWOW64\xvidvfw.dll
2013-09-16 00:06:10 ----A---- C:\windows\SYSWOW64\uninstHelixYUV.exe
2013-09-15 23:57:14 ----D---- C:\ProgramData\StaxRip
2013-09-14 07:32:23 ----A---- C:\windows\system32\FNTCACHE.DAT
2013-09-12 13:30:13 ----D---- C:\Program Files (x86)\MeGUI_2356_x86
2013-09-12 13:15:01 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-09-11 19:15:24 ----D---- C:\Users\Jiri\AppData\Roaming\Mozilla
2013-09-11 19:15:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\UXInit.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-09-11 00:35:45 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\wininet.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\uxtheme.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\UXInit.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\urlmon.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\mshtml.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\msfeeds.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\jsproxy.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\jscript9.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\jscript.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\iesysprep.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\iesetup.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\iertutil.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\iernonce.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\ieframe.dll
2013-09-11 00:35:45 ----A---- C:\windows\system32\ie4uinit.exe
2013-09-11 00:34:18 ----A---- C:\windows\SYSWOW64\wups.dll
2013-09-11 00:34:18 ----A---- C:\windows\SYSWOW64\wudriver.dll
2013-09-11 00:34:18 ----A---- C:\windows\SYSWOW64\wuapi.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\WUSettingsProvider.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\wups2.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\wups.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\wudriver.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\wucltux.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\wuaueng.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\wuauclt.exe
2013-09-11 00:34:18 ----A---- C:\windows\system32\wuapi.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\WinSetupUI.dll
2013-09-11 00:34:18 ----A---- C:\windows\system32\NotificationUI.exe
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\wuapp.exe
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\WSSync.dll
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\WSShared.dll
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\WSClient.dll
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\sppc.dll
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\setupcln.dll
2013-09-11 00:34:17 ----A---- C:\windows\SYSWOW64\OEMLicense.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\wuwebv.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\wuapp.exe
2013-09-11 00:34:17 ----A---- C:\windows\system32\WSSync.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\WSShared.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\WSService.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\WSClient.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\storewuauth.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\sppwinob.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\sppsvc.exe
2013-09-11 00:34:17 ----A---- C:\windows\system32\sppobjs.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\sppc.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\setupcln.dll
2013-09-11 00:34:17 ----A---- C:\windows\system32\drivers\dam.sys
2013-09-11 00:33:23 ----A---- C:\windows\system32\tssdisai.dll
2013-09-11 00:32:57 ----A---- C:\windows\system32\win32k.sys
2013-09-11 00:32:15 ----A---- C:\windows\SYSWOW64\twinui.dll
2013-09-11 00:32:15 ----A---- C:\windows\SYSWOW64\shell32.dll
2013-09-11 00:32:15 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2013-09-11 00:32:15 ----A---- C:\windows\SYSWOW64\SettingSync.dll
2013-09-11 00:32:15 ----A---- C:\windows\SYSWOW64\msctf.dll
2013-09-11 00:32:15 ----A---- C:\windows\SYSWOW64\mbsmsapi.dll
2013-09-11 00:32:15 ----A---- C:\windows\SYSWOW64\authui.dll
2013-09-11 00:32:15 ----A---- C:\windows\system32\twinui.dll
2013-09-11 00:32:15 ----A---- C:\windows\system32\shell32.dll
2013-09-11 00:32:15 ----A---- C:\windows\system32\shdocvw.dll
2013-09-11 00:32:15 ----A---- C:\windows\system32\SettingSyncInfo.dll
2013-09-11 00:32:15 ----A---- C:\windows\system32\SettingSync.dll
2013-09-11 00:32:15 ----A---- C:\windows\system32\msctf.dll
2013-09-11 00:32:15 ----A---- C:\windows\system32\mbsmsapi.dll
2013-09-11 00:32:15 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-09-11 00:32:15 ----A---- C:\windows\system32\authui.dll
2013-09-10 21:10:20 ----D---- C:\Users\Jiri\AppData\Roaming\tiger-k
2013-09-10 21:10:20 ----D---- C:\Users\Jiri\AppData\Roaming\Leawo
2013-09-10 21:09:11 ----A---- C:\windows\SYSWOW64\thdudf.sys
2013-09-10 21:09:11 ----A---- C:\windows\SYSWOW64\drivers\thdudf.sys
2013-09-10 21:09:08 ----D---- C:\Program Files (x86)\Leawo
2013-09-08 22:16:02 ----D---- C:\Users\Jiri\AppData\Roaming\HellShare Upload Manager
2013-09-08 22:15:50 ----D---- C:\Program Files (x86)\HellShare Upload Manager
2013-09-06 09:21:08 ----D---- C:\Users\Jiri\AppData\Roaming\VideoReDo-TVSuite4
2013-09-04 14:51:05 ----D---- C:\ProgramData\Logs
2013-09-03 15:18:20 ----D---- C:\Users\Jiri\AppData\Roaming\Publish Providers
2013-09-03 15:15:01 ----D---- C:\Users\Jiri\AppData\Roaming\Sony
2013-08-31 09:14:13 ----A---- C:\windows\system32\SmartDefragBootTime.exe
2013-08-30 22:47:03 ----A---- C:\windows\system32\drivers\SmartDefragDriver.sys
2013-08-28 15:27:34 ----A---- C:\windows\system32\DevIL.dll
2013-08-28 15:27:34 ----A---- C:\windows\system32\avisynth.dll
2013-08-27 19:02:11 ----D---- C:\Users\Jiri\AppData\Roaming\dcunningham.net

======List of files/folders modified in the last 1 month======

2013-09-24 21:55:00 ----RD---- C:\Program Files
2013-09-24 21:54:51 ----D---- C:\windows\Prefetch
2013-09-24 21:37:11 ----D---- C:\windows\Temp
2013-09-24 21:02:00 ----D---- C:\windows\system32\sru
2013-09-24 20:54:12 ----HD---- C:\ProgramData
2013-09-24 17:35:44 ----AD---- C:\ProgramData\Temp
2013-09-24 17:25:40 ----RD---- C:\windows\System32
2013-09-24 17:25:40 ----D---- C:\windows\Inf
2013-09-24 17:25:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-09-24 17:02:35 ----RD---- C:\Program Files (x86)
2013-09-24 16:57:51 ----A---- C:\windows\SYSWOW64\log.txt
2013-09-24 14:57:16 ----D---- C:\windows\system32\config
2013-09-24 14:49:37 ----SHD---- C:\System Volume Information
2013-09-24 14:31:07 ----D---- C:\windows\SysWOW64
2013-09-24 14:30:23 ----D---- C:\windows\system32\wdi
2013-09-24 12:11:36 ----D---- C:\Windows
2013-09-24 11:07:51 ----D---- C:\Users\Jiri\AppData\Roaming\uTorrent
2013-09-24 11:07:51 ----D---- C:\Users\Jiri\AppData\Roaming\Media Player Classic
2013-09-24 11:07:08 ----D---- C:\windows\SoftwareDistribution
2013-09-24 05:42:20 ----D---- C:\windows\system32\catroot2
2013-09-24 05:41:28 ----D---- C:\windows\debug
2013-09-24 05:21:54 ----D---- C:\windows\Microsoft.NET
2013-09-23 20:00:00 ----D---- C:\windows\Logs
2013-09-21 10:18:10 ----D---- C:\windows\Tasks
2013-09-21 10:18:10 ----D---- C:\windows\system32\Tasks
2013-09-20 21:59:06 ----HD---- C:\Program Files\WindowsApps
2013-09-20 21:59:06 ----D---- C:\windows\AUInstallAgent
2013-09-20 10:33:35 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-09-19 19:53:36 ----D---- C:\ProgramData\Leawo
2013-09-18 07:25:02 ----SHD---- C:\windows\Installer
2013-09-17 10:24:55 ----D---- C:\windows\WinSxS
2013-09-16 17:06:57 ----RSD---- C:\windows\Fonts
2013-09-16 00:07:30 ----D---- C:\Program Files (x86)\XviD
2013-09-16 00:05:15 ----D---- C:\Program Files (x86)\AviSynth 2.5
2013-09-13 10:00:27 ----RSD---- C:\windows\assembly
2013-09-12 16:32:09 ----D---- C:\windows\rescache
2013-09-12 13:13:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-12 13:13:23 ----D---- C:\Program Files\Internet Explorer
2013-09-12 13:13:20 ----D---- C:\windows\WinStore
2013-09-12 13:13:20 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-09-12 13:13:19 ----D---- C:\windows\system32\migration
2013-09-12 13:13:19 ----D---- C:\windows\system32\cs-CZ
2013-09-12 13:13:19 ----D---- C:\windows\PolicyDefinitions
2013-09-12 13:13:17 ----RD---- C:\windows\ToastData
2013-09-12 13:13:17 ----D---- C:\windows\system32\Drivers
2013-09-12 13:13:13 ----D---- C:\windows\system32\DriverStore
2013-09-12 09:38:17 ----D---- C:\windows\CbsTemp
2013-09-11 22:03:55 ----D---- C:\Users\Jiri\AppData\Roaming\Skype
2013-09-11 20:14:31 ----D---- C:\ProgramData\Microsoft Help
2013-09-11 20:14:12 ----D---- C:\windows\system32\MRT
2013-09-11 20:13:02 ----A---- C:\windows\system32\MRT.exe
2013-09-11 00:32:15 ----A---- C:\windows\SYSWOW64\PrintConfig.dll
2013-09-10 21:09:29 ----D---- C:\windows\SYSWOW64\drivers
2013-09-06 11:43:18 ----D---- C:\windows\system32\wbem
2013-09-06 11:42:51 ----D---- C:\Program Files (x86)\VideoReDoTVSuite4
2013-09-06 11:42:47 ----D---- C:\Users\Jiri\AppData\Roaming\Ulozto File Manager
2013-09-06 11:42:47 ----D---- C:\ProgramData\Licenses
2013-09-06 11:42:44 ----D---- C:\windows\registration
2013-08-31 09:23:23 ----SD---- C:\ProgramData\Microsoft
2013-08-30 22:47:03 ----D---- C:\Users\Jiri\AppData\Roaming\IObit
2013-08-30 22:46:57 ----D---- C:\Program Files (x86)\IObit
2013-08-26 20:10:23 ----SD---- C:\Users\Jiri\AppData\Roaming\Microsoft
2013-08-25 13:33:54 ----A---- C:\Users\Jiri\AppData\Roaming\AutoGK.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\windows\System32\drivers\ACPI.sys [2012-09-20 425192]
R0 acpiex;Microsoft ACPIEx Driver; C:\windows\System32\Drivers\acpiex.sys [2012-07-26 77040]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\windows\System32\drivers\CLFS.sys [2012-07-26 361200]
R0 CNG;CNG; C:\windows\System32\Drivers\cng.sys [2012-10-11 562392]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\windows\System32\drivers\disk.sys [2012-07-26 102640]
R0 excsd;ExpressCache Storage Filter Driver; C:\windows\system32\DRIVERS\excsd.sys [2012-03-30 95024]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\windows\System32\drivers\fileinfo.sys [2012-07-26 71920]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\windows\system32\drivers\fltmgr.sys [2012-07-26 374512]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\windows\System32\DRIVERS\fvevol.sys [2012-09-20 465128]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-09-19 647736]
R0 KSecDD;KSecDD; C:\windows\System32\Drivers\ksecdd.sys [2012-09-20 100072]
R0 KSecPkg;KSecPkg; C:\windows\System32\Drivers\ksecpkg.sys [2012-10-11 172264]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\windows\System32\drivers\mountmgr.sys [2012-07-26 93936]
R0 msisadrv;msisadrv; C:\windows\System32\drivers\msisadrv.sys [2012-07-26 17136]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\windows\System32\Drivers\mup.sys [2012-07-26 83696]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\windows\system32\drivers\ndis.sys [2013-06-17 997632]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\windows\System32\drivers\partmgr.sys [2013-01-10 91880]
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\windows\System32\drivers\pci.sys [2012-07-26 234224]
R0 pcw;Performance Counters for Windows Driver; C:\windows\System32\drivers\pcw.sys [2012-07-26 52464]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\windows\system32\drivers\pdc.sys [2013-03-02 69864]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2012-07-26 217328]
R0 SmartDefragDriver;SmartDefragDriver; C:\windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\windows\System32\drivers\spaceport.sys [2013-06-11 284416]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\windows\System32\drivers\tcpip.sys [2013-09-11 2233688]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\windows\System32\drivers\vdrvroot.sys [2012-07-26 36080]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\windows\System32\drivers\volmgr.sys [2012-07-26 83184]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\windows\System32\drivers\volmgrx.sys [2012-07-26 378608]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\windows\System32\drivers\volsnap.sys [2013-07-13 327936]
R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\windows\system32\drivers\Wdf01000.sys [2013-01-10 785504]
R0 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\windows\system32\drivers\WdFilter.sys [2013-07-02 247216]
R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\windows\system32\DRIVERS\wfplwfs.sys [2013-08-14 96512]
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\windows\system32\drivers\afd.sys [2012-11-06 560640]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 BasicDisplay;BasicDisplay; C:\windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640]
R1 BasicRender;BasicRender; C:\windows\System32\drivers\BasicRender.sys [2012-07-26 29696]
R1 Beep;Beep; C:\windows\system32\drivers\Beep.sys [2012-07-26 7680]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\windows\System32\drivers\cdrom.sys [2012-07-26 174080]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\windows\System32\Drivers\dfsc.sys [2012-07-26 118784]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\windows\System32\drivers\discache.sys [2012-07-26 50688]
R1 excfs;ExpressCache File System Filter Driver; C:\windows\system32\DRIVERS\excfs.sys [2012-03-30 23344]
R1 Msfs;Msfs; C:\windows\system32\drivers\Msfs.sys [2012-07-26 26112]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\windows\System32\drivers\mssmbios.sys [2012-07-26 37616]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\windows\system32\DRIVERS\netbios.sys [2012-07-26 46080]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\windows\System32\DRIVERS\netbt.sys [2012-07-26 331776]
R1 Npfs;Npfs; C:\windows\system32\drivers\Npfs.sys [2012-07-26 49152]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\windows\System32\drivers\npsvctrig.sys [2012-07-26 23552]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\windows\system32\drivers\nsiproxy.sys [2012-07-26 34304]
R1 Null;Null; C:\windows\system32\drivers\Null.sys [2012-07-26 5632]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\windows\system32\DRIVERS\pacer.sys [2012-07-26 145408]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\windows\system32\DRIVERS\rdbss.sys [2013-06-11 427520]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\windows\system32\DRIVERS\tdx.sys [2012-07-26 117248]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\windows\system32\drivers\luafv.sys [2012-07-26 134144]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\windows\system32\drivers\Ndu.sys [2012-07-26 97792]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-09-10 83704]
R2 PEAUTH;PEAUTH; C:\windows\system32\drivers\peauth.sys [2013-04-09 805376]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848]
R2 secdrv;Security Driver; C:\windows\system32\drivers\secdrv.sys [2012-07-26 23040]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\windows\System32\drivers\tcpipreg.sys [2012-07-26 45056]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\windows\system32\DRIVERS\bowser.sys [2012-07-26 101888]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\windows\System32\drivers\CompositeBus.sys [2012-07-26 36352]
R3 condrv;Console Driver; C:\windows\System32\drivers\condrv.sys [2012-07-26 33792]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\windows\System32\drivers\dxgkrnl.sys [2013-04-16 1455368]
R3 fastfat;FAT12/16/32 File System Driver; C:\windows\system32\drivers\fastfat.sys [2012-07-26 210672]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\System32\drivers\HDAudBus.sys [2012-09-20 71168]
R3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\windows\System32\drivers\hidusb.sys [2013-04-09 27648]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\windows\system32\drivers\HTTP.sys [2013-03-15 861184]
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\windows\System32\drivers\intelppm.sys [2012-11-06 89088]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\windows\System32\drivers\kbdclass.sys [2012-07-26 48368]
R3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\windows\System32\drivers\kbdhid.sys [2012-07-26 29184]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432]
R3 ksthunk;Kernel Streaming Thunks; C:\windows\system32\drivers\ksthunk.sys [2012-07-26 21376]
R3 L1C;@oem9.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-06-27 110744]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-18 62784]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\windows\System32\drivers\monitor.sys [2013-03-01 30720]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\windows\System32\drivers\mouclass.sys [2012-07-26 45808]
R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\windows\System32\drivers\mouhid.sys [2013-03-02 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\windows\System32\drivers\mpsdrv.sys [2012-10-11 74752]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\windows\system32\DRIVERS\mrxsmb.sys [2013-02-06 370688]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\windows\system32\DRIVERS\mrxsmb20.sys [2013-02-06 215552]
R3 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520]
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\windows\system32\DRIVERS\ndistapi.sys [2012-09-20 25088]
R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880]
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
R3 NDProxy;NDIS Proxy; C:\windows\system32\drivers\NDProxy.sys [2013-04-09 60416]
R3 Ntfs;Ntfs; C:\windows\system32\drivers\Ntfs.sys [2013-02-02 1933544]
R3 NVHDA;@oem8.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2012-07-04 189288]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2012-07-26 13378920]
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176]
R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2); C:\windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608]
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928]
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\windows\System32\drivers\rdpbus.sys [2012-07-26 22528]
R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\windows\System32\DRIVERS\srv.sys [2012-07-26 416768]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\windows\System32\DRIVERS\srv2.sys [2013-04-09 623104]
R3 srvnet;srvnet; C:\windows\System32\DRIVERS\srvnet.sys [2013-04-09 247808]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-09-19 540160]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\windows\System32\drivers\swenum.sys [2012-07-26 13680]
R3 TPM;@tpm.inf,%TPM%;TPM; C:\windows\system32\drivers\tpm.sys [2013-03-02 148712]
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504]
R3 UCX01000;USB Controller Extension; C:\windows\System32\drivers\ucx01000.sys [2013-07-13 213248]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\windows\System32\drivers\umbus.sys [2012-07-26 48128]
R3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Ovladač Microsoft UMPass; C:\windows\System32\drivers\umpass.sys [2012-07-26 11776]
R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\windows\System32\drivers\usbccgp.sys [2012-07-26 120832]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Ovladač miniportu vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\windows\System32\drivers\usbehci.sys [2012-09-20 79080]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Ovladač standardního rozbočovače USB; C:\windows\System32\drivers\usbhub.sys [2013-02-02 496872]
R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\windows\System32\drivers\UsbHub3.sys [2013-06-11 446720]
R3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\windows\System32\drivers\USBSTOR.SYS [2013-08-14 119040]
R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\windows\System32\drivers\USBXHCI.SYS [2013-07-13 337152]
S0 3ware;3ware; C:\windows\System32\drivers\3ware.sys [2012-07-26 106736]
S0 adp94xx;adp94xx; C:\windows\System32\drivers\adp94xx.sys [2012-07-26 492272]
S0 adpahci;adpahci; C:\windows\System32\drivers\adpahci.sys [2012-07-26 340720]
S0 adpu320;adpu320; C:\windows\System32\drivers\adpu320.sys [2012-07-26 184048]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\windows\System32\drivers\agp440.sys [2012-07-26 63216]
S0 amdsata;amdsata; C:\windows\System32\drivers\amdsata.sys [2012-07-26 76016]
S0 amdsbs;amdsbs; C:\windows\System32\drivers\amdsbs.sys [2012-07-26 258288]
S0 amdxata;amdxata; C:\windows\System32\drivers\amdxata.sys [2012-07-26 26352]
S0 arc;arc; C:\windows\System32\drivers\arc.sys [2012-07-26 104688]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\windows\System32\drivers\arcsas.sys [2012-07-26 108272]
S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\windows\System32\drivers\atapi.sys [2012-07-26 25840]
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\windows\System32\drivers\bxvbda.sys [2012-09-20 533224]
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\windows\System32\drivers\evbda.sys [2012-09-20 3265256]
S0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\windows\System32\drivers\EhStorClass.sys [2012-07-26 81136]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904]
S0 gagp30kx;@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\windows\System32\drivers\gagp30kx.sys [2012-07-26 66800]
S0 HpSAMD;HpSAMD; C:\windows\System32\drivers\HpSAMD.sys [2012-07-26 64752]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\windows\System32\drivers\hwpolicy.sys [2012-07-26 24816]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\windows\System32\drivers\iaStorV.sys [2012-07-26 411888]
S0 iirsp;iirsp; C:\windows\System32\drivers\iirsp.sys [2012-07-26 45296]
S0 intelide;intelide; C:\windows\System32\drivers\intelide.sys [2012-07-26 18672]
S0 isapnp;isapnp; C:\windows\System32\drivers\isapnp.sys [2012-07-26 22256]
S0 LSI_SAS;LSI_SAS; C:\windows\System32\drivers\lsi_sas.sys [2012-07-26 108784]
S0 LSI_SAS2;LSI_SAS2; C:\windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400]
S0 LSI_SCSI;LSI_SCSI; C:\windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976]
S0 LSI_SSS;LSI_SSS; C:\windows\System32\drivers\lsi_sss.sys [2012-07-26 81136]
S0 megasas;megasas; C:\windows\System32\drivers\megasas.sys [2012-07-26 51952]
S0 MegaSR;MegaSR; C:\windows\System32\drivers\MegaSR.sys [2012-07-26 353008]
S0 mvumis;mvumis; C:\windows\System32\drivers\mvumis.sys [2012-07-26 64240]
S0 nfrd960;nfrd960; C:\windows\System32\drivers\nfrd960.sys [2012-07-26 52464]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\windows\System32\drivers\nv_agp.sys [2012-07-26 125168]
S0 nvraid;nvraid; C:\windows\System32\drivers\nvraid.sys [2012-07-26 150256]
S0 nvstor;nvstor; C:\windows\System32\drivers\nvstor.sys [2012-07-26 168176]
S0 pciide;pciide; C:\windows\System32\drivers\pciide.sys [2012-07-26 14064]
S0 pcmcia;pcmcia; C:\windows\System32\drivers\pcmcia.sys [2012-07-26 237808]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\windows\System32\drivers\sbp2port.sys [2012-07-26 107760]
S0 SiSRaid2;SiSRaid2; C:\windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784]
S0 SiSRaid4;SiSRaid4; C:\windows\System32\drivers\sisraid4.sys [2012-07-26 81648]
S0 stexstor;stexstor; C:\windows\System32\drivers\stexstor.sys [2012-07-26 30960]
S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\windows\System32\drivers\storahci.sys [2013-03-02 77544]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160]
S0 storvsc;storvsc; C:\windows\System32\drivers\storvsc.sys [2012-07-26 37992]
S0 uagp35;@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\windows\System32\drivers\uagp35.sys [2012-07-26 65776]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\windows\System32\drivers\uliagpkx.sys [2012-07-26 66800]
S0 viaide;viaide; C:\windows\System32\drivers\viaide.sys [2012-07-26 19184]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\System32\drivers\vmbus.sys [2012-07-26 137832]
S0 vsmraid;vsmraid; C:\windows\System32\drivers\vsmraid.sys [2012-07-26 164080]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\windows\System32\drivers\vstxraid.sys [2012-07-26 322800]
S0 Wd;@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver; C:\windows\System32\drivers\wd.sys [2012-07-26 23792]
S0 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\windows\system32\drivers\WdBoot.sys [2013-07-02 36288]
S1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\windows\system32\drivers\dam.sys [2013-09-11 58200]
S2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\windows\system32\DRIVERS\thdudf.sys []
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\windows\System32\drivers\1394ohci.sys [2012-07-26 226304]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\windows\System32\drivers\acpipagr.sys [2012-07-26 10240]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\windows\System32\drivers\acpipmi.sys [2012-07-26 12288]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\windows\System32\drivers\acpitime.sys [2012-07-26 10752]
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\windows\System32\drivers\amdk8.sys [2012-11-06 90624]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\windows\System32\drivers\amdppm.sys [2012-11-06 88064]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\windows\system32\drivers\appid.sys [2012-07-26 79360]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624]
S3 athur;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\windows\system32\DRIVERS\athuw8x.sys [2012-11-21 3744256]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\windows\System32\drivers\BthAvrcpTg.sys [2013-07-13 37632]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\windows\System32\drivers\BthHFHid.sys [2012-11-27 29952]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\windows\System32\drivers\bthmodem.sys [2012-07-26 65536]
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\windows\System32\drivers\circlass.sys [2012-07-26 45056]
S3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\windows\System32\drivers\CmBatt.sys [2012-07-26 25600]
S3 dmvsc;dmvsc; C:\windows\System32\drivers\dmvsc.sys [2012-07-26 33280]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\windows\system32\drivers\drmkaud.sys [2012-10-11 5632]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\windows\System32\drivers\errdev.sys [2012-07-26 10240]
S3 exfat;exFAT File System Driver; C:\windows\system32\drivers\exfat.sys [2012-07-26 194560]
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\windows\System32\drivers\fdc.sys [2012-07-26 30720]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\windows\system32\drivers\filetrace.sys [2012-07-26 34816]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\windows\System32\drivers\flpydisk.sys [2012-07-26 24576]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\windows\System32\drivers\FsDepends.sys [2012-07-26 57584]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\windows\System32\drivers\fxppm.sys [2012-11-06 22528]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\windows\System32\drivers\vmgencounter.sys [2012-07-26 12288]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\windows\System32\Drivers\msgpioclx.sys [2013-08-14 120144]
S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2013-08-14 341504]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\windows\System32\drivers\HidBatt.sys [2012-07-26 27136]
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\windows\System32\drivers\hidbth.sys [2013-04-09 95744]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\windows\System32\drivers\hidi2c.sys [2012-11-20 39936]
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\windows\System32\drivers\hidir.sys [2012-07-26 46080]
S3 hyperkbd;hyperkbd; C:\windows\System32\drivers\hyperkbd.sys [2012-07-26 11776]
S3 HyperVideo;HyperVideo; C:\windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576]
S3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\windows\System32\drivers\i8042prt.sys [2012-07-26 112640]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-06-02 10627744]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088]
S3 IPMIDRV;IPMIDRV; C:\windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336]
S3 IPNAT;IP Network Address Translator; C:\windows\System32\drivers\ipnat.sys [2012-07-26 145920]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\windows\system32\drivers\irenum.sys [2012-07-26 17920]
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\windows\System32\drivers\msiscsi.sys [2012-11-06 277736]
S3 Modem;Modem; C:\windows\system32\drivers\modem.sys [2012-07-26 40448]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\windows\system32\drivers\mrxdav.sys [2012-07-26 141312]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2012-07-26 129536]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704]
S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\windows\System32\drivers\mshidumdf.sys [2012-07-26 10752]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008]
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2012-07-26 6912]
S3 MsRPC;MsRPC; C:\windows\system32\drivers\MsRPC.sys [2012-07-26 390896]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2012-07-26 8192]
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\windows\System32\drivers\MTConfig.sys [2012-07-26 14848]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464]
S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\windows\System32\drivers\parport.sys [2012-07-26 105984]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\windows\System32\drivers\processr.sys [2012-11-06 87552]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\windows\system32\drivers\qwavedrv.sys [2012-07-26 46592]
S3 RasAcd;Remote Access Auto Connection Driver; C:\windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384]
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\windows\System32\drivers\rdpdr.sys [2012-07-26 179712]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-10-12 27880]
S3 RDPWD;RDP Winstation Driver; C:\windows\system32\drivers\RDPWD.sys [2012-07-26 208384]
S3 Revoflt;Revoflt; C:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\windows\System32\drivers\vms3cap.sys [2012-07-26 7168]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864]
S3 sdbus;sdbus; C:\windows\System32\drivers\sdbus.sys [2013-08-14 195416]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\windows\System32\drivers\sdstor.sys [2012-10-11 56552]
S3 SerCx;Serial UART Support Library; C:\windows\system32\drivers\SerCx.sys [2012-07-26 62976]
S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\windows\System32\drivers\serenum.sys [2012-07-26 23040]
S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\windows\System32\drivers\serial.sys [2012-07-26 76800]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\windows\System32\drivers\sermouse.sys [2012-07-26 27136]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\windows\System32\drivers\sfloppy.sys [2012-07-26 16896]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\windows\system32\drivers\SpbCx.sys [2012-07-26 59392]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\windows\system32\DRIVERS\tcpip.sys [2013-09-11 2233688]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\windows\System32\drivers\terminpt.sys [2012-07-26 36592]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-07-26 57344]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\windows\System32\drivers\uaspstor.sys [2012-07-26 97008]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\windows\System32\drivers\usbcir.sys [2012-07-26 99328]
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\windows\System32\drivers\usbohci.sys [2012-11-20 27136]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\windows\System32\drivers\usbprint.sys [2012-07-26 25600]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\drivers\usbuhci.sys [2012-09-20 32256]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\windows\system32\drivers\VerifierExt.sys [2012-07-26 106224]
S3 vhdmp;vhdmp; C:\windows\System32\drivers\vhdmp.sys [2013-03-02 495336]
S3 VMBusHID;VMBusHID; C:\windows\System32\drivers\VMBusHID.sys [2012-07-26 22144]
S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\windows\System32\drivers\vpci.sys [2012-07-26 67824]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\windows\System32\drivers\vwifibus.sys [2012-07-26 24064]
S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\windows\System32\drivers\wacompen.sys [2012-07-26 27008]
S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]
S3 WIMMount;WIMMount; C:\windows\system32\drivers\wimmount.sys [2012-07-26 33520]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2012-07-26 57344]
S3 WmiAcpi;@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI; C:\windows\System32\drivers\wmiacpi.sys [2012-07-26 17408]
S4 cdfs;CD/DVD File System Reader; C:\windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544]
S4 udfs;udfs; C:\windows\system32\DRIVERS\udfs.sys [2013-08-14 321536]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-01-22 89864]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-01-22 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-01-22 294664]
R2 DcomLaunch;@combase.dll,-5012; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 EventSystem;@comres.dll,-2450; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 ExpressCache;ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-03-30 79664]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-08-15 85504]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2012-07-26 891240]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-09-12 390672]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 RpcSs;@combase.dll,-5010; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\windows\system32\lsass.exe [2012-09-20 35840]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\windows\System32\spoolsv.exe [2012-07-26 769024]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-19 321536]
R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2013-07-02 16048]
R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2012-09-20 1314816]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 KeyIso;@keyiso.dll,-100; C:\windows\system32\lsass.exe [2012-09-20 35840]
R3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 gpsvc;@gpapi.dll,-112; C:\windows\system32\svchost.exe [2012-09-20 29696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\windows\system32\sppsvc.exe [2013-09-11 4917760]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10 257416]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\windows\System32\alg.exe [2012-07-26 94208]
S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 COMSysApp;@comres.dll,-947; C:\windows\system32\dllhost.exe [2012-07-26 10752]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\windows\System32\lsass.exe [2012-09-20 35840]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\windows\system32\fxssvc.exe [2012-07-26 669696]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08 116648]
S3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 KtmRm;@comres.dll,-2946; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-18 118680]
S3 MSDTC;@comres.dll,-2797; C:\windows\System32\msdtc.exe [2012-07-26 144384]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\windows\system32\msiexec.exe [2012-07-26 124416]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\windows\SysWow64\perfhost.exe [2012-07-26 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\windows\system32\locator.exe [2012-07-26 9728]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\windows\servicing\TrustedInstaller.exe [2013-06-11 98304]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\windows\system32\UI0Detect.exe [2012-07-26 40960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\windows\system32\lsass.exe [2012-09-20 35840]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\windows\System32\vds.exe [2013-07-13 680960]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\windows\system32\vssvc.exe [2013-06-11 1483776]
S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\windows\system32\wbengine.exe [2012-07-26 1616896]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\windows\system32\wbem\WmiApSrv.exe [2012-07-26 198144]
S4 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\windows\system32\lsass.exe [2012-09-20 35840]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 RemoteRegistry;@regsvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\windows\System32\snmptrap.exe [2012-07-26 14848]

-----------------EOF-----------------

#5 Příspěvek od **Rudy** » 24 zář 2013 21:42

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

JiriHrabcuk · #6 Příspěvek od **JiriHrabcuk** » 24 zář 2013 22:18

ComboFix 13-09-24.02 - Jiri . 09. 2013 23:06:50.1.8 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8132.5476 [GMT 2:00]
Spuštěný z: c:\users\Jiri\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jiri\AppData\Local\assembly\tmp
c:\users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Jiri\AppData\Local\Microsoft\Windows\Temporary Internet Files\www.leawo.com_favicon.ico
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-24 do 2013-09-24 )))))))))))))))))))))))))))))))
.
.
2013-09-24 21:10 . 2013-09-24 21:12 -------- d-----w- c:\users\Jiri\AppData\Local\temp
2013-09-24 21:10 . 2013-09-24 21:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-24 19:55 . 2013-09-24 19:55 -------- d-----w- c:\program files\trend micro
2013-09-24 19:54 . 2013-09-24 19:55 -------- d-----w- C:\rsit
2013-09-24 12:59 . 2013-09-24 12:59 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6FA58C17-7A73-4FF3-A952-7D08C10BEEC9}\offreg.dll
2013-09-24 12:44 . 2013-09-24 12:45 -------- d-----w- C:\$SysReset
2013-09-24 10:09 . 2006-09-26 11:57 28672 ----a-w- c:\windows\SysWow64\AVEQT.dll
2013-09-24 10:09 . 2004-12-20 14:19 129024 ----a-w- c:\windows\SysWow64\AVERM.dll
2013-09-24 10:09 . 2013-09-24 10:18 -------- d-----w- c:\program files (x86)\Allok MP3 to AMR Converter
2013-09-24 03:21 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6FA58C17-7A73-4FF3-A952-7D08C10BEEC9}\mpengine.dll
2013-09-24 03:06 . 2013-09-24 03:06 234010 ----a-w- c:\windows\SysWow64\poclbm130302GeForce GTX 660gv1w256l4.bin
2013-09-19 17:53 . 2013-09-19 17:53 -------- d-----r- C:\Leawo_Video_Cache
2013-09-16 15:15 . 2009-09-27 07:39 369152 --sh--w- c:\windows\SysWow64\avisynth.dll
2013-09-16 15:15 . 2005-07-14 10:31 32256 --sh--w- c:\windows\SysWow64\AVSredirect.dll
2013-09-16 15:06 . 2004-07-02 15:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2013-09-16 15:05 . 2013-09-16 15:05 -------- d-----w- c:\users\Jiri\AppData\Local\SwvUpdater
2013-09-15 23:09 . 2013-09-15 23:09 -------- d-----w- c:\users\Jiri\AppData\Roaming\Digiarty
2013-09-15 23:08 . 2013-09-16 08:53 -------- d-----w- c:\program files (x86)\Digiarty
2013-09-15 22:07 . 2009-06-07 14:25 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2013-09-15 22:07 . 2009-06-07 14:16 819200 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-09-15 22:07 . 2009-06-07 14:24 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-09-15 22:06 . 2013-09-15 22:06 35365 ----a-w- c:\windows\SysWow64\uninstHelixYUV.exe
2013-09-15 21:57 . 2013-09-16 13:32 -------- d-----w- c:\programdata\StaxRip
2013-09-12 11:30 . 2013-09-24 18:06 -------- d-----w- c:\program files (x86)\MeGUI_2356_x86
2013-09-12 11:15 . 2013-09-10 22:34 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-12 11:15 . 2013-09-10 22:34 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 07:51 . 2013-09-12 07:51 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-11 17:15 . 2013-09-24 03:41 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-09-10 22:34 . 2013-09-10 22:34 99328 ----a-w- c:\windows\system32\wudriver.dll
2013-09-10 22:33 . 2013-09-10 22:33 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-09-10 19:10 . 2013-09-19 17:53 -------- d-----w- c:\users\Jiri\AppData\Roaming\Leawo
2013-09-10 19:10 . 2013-09-16 15:59 -------- d-----w- c:\users\Jiri\AppData\Roaming\tiger-k
2013-09-10 19:09 . 2012-01-10 08:18 66944 ----a-w- c:\windows\SysWow64\thdudf.sys
2013-09-10 19:09 . 2012-01-10 08:18 66944 ----a-w- c:\windows\SysWow64\drivers\thdudf.sys
2013-09-10 19:09 . 2013-09-10 19:09 -------- d-----w- c:\program files (x86)\Leawo
2013-09-08 20:16 . 2013-09-08 20:16 -------- d-----w- c:\users\Jiri\AppData\Roaming\HellShare Upload Manager
2013-09-08 20:15 . 2013-09-08 20:15 -------- d-----w- c:\program files (x86)\HellShare Upload Manager
2013-09-06 07:21 . 2013-09-24 20:45 -------- d-----w- c:\users\Jiri\AppData\Roaming\VideoReDo-TVSuite4
2013-09-04 12:51 . 2013-09-04 12:58 -------- d-----w- c:\programdata\Logs
2013-09-03 13:18 . 2013-09-03 13:18 -------- d-----w- c:\users\Jiri\AppData\Roaming\Publish Providers
2013-09-03 13:15 . 2013-09-03 13:44 -------- d-----w- c:\users\Jiri\AppData\Local\Sony
2013-09-03 13:15 . 2013-09-03 13:33 -------- d-----w- c:\users\Jiri\AppData\Roaming\Sony
2013-08-31 07:14 . 2013-05-22 16:49 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-08-30 20:47 . 2013-05-22 16:49 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-08-28 13:27 . 2010-03-20 09:27 2966016 ----a-w- c:\windows\system32\avisynth.dll
2013-08-28 13:27 . 2009-04-29 18:25 2300928 ----a-w- c:\windows\system32\DevIL.dll
2013-08-27 17:02 . 2013-08-27 17:02 -------- d-----w- c:\users\Jiri\AppData\Roaming\dcunningham.net
2013-08-27 17:02 . 2013-08-27 17:02 -------- d-----w- c:\users\Jiri\AppData\Local\dcunningham.net
2013-08-26 18:13 . 2013-08-26 18:13 -------- d-----w- c:\users\Jiri\AppData\Local\IsolatedStorage
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 18:13 . 2013-02-28 14:45 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-10 22:32 . 2012-07-26 07:24 2207232 ----a-w- c:\windows\SysWow64\PrintConfig.dll
2013-08-14 18:10 . 2013-08-14 18:10 96512 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-08-14 18:10 . 2013-08-14 18:10 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-08-14 18:10 . 2013-08-14 18:10 778752 ----a-w- c:\windows\system32\oleaut32.dll
2013-08-14 18:10 . 2013-08-14 18:10 77312 ----a-w- c:\windows\system32\openfiles.exe
2013-08-14 18:10 . 2013-08-14 18:10 74240 ----a-w- c:\windows\system32\wcmcsp.dll
2013-08-14 18:10 . 2013-08-14 18:10 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-08-14 18:10 . 2013-08-14 18:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-08-14 18:10 . 2013-08-14 18:10 67072 ----a-w- c:\windows\SysWow64\openfiles.exe
2013-08-14 18:10 . 2013-08-14 18:10 551424 ----a-w- c:\windows\SysWow64\oleaut32.dll
2013-08-14 18:10 . 2013-08-14 18:10 543744 ----a-w- c:\windows\system32\wwanmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 447488 ----a-w- c:\windows\system32\wwansvc.dll
2013-08-14 18:10 . 2013-08-14 18:10 439488 ----a-w- c:\windows\system32\WerFault.exe
2013-08-14 18:10 . 2013-08-14 18:10 414208 ----a-w- c:\windows\system32\wwanconn.dll
2013-08-14 18:10 . 2013-08-14 18:10 391168 ----a-w- c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-08-14 18:10 . 2013-08-14 18:10 385768 ----a-w- c:\windows\SysWow64\WerFault.exe
2013-08-14 18:10 . 2013-08-14 18:10 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 370688 ----a-w- c:\windows\system32\Wwanadvui.dll
2013-08-14 18:10 . 2013-08-14 18:10 327512 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2013-08-14 18:10 . 2013-08-14 18:10 321536 ----a-w- c:\windows\system32\drivers\udfs.sys
2013-08-14 18:10 . 2013-08-14 18:10 312832 ----a-w- c:\windows\system32\LocationApi.dll
2013-08-14 18:10 . 2013-08-14 18:10 2839552 ----a-w- c:\windows\system32\msftedit.dll
2013-08-14 18:10 . 2013-08-14 18:10 268800 ----a-w- c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-08-14 18:10 . 2013-08-14 18:10 263680 ----a-w- c:\windows\system32\wcmsvc.dll
2013-08-14 18:10 . 2013-08-14 18:10 245760 ----a-w- c:\windows\SysWow64\LocationApi.dll
2013-08-14 18:10 . 2013-08-14 18:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 230912 ----a-w- c:\windows\system32\WinSCard.dll
2013-08-14 18:10 . 2013-08-14 18:10 183808 ----a-w- c:\windows\system32\winmmbase.dll
2013-08-14 18:10 . 2013-08-14 18:10 160256 ----a-w- c:\windows\SysWow64\winmmbase.dll
2013-08-14 18:10 . 2013-08-14 18:10 154112 ----a-w- c:\windows\SysWow64\WinSCard.dll
2013-08-14 18:10 . 2013-08-14 18:10 1300480 ----a-w- c:\windows\system32\gdi32.dll
2013-08-14 18:10 . 2013-08-14 18:10 125440 ----a-w- c:\windows\SysWow64\winmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 120144 ----a-w- c:\windows\system32\drivers\msgpioclx.sys
2013-08-14 18:10 . 2013-08-14 18:10 115712 ----a-w- c:\windows\system32\winmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 1156096 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 1025024 ----a-w- c:\windows\system32\localspl.dll
2013-08-14 18:10 . 2013-08-14 18:10 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-08-14 18:10 . 2013-08-14 18:10 341504 ----a-w- c:\windows\system32\drivers\HdAudio.sys
2013-08-14 18:10 . 2013-08-14 18:10 195416 ----a-w- c:\windows\system32\drivers\sdbus.sys
2013-08-14 18:10 . 2013-08-14 18:10 125784 ----a-w- c:\windows\system32\drivers\dumpsd.sys
2013-08-14 18:10 . 2013-08-14 18:10 119040 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2013-07-16 03:02 . 2013-08-16 05:43 941720 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2105621A-709F-4653-A87A-25A51EBFDF48}\gapaengine.dll
2013-07-13 06:18 . 2013-08-14 05:13 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-14 05:13 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-13 06:16 . 2013-08-14 05:13 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-07-13 06:15 . 2013-08-14 05:13 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-07-13 06:15 . 2013-08-14 05:13 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-07-13 04:24 . 2013-08-14 05:13 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-14 05:13 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-14 05:13 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-14 05:13 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-07-12 22:24 . 2013-07-12 22:24 850944 ----a-w- c:\windows\SysWow64\mfasfsrcsnk.dll
2013-07-12 22:24 . 2013-07-12 22:24 80896 ----a-w- c:\windows\system32\MbaeParserTask.exe
2013-07-12 22:24 . 2013-07-12 22:24 785408 ----a-w- c:\windows\system32\audiosrv.dll
2013-07-12 22:24 . 2013-07-12 22:24 729600 ----a-w- c:\windows\system32\samsrv.dll
2013-07-12 22:24 . 2013-07-12 22:24 6987008 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-12 22:24 . 2013-07-12 22:24 680960 ----a-w- c:\windows\system32\vds.exe
2013-07-12 22:24 . 2013-07-12 22:24 67584 ----a-w- c:\windows\SysWow64\samlib.dll
2013-07-12 22:24 . 2013-07-12 22:24 583168 ----a-w- c:\windows\system32\mscms.dll
2013-07-12 22:24 . 2013-07-12 22:24 523264 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-12 22:24 . 2013-07-12 22:24 493056 ----a-w- c:\windows\SysWow64\mscms.dll
2013-07-12 22:24 . 2013-07-12 22:24 37632 ----a-w- c:\windows\system32\drivers\BthAvrcpTg.sys
2013-07-12 22:24 . 2013-07-12 22:24 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-12 22:24 . 2013-07-12 22:24 337152 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS
2013-07-12 22:24 . 2013-07-12 22:24 327936 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-07-12 22:24 . 2013-07-12 22:24 2391280 ----a-w- c:\windows\explorer.exe
2013-07-12 22:24 . 2013-07-12 22:24 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 213248 ----a-w- c:\windows\system32\drivers\UCX01000.SYS
2013-07-12 22:24 . 2013-07-12 22:24 2106176 ----a-w- c:\windows\SysWow64\explorer.exe
2013-07-12 22:24 . 2013-07-12 22:24 207872 ----a-w- c:\windows\system32\DeviceSetupManager.dll
2013-07-12 22:24 . 2013-07-12 22:24 190976 ----a-w- c:\windows\system32\vdsutil.dll
2013-07-12 22:24 . 2013-07-12 22:24 1842176 ----a-w- c:\windows\SysWow64\dwmcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1527808 ----a-w- c:\windows\system32\mfcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1453568 ----a-w- c:\windows\SysWow64\mfcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1403296 ----a-w- c:\windows\system32\winload.efi
2013-07-12 22:24 . 2013-07-12 22:24 1271584 ----a-w- c:\windows\system32\winload.exe
2013-07-12 22:24 . 2013-07-12 22:24 1217352 ----a-w- c:\windows\system32\winresume.efi
2013-07-12 22:24 . 2013-07-12 22:24 1093904 ----a-w- c:\windows\system32\winresume.exe
2013-07-12 22:24 . 2013-07-12 22:24 106496 ----a-w- c:\windows\system32\samlib.dll
2013-07-12 22:24 . 2013-07-12 22:24 1048576 ----a-w- c:\windows\system32\mfasfsrcsnk.dll
2013-07-02 00:44 . 2013-08-14 05:13 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-14 05:13 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys
2013-03-13 07:03 . 2013-03-13 07:03 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
2009-09-27 07:39 369152 --sh--w- c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-02 491120]
"PowerDVD12DMREngine"="c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2013-01-22 505096]
"PowerDVD12Agent"="c:\program files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2013-01-22 373784]
"msloeghSrv"="c:\windows\inf\msloegh.vbe" [2013-08-27 1558]
"msdksfbSrv"="c:\windows\inf\msdksfb.vbe" [2013-08-27 1558]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R1 aswSnx;aswSnx; [x]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\DRIVERS\thdudf.sys;c:\windows\SYSNATIVE\DRIVERS\thdudf.sys [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 aswVmm;aswVmm; [x]
R3 athur;Qualcomm Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuw8x.sys;c:\windows\SYSNATIVE\DRIVERS\athuw8x.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 aswSP;aswSP; [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/03/18 13:11];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-19 20:51 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 17:04]
.
2013-09-24 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Jiri\AppData\Local\SwvUpdater\Updater.exe [2013-09-16 15:04]
.
2013-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08 14:31]
.
2013-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08 14:31]
.
2013-09-24 c:\windows\Tasks\HPCeeScheduleForJiri.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-09-19 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-19 1425408]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.downha.com/vb/members/downha1398/
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
mStart Page = hxxp://www.bing.com?pc=HPDTDFJS
IE: E&xportovat do aplikace Microsoft Excel
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.144.128.1 82.144.129.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\
FF - prefs.js: browser.search.selectedEngine - UloĹľ.to
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-09-11 19:49; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-avast - c:\program files\AVAST Software\Avast\avastUI.exe
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE06.00.00.01PRO"="72084BFD9781F899628E264E0A6B325CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407BA7FD869164D6794FEBC9E127BECC74CFEBC9E127BECC74C7DCCBEDEB1B248EE6612A378C9604D4024532F9FD252E68F404ACCD182330598E7C0FC5DFEFD8D478375B8BDAC7C3C0DC4CD5BD21022A3F4DACFA067C5B52813A4F739837CCAA1430159E08F12877634288C93CD2A3D5DC114EF489A6C541DA47CB942FEBC02E16C6257EB9C945129CC289F4A5B64F935BC3ECEF4F1830B915EDBDEAC35B265AF3FCB1FF045347F85E1C42AB578E5004A9CD2269F27FAA8BA4655D450BDB9876E2F8970C79CD00BC172A0E251563950C68EEC40822BA7CDD0D41D9BC9620ED0892208230E6C33411771029659DACEB9D1314BFE9C9EC1738DF58BCAF924D1FC6AF1592224B1054143C5D4A2511FF9E31D19D355315965E3318B9E8983B58A1B036CB3EAB01BD28108C9277B7E7072C759CE0ECCC763933E00EAF5164E002090C85370109C0F12C92BCD2C286B5152B2BDCD25812BFD3073C15CD641891DE113345D8DB693A4173775943B43E67699C78685E822E91B844D419D2A71215C80AEBF342D1B882A1DBA37554FFD02492D7BEEDACDF3D860BBE34F5F7E9ECC4391C46FF5150AAE1E42183E39061A9268D1983CA5EB508EA867273FC681D703860E0945B5AF660136096AE2E1A46E34A435BC3532FE22E4827A5AE6EC8B3C7F9453014AF70A25BB5AD79B7E610FE7C403E459A3BF666A7BB04F93A4DE9201438A238A8DB6D753DFA7786E6D3DD205663ED5335683A5BC37A821BC569CB57113BD22559B606C8C336E1AF613F21CD8FC43DEE61FA4E6C1BC978F16E01DB36A75B4DB648DD7C284BE34509E5470410A36B23A5FD5BF73B579D8A0B1AA4873DB37AA3B8EF772F901CFAE8EA01A18B6D4FDE389DFD4E3BCE91A01BBF6207A7DCBE9109282FA7952DC764D311052C11888865F4FFC7A95D54194D52EA0B0867ED3DF08183DB42CB20689AFF64FEF38240847E172A22A4D77B39ED2273DCFAFC62031E96314CA3C25FDA0A9809867BA3E4A79DDBE8C49F67DCF3225BB2E75AF4BF33B42742EE54F565C1A4456F732FB6CDB9BF8E24EC372663391AF642C1D3326A21D4FAA0733FE184A163DE04F4F23D9DA6F8C73CB0713D7933C09FCC1475C92163C05CAEF62DA62077A82EFD13ECAD57A7B27E7BE07A21939FCFBC6CC763FF24C400B808AA8E3CDE4F0BAB58A0703530389871A373A5B957F5B876601B2E4CAD5943D58503E901848E43D4854324EE84FA8A5CA959AEDDD57A9DC62E3874B45D8E92A430CE0CA23AE0918225F4DA252CD2A2B1D0F27FDA546F8E3A8510562AC8C3495965E50EF7523D10AA1B2696DEC832473182EE125C562A0360A783E10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\windows\inf\msnnqdos\msnnqdos.exe
c:\windows\inf\msbkppwt\msbkppwt.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-09-24 23:14:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-24 21:14
.
Před spuštěním: 455 580 913 664 bytes free
Po spuštění: 457 049 149 440 bytes free
.
- - End Of File - - 5FBCFC7940D2473E74B0C77D42DE7072

JiriHrabcuk · #7 Příspěvek od **JiriHrabcuk** » 25 zář 2013 18:38

Po ukončení ComboFixu se zdálo, že je vše OK. Po restartu PC se vyše uvedené závady opakují.

#8 Příspěvek od **Rudy** » 25 zář 2013 19:23

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
C:\Leawo_Video_Cache
c:\users\Jiri\AppData\Roaming\Leawo

Collect::
c:\users\Jiri\AppData\Roaming\dcunningham.net
c:\users\Jiri\AppData\Local\dcunningham.net

File::
c:\windows\Tasks\AmiUpdXp.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

Firefox::
FF - ProfilePath - c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\
FF - prefs.js: browser.search.selectedEngine - UloĹľ.to
FF - ExtSQL: 2013-09-11 19:49; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

Regnull::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spuatí a vykoná příjkazy ze skriptu.

Obrázek

JiriHrabcuk · #9 Příspěvek od **JiriHrabcuk** » 25 zář 2013 19:39

ComboFix 13-09-24.02 - Jiri . 09. 2013 20:33:24.5.8 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8132.5516 [GMT 2:00]
Spuštěný z: c:\users\Jiri\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jiri\Desktop\CFScript.txt..txt
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\AmiUpdXp.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Leawo_Video_Cache
c:\users\Jiri\AppData\Roaming\Leawo
c:\users\Jiri\AppData\Roaming\Leawo\Total Media Converter Ultimate\pro.xml
c:\users\Jiri\AppData\Roaming\Leawo\Total Media Converter Ultimate\run.log
c:\users\Jiri\AppData\Roaming\Leawo\Total Media Converter Ultimate\TMCS_Video
c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
c:\windows\Tasks\AmiUpdXp.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-25 do 2013-09-25 )))))))))))))))))))))))))))))))
.
.
2013-09-25 18:35 . 2013-09-25 18:36 -------- d-----w- c:\users\Jiri\AppData\Local\temp
2013-09-25 18:35 . 2013-09-25 18:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-25 18:20 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26FE4C5E-809A-4727-8AED-97F0114E898E}\mpengine.dll
2013-09-25 13:18 . 2013-09-25 13:18 -------- d-----w- c:\program files (x86)\Belarc
2013-09-24 19:55 . 2013-09-24 19:55 -------- d-----w- c:\program files\trend micro
2013-09-24 19:54 . 2013-09-24 19:55 -------- d-----w- C:\rsit
2013-09-24 12:44 . 2013-09-24 12:45 -------- d-----w- C:\$SysReset
2013-09-24 10:09 . 2006-09-26 11:57 28672 ----a-w- c:\windows\SysWow64\AVEQT.dll
2013-09-24 10:09 . 2004-12-20 14:19 129024 ----a-w- c:\windows\SysWow64\AVERM.dll
2013-09-24 10:09 . 2013-09-24 10:18 -------- d-----w- c:\program files (x86)\Allok MP3 to AMR Converter
2013-09-24 03:06 . 2013-09-24 03:06 234010 ----a-w- c:\windows\SysWow64\poclbm130302GeForce GTX 660gv1w256l4.bin
2013-09-16 15:15 . 2009-09-27 07:39 369152 --sh--w- c:\windows\SysWow64\avisynth.dll
2013-09-16 15:15 . 2005-07-14 10:31 32256 --sh--w- c:\windows\SysWow64\AVSredirect.dll
2013-09-16 15:06 . 2004-07-02 15:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2013-09-16 15:05 . 2013-09-16 15:05 -------- d-----w- c:\users\Jiri\AppData\Local\SwvUpdater
2013-09-15 23:09 . 2013-09-15 23:09 -------- d-----w- c:\users\Jiri\AppData\Roaming\Digiarty
2013-09-15 23:08 . 2013-09-16 08:53 -------- d-----w- c:\program files (x86)\Digiarty
2013-09-15 22:07 . 2009-06-07 14:25 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2013-09-15 22:07 . 2009-06-07 14:16 819200 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-09-15 22:07 . 2009-06-07 14:24 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-09-15 22:06 . 2013-09-15 22:06 35365 ----a-w- c:\windows\SysWow64\uninstHelixYUV.exe
2013-09-15 21:57 . 2013-09-16 13:32 -------- d-----w- c:\programdata\StaxRip
2013-09-12 11:30 . 2013-09-25 07:41 -------- d-----w- c:\program files (x86)\MeGUI_2356_x86
2013-09-12 11:15 . 2013-09-18 23:26 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-12 11:15 . 2013-09-18 23:26 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 07:51 . 2013-09-12 07:51 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-11 17:15 . 2013-09-24 03:41 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-09-10 22:34 . 2013-09-10 22:34 99328 ----a-w- c:\windows\system32\wudriver.dll
2013-09-10 22:33 . 2013-09-10 22:33 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-09-10 19:10 . 2013-09-16 15:59 -------- d-----w- c:\users\Jiri\AppData\Roaming\tiger-k
2013-09-10 19:09 . 2012-01-10 08:18 66944 ----a-w- c:\windows\SysWow64\thdudf.sys
2013-09-10 19:09 . 2012-01-10 08:18 66944 ----a-w- c:\windows\SysWow64\drivers\thdudf.sys
2013-09-10 19:09 . 2013-09-10 19:09 -------- d-----w- c:\program files (x86)\Leawo
2013-09-08 20:16 . 2013-09-08 20:16 -------- d-----w- c:\users\Jiri\AppData\Roaming\HellShare Upload Manager
2013-09-08 20:15 . 2013-09-08 20:15 -------- d-----w- c:\program files (x86)\HellShare Upload Manager
2013-09-06 07:21 . 2013-09-25 15:27 -------- d-----w- c:\users\Jiri\AppData\Roaming\VideoReDo-TVSuite4
2013-09-04 12:51 . 2013-09-04 12:58 -------- d-----w- c:\programdata\Logs
2013-09-03 13:18 . 2013-09-03 13:18 -------- d-----w- c:\users\Jiri\AppData\Roaming\Publish Providers
2013-09-03 13:15 . 2013-09-03 13:44 -------- d-----w- c:\users\Jiri\AppData\Local\Sony
2013-09-03 13:15 . 2013-09-03 13:33 -------- d-----w- c:\users\Jiri\AppData\Roaming\Sony
2013-08-28 13:27 . 2010-03-20 09:27 2966016 ----a-w- c:\windows\system32\avisynth.dll
2013-08-28 13:27 . 2009-04-29 18:25 2300928 ----a-w- c:\windows\system32\DevIL.dll
2013-08-27 17:02 . 2013-08-27 17:02 -------- d-----w- c:\users\Jiri\AppData\Roaming\dcunningham.net
2013-08-27 17:02 . 2013-08-27 17:02 -------- d-----w- c:\users\Jiri\AppData\Local\dcunningham.net
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 18:13 . 2013-02-28 14:45 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-10 22:32 . 2012-07-26 07:24 2207232 ----a-w- c:\windows\SysWow64\PrintConfig.dll
2013-08-14 18:10 . 2013-08-14 18:10 96512 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-08-14 18:10 . 2013-08-14 18:10 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-08-14 18:10 . 2013-08-14 18:10 778752 ----a-w- c:\windows\system32\oleaut32.dll
2013-08-14 18:10 . 2013-08-14 18:10 77312 ----a-w- c:\windows\system32\openfiles.exe
2013-08-14 18:10 . 2013-08-14 18:10 74240 ----a-w- c:\windows\system32\wcmcsp.dll
2013-08-14 18:10 . 2013-08-14 18:10 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-08-14 18:10 . 2013-08-14 18:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-08-14 18:10 . 2013-08-14 18:10 67072 ----a-w- c:\windows\SysWow64\openfiles.exe
2013-08-14 18:10 . 2013-08-14 18:10 551424 ----a-w- c:\windows\SysWow64\oleaut32.dll
2013-08-14 18:10 . 2013-08-14 18:10 543744 ----a-w- c:\windows\system32\wwanmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 447488 ----a-w- c:\windows\system32\wwansvc.dll
2013-08-14 18:10 . 2013-08-14 18:10 439488 ----a-w- c:\windows\system32\WerFault.exe
2013-08-14 18:10 . 2013-08-14 18:10 414208 ----a-w- c:\windows\system32\wwanconn.dll
2013-08-14 18:10 . 2013-08-14 18:10 391168 ----a-w- c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-08-14 18:10 . 2013-08-14 18:10 385768 ----a-w- c:\windows\SysWow64\WerFault.exe
2013-08-14 18:10 . 2013-08-14 18:10 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 370688 ----a-w- c:\windows\system32\Wwanadvui.dll
2013-08-14 18:10 . 2013-08-14 18:10 327512 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2013-08-14 18:10 . 2013-08-14 18:10 321536 ----a-w- c:\windows\system32\drivers\udfs.sys
2013-08-14 18:10 . 2013-08-14 18:10 312832 ----a-w- c:\windows\system32\LocationApi.dll
2013-08-14 18:10 . 2013-08-14 18:10 2839552 ----a-w- c:\windows\system32\msftedit.dll
2013-08-14 18:10 . 2013-08-14 18:10 268800 ----a-w- c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-08-14 18:10 . 2013-08-14 18:10 263680 ----a-w- c:\windows\system32\wcmsvc.dll
2013-08-14 18:10 . 2013-08-14 18:10 245760 ----a-w- c:\windows\SysWow64\LocationApi.dll
2013-08-14 18:10 . 2013-08-14 18:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 230912 ----a-w- c:\windows\system32\WinSCard.dll
2013-08-14 18:10 . 2013-08-14 18:10 183808 ----a-w- c:\windows\system32\winmmbase.dll
2013-08-14 18:10 . 2013-08-14 18:10 160256 ----a-w- c:\windows\SysWow64\winmmbase.dll
2013-08-14 18:10 . 2013-08-14 18:10 154112 ----a-w- c:\windows\SysWow64\WinSCard.dll
2013-08-14 18:10 . 2013-08-14 18:10 1300480 ----a-w- c:\windows\system32\gdi32.dll
2013-08-14 18:10 . 2013-08-14 18:10 125440 ----a-w- c:\windows\SysWow64\winmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 120144 ----a-w- c:\windows\system32\drivers\msgpioclx.sys
2013-08-14 18:10 . 2013-08-14 18:10 115712 ----a-w- c:\windows\system32\winmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 1156096 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 1025024 ----a-w- c:\windows\system32\localspl.dll
2013-08-14 18:10 . 2013-08-14 18:10 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-08-14 18:10 . 2013-08-14 18:10 341504 ----a-w- c:\windows\system32\drivers\HdAudio.sys
2013-08-14 18:10 . 2013-08-14 18:10 195416 ----a-w- c:\windows\system32\drivers\sdbus.sys
2013-08-14 18:10 . 2013-08-14 18:10 125784 ----a-w- c:\windows\system32\drivers\dumpsd.sys
2013-08-14 18:10 . 2013-08-14 18:10 119040 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2013-07-16 03:02 . 2013-08-16 05:43 941720 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2105621A-709F-4653-A87A-25A51EBFDF48}\gapaengine.dll
2013-07-13 06:18 . 2013-08-14 05:13 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-14 05:13 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-13 06:16 . 2013-08-14 05:13 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-07-13 06:15 . 2013-08-14 05:13 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-07-13 06:15 . 2013-08-14 05:13 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-07-13 04:24 . 2013-08-14 05:13 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-14 05:13 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-14 05:13 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-14 05:13 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-07-12 22:24 . 2013-07-12 22:24 850944 ----a-w- c:\windows\SysWow64\mfasfsrcsnk.dll
2013-07-12 22:24 . 2013-07-12 22:24 80896 ----a-w- c:\windows\system32\MbaeParserTask.exe
2013-07-12 22:24 . 2013-07-12 22:24 785408 ----a-w- c:\windows\system32\audiosrv.dll
2013-07-12 22:24 . 2013-07-12 22:24 729600 ----a-w- c:\windows\system32\samsrv.dll
2013-07-12 22:24 . 2013-07-12 22:24 6987008 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-12 22:24 . 2013-07-12 22:24 680960 ----a-w- c:\windows\system32\vds.exe
2013-07-12 22:24 . 2013-07-12 22:24 67584 ----a-w- c:\windows\SysWow64\samlib.dll
2013-07-12 22:24 . 2013-07-12 22:24 583168 ----a-w- c:\windows\system32\mscms.dll
2013-07-12 22:24 . 2013-07-12 22:24 523264 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-12 22:24 . 2013-07-12 22:24 493056 ----a-w- c:\windows\SysWow64\mscms.dll
2013-07-12 22:24 . 2013-07-12 22:24 37632 ----a-w- c:\windows\system32\drivers\BthAvrcpTg.sys
2013-07-12 22:24 . 2013-07-12 22:24 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-12 22:24 . 2013-07-12 22:24 337152 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS
2013-07-12 22:24 . 2013-07-12 22:24 327936 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-07-12 22:24 . 2013-07-12 22:24 2391280 ----a-w- c:\windows\explorer.exe
2013-07-12 22:24 . 2013-07-12 22:24 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 213248 ----a-w- c:\windows\system32\drivers\UCX01000.SYS
2013-07-12 22:24 . 2013-07-12 22:24 2106176 ----a-w- c:\windows\SysWow64\explorer.exe
2013-07-12 22:24 . 2013-07-12 22:24 207872 ----a-w- c:\windows\system32\DeviceSetupManager.dll
2013-07-12 22:24 . 2013-07-12 22:24 190976 ----a-w- c:\windows\system32\vdsutil.dll
2013-07-12 22:24 . 2013-07-12 22:24 1842176 ----a-w- c:\windows\SysWow64\dwmcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1527808 ----a-w- c:\windows\system32\mfcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1453568 ----a-w- c:\windows\SysWow64\mfcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1403296 ----a-w- c:\windows\system32\winload.efi
2013-07-12 22:24 . 2013-07-12 22:24 1271584 ----a-w- c:\windows\system32\winload.exe
2013-07-12 22:24 . 2013-07-12 22:24 1217352 ----a-w- c:\windows\system32\winresume.efi
2013-07-12 22:24 . 2013-07-12 22:24 1093904 ----a-w- c:\windows\system32\winresume.exe
2013-07-12 22:24 . 2013-07-12 22:24 106496 ----a-w- c:\windows\system32\samlib.dll
2013-07-12 22:24 . 2013-07-12 22:24 1048576 ----a-w- c:\windows\system32\mfasfsrcsnk.dll
2013-07-02 00:44 . 2013-08-14 05:13 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-14 05:13 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys
2013-03-13 07:03 . 2013-03-13 07:03 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
2009-09-27 07:39 369152 --sh--w- c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-02 491120]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [BU]
"PowerDVD12DMREngine"="c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2013-01-22 505096]
"PowerDVD12Agent"="c:\program files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2013-01-22 373784]
"msloeghSrv"="c:\windows\inf\msloegh.vbe" [2013-08-27 1558]
"msdksfbSrv"="c:\windows\inf\msdksfb.vbe" [2013-08-27 1558]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R1 aswSnx;aswSnx; [x]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\DRIVERS\thdudf.sys;c:\windows\SYSNATIVE\DRIVERS\thdudf.sys [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 aswVmm;aswVmm; [x]
R3 athur;Qualcomm Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuw8x.sys;c:\windows\SYSNATIVE\DRIVERS\athuw8x.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSP;aswSP; [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/03/18 13:11];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-19 20:51 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 17:04]
.
2013-09-25 c:\windows\Tasks\HPCeeScheduleForJiri.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-09-19 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-19 1425408]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.downha.com/vb/members/downha1398/
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
mStart Page = hxxp://www.bing.com?pc=HPDTDFJS
IE: E&xportovat do aplikace Microsoft Excel
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.144.128.1 82.144.129.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-09-11 19:49; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE06.00.00.01PRO"="72084BFD9781F899628E264E0A6B325CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407BA7FD869164D6794FEBC9E127BECC74CFEBC9E127BECC74C7DCCBEDEB1B248EE6612A378C9604D4024532F9FD252E68F404ACCD182330598E7C0FC5DFEFD8D478375B8BDAC7C3C0DC4CD5BD21022A3F4DACFA067C5B52813A4F739837CCAA1430159E08F12877634288C93CD2A3D5DC114EF489A6C541DA47CB942FEBC02E16C6257EB9C945129CC289F4A5B64F935BC3ECEF4F1830B915EDBDEAC35B265AF3FCB1FF045347F85E1C42AB578E5004A9CD2269F27FAA8BA4655D450BDB9876E2F8970C79CD00BC172A0E251563950C68EEC40822BA7CDD0D41D9BC9620ED0892208230E6C33411771029659DACEB9D1314BFE9C9EC1738DF58BCAF924D1FC6AF1592224B1054143C5D4A2511FF9E31D19D355315965E3318B9E8983B58A1B036CB3EAB01BD28108C9277B7E7072C759CE0ECCC763933E00EAF5164E002090C85370109C0F12C92BCD2C286B5152B2BDCD25812BFD3073C15CD641891DE113345D8DB693A4173775943B43E67699C78685E822E91B844D419D2A71215C80AEBF342D1B882A1DBA37554FFD02492D7BEEDACDF3D860BBE34F5F7E9ECC4391C46FF5150AAE1E42183E39061A9268D1983CA5EB508EA867273FC681D703860E0945B5AF660136096AE2E1A46E34A435BC3532FE22E4827A5AE6EC8B3C7F9453014AF70A25BB5AD79B7E610FE7C403E459A3BF666A7BB04F93A4DE9201438A238A8DB6D753DFA7786E6D3DD205663ED5335683A5BC37A821BC569CB57113BD22559B606C8C336E1AF613F21CD8FC43DEE61FA4E6C1BC978F16E01DB36A75B4DB648DD7C284BE34509E5470410A36B23A5FD5BF73B579D8A0B1AA4873DB37AA3B8EF772F901CFAE8EA01A18B6D4FDE389DFD4E3BCE91A01BBF6207A7DCBE9109282FA7952DC764D311052C11888865F4FFC7A95D54194D52EA0B0867ED3DF08183DB42CB20689AFF64FEF38240847E172A22A4D77B39ED2273DCFAFC62031E96314CA3C25FDA0A9809867BA3E4A79DDBE8C49F67DCF3225BB2E75AF4BF33B42742EE54F565C1A4456F732FB6CDB9BF8E24EC372663391AF642C1D3326A21D4FAA0733FE184A163DE04F4F23D9DA6F8C73CB0713D7933C09FCC1475C92163C05CAEF62DA62077A82EFD13ECAD57A7B27E7BE07A21939FCFBC6CC763FF24C400B808AA8E3CDE4F0BAB58A0703530389871A373A5B957F5B876601B2E4CAD5943D58503E901848E43D4854324EE84FA8A5CA959AEDDD57A9DC62E3874B45D8E92A430CE0CA23AE0918225F4DA252CD2A2B1D0F27FDA546F8E3A8510562AC8C3495965E50EF7523D10AA1B2696DEC832473182EE125C562A0360A783E10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\inf\msnnqdos\msnnqdos.exe
c:\windows\inf\msbkppwt\msbkppwt.exe
.
**************************************************************************
.
Celkový čas: 2013-09-25 20:37:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-25 18:37
ComboFix2.txt 2013-09-25 17:28
ComboFix3.txt 2013-09-25 14:39
ComboFix4.txt 2013-09-25 12:58
ComboFix5.txt 2013-09-25 18:32
.
Před spuštěním: 455 628 406 784 bytes free
Po spuštění: 455 706 124 288 bytes free
.
- - End Of File - - FD5AF76D3573D8DBC8208C3CC80261BF

#10 Příspěvek od **Rudy** » 25 zář 2013 19:52

Log je již OK. Nastala nějaká změna?

JiriHrabcuk · #11 Příspěvek od **JiriHrabcuk** » 25 zář 2013 20:01

Bohužel, jeto pořád stejné.

#12 Příspěvek od **Rudy** » 25 zář 2013 21:02

Který proces vám nejvíce zatěžuje systém?

JiriHrabcuk · #13 Příspěvek od **JiriHrabcuk** » 25 zář 2013 21:29

msdksfb.vbe ................C:\Windows\Inf

msloegh.vbe ................C:\Windows\Inf

Zkusil sem ve Správci úloh (Po spuštění) zakázat tyto dva soubory.Nevím sice na co jsou, ale teď už je CPU v normálu
a PC jde vypnout na poprvé. Nějaká rada, coje to za soubory a jsou li neškodné ?

#14 Příspěvek od **Rudy** » 25 zář 2013 21:49

OK. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

JiriHrabcuk · #15 Příspěvek od **JiriHrabcuk** » 25 zář 2013 21:58

ComboFix 13-09-24.02 - Jiri . 09. 2013 22:51:45.7.8 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8132.5570 [GMT 2:00]
Spuštěný z: c:\users\Jiri\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-25 do 2013-09-25 )))))))))))))))))))))))))))))))
.
.
2013-09-25 20:54 . 2013-09-25 20:54 -------- d-----w- c:\users\Jiri\AppData\Local\temp
2013-09-25 20:54 . 2013-09-25 20:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-25 18:20 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26FE4C5E-809A-4727-8AED-97F0114E898E}\mpengine.dll
2013-09-25 13:18 . 2013-09-25 13:18 -------- d-----w- c:\program files (x86)\Belarc
2013-09-24 19:55 . 2013-09-24 19:55 -------- d-----w- c:\program files\trend micro
2013-09-24 19:54 . 2013-09-24 19:55 -------- d-----w- C:\rsit
2013-09-24 12:44 . 2013-09-24 12:45 -------- d-----w- C:\$SysReset
2013-09-24 10:09 . 2006-09-26 11:57 28672 ----a-w- c:\windows\SysWow64\AVEQT.dll
2013-09-24 10:09 . 2004-12-20 14:19 129024 ----a-w- c:\windows\SysWow64\AVERM.dll
2013-09-24 10:09 . 2013-09-24 10:18 -------- d-----w- c:\program files (x86)\Allok MP3 to AMR Converter
2013-09-24 03:06 . 2013-09-24 03:06 234010 ----a-w- c:\windows\SysWow64\poclbm130302GeForce GTX 660gv1w256l4.bin
2013-09-16 15:15 . 2009-09-27 07:39 369152 --sh--w- c:\windows\SysWow64\avisynth.dll
2013-09-16 15:15 . 2005-07-14 10:31 32256 --sh--w- c:\windows\SysWow64\AVSredirect.dll
2013-09-16 15:06 . 2004-07-02 15:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2013-09-16 15:05 . 2013-09-16 15:05 -------- d-----w- c:\users\Jiri\AppData\Local\SwvUpdater
2013-09-15 23:09 . 2013-09-15 23:09 -------- d-----w- c:\users\Jiri\AppData\Roaming\Digiarty
2013-09-15 23:08 . 2013-09-16 08:53 -------- d-----w- c:\program files (x86)\Digiarty
2013-09-15 22:07 . 2009-06-07 14:25 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2013-09-15 22:07 . 2009-06-07 14:16 819200 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-09-15 22:07 . 2009-06-07 14:24 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-09-15 22:06 . 2013-09-15 22:06 35365 ----a-w- c:\windows\SysWow64\uninstHelixYUV.exe
2013-09-15 21:57 . 2013-09-16 13:32 -------- d-----w- c:\programdata\StaxRip
2013-09-12 11:30 . 2013-09-25 07:41 -------- d-----w- c:\program files (x86)\MeGUI_2356_x86
2013-09-12 11:15 . 2013-09-18 23:26 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-12 11:15 . 2013-09-18 23:26 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 07:51 . 2013-09-12 07:51 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-11 17:15 . 2013-09-24 03:41 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-09-10 22:34 . 2013-09-10 22:34 99328 ----a-w- c:\windows\system32\wudriver.dll
2013-09-10 22:33 . 2013-09-10 22:33 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-09-10 19:10 . 2013-09-16 15:59 -------- d-----w- c:\users\Jiri\AppData\Roaming\tiger-k
2013-09-10 19:09 . 2012-01-10 08:18 66944 ----a-w- c:\windows\SysWow64\thdudf.sys
2013-09-10 19:09 . 2012-01-10 08:18 66944 ----a-w- c:\windows\SysWow64\drivers\thdudf.sys
2013-09-10 19:09 . 2013-09-10 19:09 -------- d-----w- c:\program files (x86)\Leawo
2013-09-08 20:16 . 2013-09-08 20:16 -------- d-----w- c:\users\Jiri\AppData\Roaming\HellShare Upload Manager
2013-09-08 20:15 . 2013-09-08 20:15 -------- d-----w- c:\program files (x86)\HellShare Upload Manager
2013-09-06 07:21 . 2013-09-25 15:27 -------- d-----w- c:\users\Jiri\AppData\Roaming\VideoReDo-TVSuite4
2013-09-04 12:51 . 2013-09-04 12:58 -------- d-----w- c:\programdata\Logs
2013-09-03 13:18 . 2013-09-03 13:18 -------- d-----w- c:\users\Jiri\AppData\Roaming\Publish Providers
2013-09-03 13:15 . 2013-09-03 13:44 -------- d-----w- c:\users\Jiri\AppData\Local\Sony
2013-09-03 13:15 . 2013-09-03 13:33 -------- d-----w- c:\users\Jiri\AppData\Roaming\Sony
2013-08-28 13:27 . 2010-03-20 09:27 2966016 ----a-w- c:\windows\system32\avisynth.dll
2013-08-28 13:27 . 2009-04-29 18:25 2300928 ----a-w- c:\windows\system32\DevIL.dll
2013-08-27 17:02 . 2013-08-27 17:02 -------- d-----w- c:\users\Jiri\AppData\Roaming\dcunningham.net
2013-08-27 17:02 . 2013-08-27 17:02 -------- d-----w- c:\users\Jiri\AppData\Local\dcunningham.net
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 18:13 . 2013-02-28 14:45 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-10 22:32 . 2012-07-26 07:24 2207232 ----a-w- c:\windows\SysWow64\PrintConfig.dll
2013-08-14 18:10 . 2013-08-14 18:10 96512 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-08-14 18:10 . 2013-08-14 18:10 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-08-14 18:10 . 2013-08-14 18:10 778752 ----a-w- c:\windows\system32\oleaut32.dll
2013-08-14 18:10 . 2013-08-14 18:10 77312 ----a-w- c:\windows\system32\openfiles.exe
2013-08-14 18:10 . 2013-08-14 18:10 74240 ----a-w- c:\windows\system32\wcmcsp.dll
2013-08-14 18:10 . 2013-08-14 18:10 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-08-14 18:10 . 2013-08-14 18:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-08-14 18:10 . 2013-08-14 18:10 67072 ----a-w- c:\windows\SysWow64\openfiles.exe
2013-08-14 18:10 . 2013-08-14 18:10 551424 ----a-w- c:\windows\SysWow64\oleaut32.dll
2013-08-14 18:10 . 2013-08-14 18:10 543744 ----a-w- c:\windows\system32\wwanmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 447488 ----a-w- c:\windows\system32\wwansvc.dll
2013-08-14 18:10 . 2013-08-14 18:10 439488 ----a-w- c:\windows\system32\WerFault.exe
2013-08-14 18:10 . 2013-08-14 18:10 414208 ----a-w- c:\windows\system32\wwanconn.dll
2013-08-14 18:10 . 2013-08-14 18:10 391168 ----a-w- c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-08-14 18:10 . 2013-08-14 18:10 385768 ----a-w- c:\windows\SysWow64\WerFault.exe
2013-08-14 18:10 . 2013-08-14 18:10 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 370688 ----a-w- c:\windows\system32\Wwanadvui.dll
2013-08-14 18:10 . 2013-08-14 18:10 327512 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2013-08-14 18:10 . 2013-08-14 18:10 321536 ----a-w- c:\windows\system32\drivers\udfs.sys
2013-08-14 18:10 . 2013-08-14 18:10 312832 ----a-w- c:\windows\system32\LocationApi.dll
2013-08-14 18:10 . 2013-08-14 18:10 2839552 ----a-w- c:\windows\system32\msftedit.dll
2013-08-14 18:10 . 2013-08-14 18:10 268800 ----a-w- c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-08-14 18:10 . 2013-08-14 18:10 263680 ----a-w- c:\windows\system32\wcmsvc.dll
2013-08-14 18:10 . 2013-08-14 18:10 245760 ----a-w- c:\windows\SysWow64\LocationApi.dll
2013-08-14 18:10 . 2013-08-14 18:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 230912 ----a-w- c:\windows\system32\WinSCard.dll
2013-08-14 18:10 . 2013-08-14 18:10 183808 ----a-w- c:\windows\system32\winmmbase.dll
2013-08-14 18:10 . 2013-08-14 18:10 160256 ----a-w- c:\windows\SysWow64\winmmbase.dll
2013-08-14 18:10 . 2013-08-14 18:10 154112 ----a-w- c:\windows\SysWow64\WinSCard.dll
2013-08-14 18:10 . 2013-08-14 18:10 1300480 ----a-w- c:\windows\system32\gdi32.dll
2013-08-14 18:10 . 2013-08-14 18:10 125440 ----a-w- c:\windows\SysWow64\winmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 120144 ----a-w- c:\windows\system32\drivers\msgpioclx.sys
2013-08-14 18:10 . 2013-08-14 18:10 115712 ----a-w- c:\windows\system32\winmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 1156096 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 1025024 ----a-w- c:\windows\system32\localspl.dll
2013-08-14 18:10 . 2013-08-14 18:10 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-08-14 18:10 . 2013-08-14 18:10 341504 ----a-w- c:\windows\system32\drivers\HdAudio.sys
2013-08-14 18:10 . 2013-08-14 18:10 195416 ----a-w- c:\windows\system32\drivers\sdbus.sys
2013-08-14 18:10 . 2013-08-14 18:10 125784 ----a-w- c:\windows\system32\drivers\dumpsd.sys
2013-08-14 18:10 . 2013-08-14 18:10 119040 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2013-07-16 03:02 . 2013-08-16 05:43 941720 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2105621A-709F-4653-A87A-25A51EBFDF48}\gapaengine.dll
2013-07-13 06:18 . 2013-08-14 05:13 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-14 05:13 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-13 06:16 . 2013-08-14 05:13 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-07-13 06:15 . 2013-08-14 05:13 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-07-13 06:15 . 2013-08-14 05:13 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-07-13 04:24 . 2013-08-14 05:13 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-14 05:13 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-14 05:13 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-14 05:13 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-07-12 22:24 . 2013-07-12 22:24 850944 ----a-w- c:\windows\SysWow64\mfasfsrcsnk.dll
2013-07-12 22:24 . 2013-07-12 22:24 80896 ----a-w- c:\windows\system32\MbaeParserTask.exe
2013-07-12 22:24 . 2013-07-12 22:24 785408 ----a-w- c:\windows\system32\audiosrv.dll
2013-07-12 22:24 . 2013-07-12 22:24 729600 ----a-w- c:\windows\system32\samsrv.dll
2013-07-12 22:24 . 2013-07-12 22:24 6987008 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-12 22:24 . 2013-07-12 22:24 680960 ----a-w- c:\windows\system32\vds.exe
2013-07-12 22:24 . 2013-07-12 22:24 67584 ----a-w- c:\windows\SysWow64\samlib.dll
2013-07-12 22:24 . 2013-07-12 22:24 583168 ----a-w- c:\windows\system32\mscms.dll
2013-07-12 22:24 . 2013-07-12 22:24 523264 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-12 22:24 . 2013-07-12 22:24 493056 ----a-w- c:\windows\SysWow64\mscms.dll
2013-07-12 22:24 . 2013-07-12 22:24 37632 ----a-w- c:\windows\system32\drivers\BthAvrcpTg.sys
2013-07-12 22:24 . 2013-07-12 22:24 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-12 22:24 . 2013-07-12 22:24 337152 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS
2013-07-12 22:24 . 2013-07-12 22:24 327936 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-07-12 22:24 . 2013-07-12 22:24 2391280 ----a-w- c:\windows\explorer.exe
2013-07-12 22:24 . 2013-07-12 22:24 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 213248 ----a-w- c:\windows\system32\drivers\UCX01000.SYS
2013-07-12 22:24 . 2013-07-12 22:24 2106176 ----a-w- c:\windows\SysWow64\explorer.exe
2013-07-12 22:24 . 2013-07-12 22:24 207872 ----a-w- c:\windows\system32\DeviceSetupManager.dll
2013-07-12 22:24 . 2013-07-12 22:24 190976 ----a-w- c:\windows\system32\vdsutil.dll
2013-07-12 22:24 . 2013-07-12 22:24 1842176 ----a-w- c:\windows\SysWow64\dwmcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1527808 ----a-w- c:\windows\system32\mfcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1453568 ----a-w- c:\windows\SysWow64\mfcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1403296 ----a-w- c:\windows\system32\winload.efi
2013-07-12 22:24 . 2013-07-12 22:24 1271584 ----a-w- c:\windows\system32\winload.exe
2013-07-12 22:24 . 2013-07-12 22:24 1217352 ----a-w- c:\windows\system32\winresume.efi
2013-07-12 22:24 . 2013-07-12 22:24 1093904 ----a-w- c:\windows\system32\winresume.exe
2013-07-12 22:24 . 2013-07-12 22:24 106496 ----a-w- c:\windows\system32\samlib.dll
2013-07-12 22:24 . 2013-07-12 22:24 1048576 ----a-w- c:\windows\system32\mfasfsrcsnk.dll
2013-07-02 00:44 . 2013-08-14 05:13 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-14 05:13 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys
2013-03-13 07:03 . 2013-03-13 07:03 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
2009-09-27 07:39 369152 --sh--w- c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-02 491120]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [BU]
"PowerDVD12DMREngine"="c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2013-01-22 505096]
"PowerDVD12Agent"="c:\program files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2013-01-22 373784]
"msloeghSrv"="c:\windows\inf\msloegh.vbe" [2013-08-27 1558]
"msdksfbSrv"="c:\windows\inf\msdksfb.vbe" [2013-08-27 1558]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R1 aswSnx;aswSnx; [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\DRIVERS\thdudf.sys;c:\windows\SYSNATIVE\DRIVERS\thdudf.sys [x]
R3 aswVmm;aswVmm; [x]
R3 athur;Qualcomm Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuw8x.sys;c:\windows\SYSNATIVE\DRIVERS\athuw8x.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSP;aswSP; [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/03/18 13:11];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-19 20:51 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 17:04]
.
2013-09-25 c:\windows\Tasks\HPCeeScheduleForJiri.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-09-19 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-19 1425408]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.downha.com/vb/members/downha1398/
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
mStart Page = hxxp://www.bing.com?pc=HPDTDFJS
IE: E&xportovat do aplikace Microsoft Excel
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.144.128.1 82.144.129.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-09-25 22:45; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE06.00.00.01PRO"="72084BFD9781F899628E264E0A6B325CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407BA7FD869164D6794FEBC9E127BECC74CFEBC9E127BECC74C7DCCBEDEB1B248EE6612A378C9604D4024532F9FD252E68F404ACCD182330598E7C0FC5DFEFD8D478375B8BDAC7C3C0DC4CD5BD21022A3F4DACFA067C5B52813A4F739837CCAA1430159E08F12877634288C93CD2A3D5DC114EF489A6C541DA47CB942FEBC02E16C6257EB9C945129CC289F4A5B64F935BC3ECEF4F1830B915EDBDEAC35B265AF3FCB1FF045347F85E1C42AB578E5004A9CD2269F27FAA8BA4655D450BDB9876E2F8970C79CD00BC172A0E251563950C68EEC40822BA7CDD0D41D9BC9620ED0892208230E6C33411771029659DACEB9D1314BFE9C9EC1738DF58BCAF924D1FC6AF1592224B1054143C5D4A2511FF9E31D19D355315965E3318B9E8983B58A1B036CB3EAB01BD28108C9277B7E7072C759CE0ECCC763933E00EAF5164E002090C85370109C0F12C92BCD2C286B5152B2BDCD25812BFD3073C15CD641891DE113345D8DB693A4173775943B43E67699C78685E822E91B844D419D2A71215C80AEBF342D1B882A1DBA37554FFD02492D7BEEDACDF3D860BBE34F5F7E9ECC4391C46FF5150AAE1E42183E39061A9268D1983CA5EB508EA867273FC681D703860E0945B5AF660136096AE2E1A46E34A435BC3532FE22E4827A5AE6EC8B3C7F9453014AF70A25BB5AD79B7E610FE7C403E459A3BF666A7BB04F93A4DE9201438A238A8DB6D753DFA7786E6D3DD205663ED5335683A5BC37A821BC569CB57113BD22559B606C8C336E1AF613F21CD8FC43DEE61FA4E6C1BC978F16E01DB36A75B4DB648DD7C284BE34509E5470410A36B23A5FD5BF73B579D8A0B1AA4873DB37AA3B8EF772F901CFAE8EA01A18B6D4FDE389DFD4E3BCE91A01BBF6207A7DCBE9109282FA7952DC764D311052C11888865F4FFC7A95D54194D52EA0B0867ED3DF08183DB42CB20689AFF64FEF38240847E172A22A4D77B39ED2273DCFAFC62031E96314CA3C25FDA0A9809867BA3E4A79DDBE8C49F67DCF3225BB2E75AF4BF33B42742EE54F565C1A4456F732FB6CDB9BF8E24EC372663391AF642C1D3326A21D4FAA0733FE184A163DE04F4F23D9DA6F8C73CB0713D7933C09FCC1475C92163C05CAEF62DA62077A82EFD13ECAD57A7B27E7BE07A21939FCFBC6CC763FF24C400B808AA8E3CDE4F0BAB58A0703530389871A373A5B957F5B876601B2E4CAD5943D58503E901848E43D4854324EE84FA8A5CA959AEDDD57A9DC62E3874B45D8E92A430CE0CA23AE0918225F4DA252CD2A2B1D0F27FDA546F8E3A8510562AC8C3495965E50EF7523D10AA1B2696DEC832473182EE125C562A0360A783E10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-09-25 22:55:19
ComboFix-quarantined-files.txt 2013-09-25 20:55
ComboFix2.txt 2013-09-25 20:01
ComboFix3.txt 2013-09-25 18:37
ComboFix4.txt 2013-09-25 17:28
ComboFix5.txt 2013-09-25 20:51
.
Před spuštěním: 455 863 300 096 bytes free
Po spuštění: 455 797 743 616 bytes free
.
- - End Of File - - 52244338C646B6AADDCDF8D2224C4CD0

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu