Prosím o kontrolu logu

Zpráva

cmejlapat · #1 Příspěvek od **cmejlapat** » 02 dub 2014 13:02

Prosím o kontrolu logu.Stává se mě že nemohu nastartovat občas systém.Až na několikátý pokus.Děkuji za pomoc a ochotu.Zde výpis z RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by PC1 at 2014-04-02 13:57:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 853 GB (89%) free of 954 GB
Total RAM: 8097 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:03, on 2.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe
C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe
C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\PC1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [ioTablet] "C:\Genius\ioTablet\gTabTaskBar.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [TiVme Agent] C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe srec
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Remote Control.lnk = C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe
O4 - Global Startup: Snagit 11.lnk = C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TabletService - Unknown owner - C:\Genius\ioTablet\TabletService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16299 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
/QuitInfo:000000000000060C;0000000000000610; /AddRef;
/QuitInfo:0000000000000668;0000000000000664; /AddRef;
/QuitInfo:0000000000000654;0000000000000670;
/loadhooks /Parent:0000000000000600
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe"
taskeng.exe {34DF0659-22E5-4A72-9CC5-0024A8A55984}
"C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Genius\ioTablet\TabletService.exe
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Genius\ioTablet\gTabletTask.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe" -Init
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a18e90a7-0183-4d66-b09f-3a0ecd4fd4e4 -SystemEventPortName:HostProcess-72ccb7c8-7364-4d0f-aa8a-fb54907b0aa2 -IoCancelEventPortName:HostProcess-93777076-6d60-49cb-a06e-44d6ab3b9606 -NonStateChangingEventPortName:HostProcess-5b7d6936-b628-4264-8d9c-747593881f7c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:75eadef4-759e-4e2c-86df-9cddbd27b988 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe" srec
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Genius\ioTablet\gTabTaskBar.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe"
"C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
C:\Genius\ioTablet\gIoTabletFunMgm
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe"
C:\Windows\splwow64.exe 12288
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe" /X
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C3100 series#1326035356" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"taskhost.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
{D4E01268-F6C2-4772-8DDC-237FFC3BC584}
{EA77AA91-DB6D-4885-98A4-A484D03DF167}
{2B54E2B9-67A8-4B11-8533-207E371998A7}
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe" --IPCport 5939
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {CA3F6FBF-2C20-43D2-A971-313EB8FF358B}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe36_ Global\UsGthrCtrlFltPipeMssGthrPipe36 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\PC1\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\zqjmxnz7.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\zqjmxnz7.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\zqjmxnz7.default\searchplugins\
atlascz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-14 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-14 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-11-20 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll [2013-08-21 643072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-14 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-14 1390368]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-14 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll [2013-08-21 643072]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-14 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-19 11613288]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-21 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-21 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-21 416024]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Nektra OEAPI"= []
"OEXPRESS"= []
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-12-16 1508408]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe [2011-04-18 131584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10 20922016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"ASUS AiChargerPlus Execute"=C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [2010-11-08 465536]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"ioTablet"=C:\Genius\ioTablet\gTabTaskBar.exe [2012-03-23 47104]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-14 3767096]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Remote Control.lnk - C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe
Snagit 11.lnk - C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe

C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"wave4"=wdmaud.drv
"wave5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-31 13:30:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-03-23 12:35:10 ----D---- C:\Windows\Minidump
2014-03-18 23:31:44 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-03-12 20:06:37 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-12 20:06:36 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-12 20:06:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-12 20:06:36 ----A---- C:\Windows\system32\win32k.sys
2014-03-12 20:06:36 ----A---- C:\Windows\system32\wer.dll
2014-03-12 20:06:36 ----A---- C:\Windows\system32\iertutil.dll
2014-03-12 20:06:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-12 20:06:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-12 20:06:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-12 20:06:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-12 20:06:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-03-12 20:06:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 20:06:34 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-12 20:06:34 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-03-12 20:06:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-12 20:06:34 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-12 20:06:34 ----A---- C:\Windows\system32\urlmon.dll
2014-03-12 20:06:34 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-12 20:06:34 ----A---- C:\Windows\system32\iernonce.dll
2014-03-12 20:06:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-03-12 20:06:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-03-12 20:06:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-12 20:06:33 ----A---- C:\Windows\system32\iesetup.dll
2014-03-12 20:06:33 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-12 20:06:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-12 20:06:32 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-12 20:06:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-12 20:06:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-03-12 20:06:32 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-12 20:06:32 ----A---- C:\Windows\system32\ieui.dll
2014-03-12 20:06:32 ----A---- C:\Windows\system32\ieframe.dll
2014-03-12 20:06:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-03-12 20:06:31 ----A---- C:\Windows\system32\wininet.dll
2014-03-12 20:06:31 ----A---- C:\Windows\system32\msrating.dll
2014-03-12 20:06:31 ----A---- C:\Windows\system32\jscript9diag.dll
2014-03-12 20:06:31 ----A---- C:\Windows\system32\jscript9.dll
2014-03-12 20:06:31 ----A---- C:\Windows\system32\ieUnatt.exe
2014-03-12 20:06:31 ----A---- C:\Windows\system32\ieapfltr.dll
2014-03-12 20:06:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 20:06:30 ----A---- C:\Windows\system32\mshtml.dll
2014-03-12 20:04:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-12 20:04:20 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-12 20:04:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-12 20:04:20 ----A---- C:\Windows\system32\qedit.dll
2014-03-04 11:31:05 ----D---- C:\rsit
2014-03-04 11:31:05 ----D---- C:\Program Files\trend micro
2014-03-04 10:39:04 ----A---- C:\Windows\ntbtlog.txt

======List of files/folders modified in the last 1 month======

2014-04-02 13:57:58 ----D---- C:\Windows\Temp
2014-04-02 13:43:03 ----D---- C:\Users\PC1\AppData\Roaming\Skype
2014-04-02 13:42:11 ----D---- C:\Windows\system32\config
2014-04-02 12:03:54 ----SHD---- C:\System Volume Information
2014-04-02 10:22:23 ----D---- C:\Windows\Prefetch
2014-04-02 10:22:10 ----D---- C:\Windows\System32
2014-04-02 10:22:10 ----D---- C:\Windows\inf
2014-04-02 10:22:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-31 13:53:20 ----RD---- C:\Program Files (x86)
2014-03-31 13:53:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-23 13:17:29 ----D---- C:\Windows
2014-03-20 02:26:41 ----D---- C:\Přilohy z mail pošty
2014-03-18 02:06:06 ----D---- C:\Windows\system32\MRT
2014-03-18 02:03:23 ----A---- C:\Windows\system32\MRT.exe
2014-03-13 14:47:58 ----D---- C:\Windows\winsxs
2014-03-13 14:28:57 ----D---- C:\Windows\SysWOW64
2014-03-13 14:28:56 ----D---- C:\Program Files\Internet Explorer
2014-03-13 14:28:56 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 02:00:51 ----SHD---- C:\Windows\Installer
2014-03-13 02:00:51 ----HD---- C:\Config.Msi
2014-03-13 02:00:50 ----D---- C:\ProgramData\Microsoft Help
2014-03-13 01:59:08 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 01:59:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 20:04:17 ----D---- C:\Windows\system32\catroot2
2014-03-12 20:04:17 ----D---- C:\Windows\system32\catroot
2014-03-12 14:54:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-03-11 12:13:24 ----RD---- C:\Program Files (x86)\Skype
2014-03-05 15:26:01 ----D---- C:\Users\PC1\AppData\Roaming\Audacity
2014-03-05 14:40:41 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-04 11:31:05 ----RD---- C:\Program Files
2014-03-04 11:28:19 ----D---- C:\Windows\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiChargerPlus;ASUS Charger Plus Driver; C:\Windows\system32\DRIVERS\AiChargerPlus.sys [2010-11-08 14464]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-05 207904]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-08-10 120920]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 21136]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-02 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-14 1038072]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-14 421704]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-14 78648]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-09-14 129000]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-09-14 394216]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-14 80184]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-17 26136]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-23 2565736]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 ioFakDrv;ioVirtual Device; C:\Windows\system32\DRIVERS\ioFakDrv.sys [2010-12-15 23936]
R3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer; C:\Windows\system32\DRIVERS\ioFakMap.sys [2010-12-15 12672]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2007-10-12 50072]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2007-10-12 582680]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S2 CXIR;Conexant Polaris IR Transceiver; C:\Windows\system32\drivers\cxcir64.sys [2011-05-03 44032]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-03-13 51872]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CXPOLARIS;Conexant Polaris Video Capture; C:\Windows\system32\drivers\cxpolar64.sys [2011-05-03 447872]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ioTablet;Tablet Minidriver for ioTablet; C:\Windows\system32\DRIVERS\ioTablet.sys [2012-04-05 35328]
S3 ioTblMap;Mini Mapper for ioCentre; C:\Windows\system32\DRIVERS\ioTblMap.sys [2011-08-25 13200]
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-05-25 966144]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tccp;tccp; C:\Windows\system32\DRIVERS\tccp.sys [2013-04-28 30264]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-14 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-02-19 239680]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2011-05-03 247152]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TabletService;TabletService; C:\Genius\ioTablet\TabletService.exe [2012-02-06 25600]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-11-30 718888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-31 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 02 dub 2014 21:25

Zdravím, v první řadě přes Odebrat programy nebo CCleaner níže odinstaluj Spybot - SD

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Dále se mrkneme hlouběji po šmejdech a pak v rámci možností testnem hardware.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

cmejlapat · #3 Příspěvek od **cmejlapat** » 03 dub 2014 10:30

Zdravím a zde log z Combofix:
ComboFix 14-04-03.01 - PC1 03.04.2014 11:22:27.1.4 - x64
Microsoft Windows 7 Home Premium Service Pack 1 6.1.7601.1.1250.420.1033.18.8097.5599 [GMT 2:00]
Spuštěný z: c:\users\PC1\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\PC1\AppData\Local\assembly\tmp
c:\windows\jestertb.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-03 do 2014-04-03 )))))))))))))))))))))))))))))))
.
.
2014-04-03 09:26 . 2014-04-03 09:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-03 09:23 . 2014-04-03 09:23 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D7EFDA83-DAB0-4C4B-8FC3-83F886FBF170}\offreg.dll
2014-04-02 13:25 . 2014-04-02 13:28 -------- d-----w- C:\AdwCleaner
2014-04-02 13:13 . 2014-04-02 13:15 -------- d-----w- c:\users\PC1\Uložené důležité soubory
2014-04-02 08:22 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D7EFDA83-DAB0-4C4B-8FC3-83F886FBF170}\mpengine.dll
2014-03-18 21:31 . 2014-03-20 00:00 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-03-12 18:04 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-12 18:04 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 18:04 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-12 18:04 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-05 13:38 . 2014-03-05 13:38 -------- d-----w- c:\users\Public\Foxit Software
2014-03-04 09:31 . 2014-04-02 11:57 -------- d-----w- c:\program files\trend micro
2014-03-04 09:31 . 2014-03-04 09:31 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-18 00:03 . 2011-12-08 15:23 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-12 12:54 . 2013-04-10 11:50 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-12 12:54 . 2012-01-08 10:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-14 15:33 . 2014-01-05 21:58 80184 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-02-14 15:33 . 2012-03-09 17:10 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-14 15:33 . 2012-03-09 17:10 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-14 15:33 . 2012-03-09 17:10 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-14 15:33 . 2011-12-09 09:16 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-14 15:33 . 2012-03-09 17:10 43152 ----a-w- c:\windows\avastSS.scr
2014-01-16 00:42 . 2014-01-16 00:42 608032 ----a-w- C:\SecurityScanner.dll
2014-01-05 21:58 . 2013-03-24 00:38 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-12-16 1508408]
"TiVme Agent"="c:\program files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe" [2011-04-18 131584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Print2PDF Print Monitor"="c:\program files (x86)\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
"ioTablet"="c:\genius\ioTablet\gTabTaskBar.exe" [2012-03-23 47104]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-02 3774312]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
.
c:\users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Remote Control.lnk - c:\program files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe [2012-1-13 114688]
Snagit 11.lnk - c:\program files (x86)\TechSmith\Snagit 11\Snagit32.exe [2013-2-21 9479024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CXIR;Conexant Polaris IR Transceiver;c:\windows\system32\drivers\cxcir64.sys;c:\windows\SYSNATIVE\drivers\cxcir64.sys [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 CXPOLARIS;Conexant Polaris Video Capture;c:\windows\system32\drivers\cxpolar64.sys;c:\windows\SYSNATIVE\drivers\cxpolar64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ioTablet;Tablet Minidriver for ioTablet;c:\windows\system32\DRIVERS\ioTablet.sys;c:\windows\SYSNATIVE\DRIVERS\ioTablet.sys [x]
R3 ioTblMap;Mini Mapper for ioCentre;c:\windows\system32\DRIVERS\ioTblMap.sys;c:\windows\SYSNATIVE\DRIVERS\ioTblMap.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 tccp;tccp;c:\windows\system32\DRIVERS\tccp.sys;c:\windows\SYSNATIVE\DRIVERS\tccp.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ioFakDrv;ioVirtual Device;c:\windows\system32\DRIVERS\ioFakDrv.sys;c:\windows\SYSNATIVE\DRIVERS\ioFakDrv.sys [x]
S3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer;c:\windows\system32\DRIVERS\ioFakMap.sys;c:\windows\SYSNATIVE\DRIVERS\ioFakMap.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 23:56 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-10 12:54]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 16:04]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 16:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-14 15:33 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
TCP: DhcpNameServer = 94.142.233.120 94.142.233.140
FF - ProfilePath - c:\users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\zqjmxnz7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - ExtSQL: !HIDDEN! 2012-01-08 15:30; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Nektra OEAPI - (no file)
Wow6432Node-HKCU-Run-OEXPRESS - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-PhotoFiltre Studio X - c:\program files (x86)\PhotoFiltre Studio X\Uninst.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-04-03 11:28:22
ComboFix-quarantined-files.txt 2014-04-03 09:28
.
Před spuštěním: Volných bajtů: 893 493 202 944
Po spuštění: Volných bajtů: 893 317 234 688
.
- - End Of File - - B8F3A61C1B388CA2944BAE959CC7902D

#4 Příspěvek od **Roli** » 03 dub 2014 16:39

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::  
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Stáhni HD Tune a otestuj HDD.

Benchmark - Test disku Klikni na tlačítko Start a vyčkej dokud se nezaplní celý graf. Poté se dozvíš přenosovou rychlost a přístupový čas pevného disku.

Info Přesná kapacita, souborový systém, podporované funkce, verze firmware, sériové číslo a typ zapojení disků.

Health - Kondice Seznam důležitých parametrů a jejich hodnoty. Ideální je mít všude OK.

Když je nějaká položka žlutá pravděpodobně brzy změní status na failed. Když je červená má status failed, to by znamenalo výměnu disku.

Error Scan - Hledání chyb Klikni na tlačítko Start a program prozkoumá disk zda na něm nejsou vadné bloky.

Pokud na konci testu jsou všechny zelené, je vše v pořádku. Když je byť jeden z nich červený, doporučuji zazálohovat data a počítat s výměnou disku.

Teplota Teploměr nahoře a číslo vedle něj znázorňují teplotu disku. Normální hodnota je pod 50°C. Teplota ale nesmí přesáhnout 60°C, program upozorní když dosáhne hranice 55°C.

Stáhni MEMTEST

soubor rozbal a spusť exe soubor.

Připoj flashdisk pozor vše co na něm je bude smazáno !,

v okénku Select your USB Flash Drive vyber tento disk a dej Create.

Během chvilky se Memtest nainstaluje.

Flashdisk nech v USB, restartuj PC a nabootuj z něj.

Před tím samozřemě musíš v Bios Setup do kterého se dostaneš při restartu mačkáním klávesy :

* DEL
* F2
* F1
* F10

záleží na PC, ale vždy je to na monitoru napsáno,

otevři nabídku ADVANCED BIOS FEATURES a vyhledej Boot Devices 0 až 4 nebo Boot Sequence.

Na první místo nastav Flashdisk,

na druhé pevný disk HDD, u obou položek bývá napsán i výrobce.

Stisknutím Save většinou je to F10 a potvrzením Entrem uložíš nastavení,

pak ještě stisknutím Save and Exit se dostaneš z Biosu.

Test nech projet minimálně jednou, ideálně však několikrát třeba přes noc a s každým RAM modulem zvlášť.

Pak dej vědět jak vše to dopadlo.

cmejlapat · #5 Příspěvek od **cmejlapat** » 04 dub 2014 13:18

Zde log z Combofix a ostatní provedu po něm.

ComboFix 14-04-03.01 - PC1 04.04.2014 14:13:15.2.4 - x64
Microsoft Windows 7 Home Premium Service Pack 1 6.1.7601.1.1250.420.1033.18.8097.5632 [GMT 2:00]
Spuštěný z: c:\users\PC1\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC1\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-04 do 2014-04-04 )))))))))))))))))))))))))))))))
.
.
2014-04-04 12:17 . 2014-04-04 12:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-04 11:59 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4D8D9F5-2251-4C2F-AEC4-B49779813FE7}\mpengine.dll
2014-04-03 09:28 . 2014-04-03 09:28 -------- d-----w- c:\users\ovladače soft\AppData
2014-04-02 13:25 . 2014-04-02 13:28 -------- d-----w- C:\AdwCleaner
2014-04-02 13:13 . 2014-04-02 13:15 -------- d-----w- c:\users\PC1\Uložené důležité soubory
2014-03-18 21:31 . 2014-03-20 00:00 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-03-12 18:04 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-12 18:04 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-12 18:04 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-12 18:04 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-05 13:38 . 2014-03-05 13:38 -------- d-----w- c:\users\Public\Foxit Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-18 00:03 . 2011-12-08 15:23 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-12 12:54 . 2013-04-10 11:50 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-12 12:54 . 2012-01-08 10:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-14 15:33 . 2014-01-05 21:58 80184 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-02-14 15:33 . 2012-03-09 17:10 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-14 15:33 . 2012-03-09 17:10 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-14 15:33 . 2012-03-09 17:10 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-14 15:33 . 2011-12-09 09:16 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-14 15:33 . 2012-03-09 17:10 43152 ----a-w- c:\windows\avastSS.scr
2014-01-16 00:42 . 2014-01-16 00:42 608032 ----a-w- C:\SecurityScanner.dll
2014-01-05 21:58 . 2013-03-24 00:38 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-12-16 1508408]
"TiVme Agent"="c:\program files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe" [2011-04-18 131584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Print2PDF Print Monitor"="c:\program files (x86)\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
"ioTablet"="c:\genius\ioTablet\gTabTaskBar.exe" [2012-03-23 47104]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-02 3774312]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
.
c:\users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Remote Control.lnk - c:\program files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe [2012-1-13 114688]
Snagit 11.lnk - c:\program files (x86)\TechSmith\Snagit 11\Snagit32.exe [2013-2-21 9479024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CXIR;Conexant Polaris IR Transceiver;c:\windows\system32\drivers\cxcir64.sys;c:\windows\SYSNATIVE\drivers\cxcir64.sys [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 CXPOLARIS;Conexant Polaris Video Capture;c:\windows\system32\drivers\cxpolar64.sys;c:\windows\SYSNATIVE\drivers\cxpolar64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ioTablet;Tablet Minidriver for ioTablet;c:\windows\system32\DRIVERS\ioTablet.sys;c:\windows\SYSNATIVE\DRIVERS\ioTablet.sys [x]
R3 ioTblMap;Mini Mapper for ioCentre;c:\windows\system32\DRIVERS\ioTblMap.sys;c:\windows\SYSNATIVE\DRIVERS\ioTblMap.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 tccp;tccp;c:\windows\system32\DRIVERS\tccp.sys;c:\windows\SYSNATIVE\DRIVERS\tccp.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ioFakDrv;ioVirtual Device;c:\windows\system32\DRIVERS\ioFakDrv.sys;c:\windows\SYSNATIVE\DRIVERS\ioFakDrv.sys [x]
S3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer;c:\windows\system32\DRIVERS\ioFakMap.sys;c:\windows\SYSNATIVE\DRIVERS\ioFakMap.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 23:56 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-10 12:54]
.
2014-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 16:04]
.
2014-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-08 16:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-14 15:33 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\users\PC1\Downloads\PC-Translator-2012--(6.1.2012)-Cz\TRANSLAT12\WebIE.dll
TCP: DhcpNameServer = 94.142.233.120 94.142.233.140
FF - ProfilePath - c:\users\PC1\AppData\Roaming\Mozilla\Firefox\Profiles\zqjmxnz7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - ExtSQL: !HIDDEN! 2012-01-08 15:30; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Celkový čas: 2014-04-04 14:18:36
ComboFix-quarantined-files.txt 2014-04-04 12:18
ComboFix2.txt 2014-04-03 09:28
.
Před spuštěním: Volných bajtů: 897 079 181 312
Po spuštění: Volných bajtů: 896 618 143 744
.
- - End Of File - - 6792BF4126A6F1ADC8477FE4E1B8E4C6

cmejlapat · #6 Příspěvek od **cmejlapat** » 04 dub 2014 16:43

HD Tune jsme udělali.Jen v položce health se po Benchmarku nic neobjevilo a je tam prázná stránka. A v error scan bylo vše zelené tedy ok.Teď ještě uděláme ten Memtest.

cmejlapat · #7 Příspěvek od **cmejlapat** » 04 dub 2014 20:57

Ten memtest jsem spustil ale po otevření nemohl nalézt písmeno K pod kterým je Flash disk.Stáhnul jsem novější verzi memtestu a tak už jednotku viděl.Ale bylo tam mnoho funkcí a voleb tak trochu zmatek.Tak jsem vypálil img soubor na cd a pokusím se nabootovat z cd.Doufejme.Ozvu se a děkuji.

#8 Příspěvek od **Roli** » 04 dub 2014 21:03

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Návod na Memtest z CD

Stáhni MEMTEST

soubor rozbal a obraz (ISO) vypal jako z image CD, nikoliv jako data.

V Bios Setup do kterého se dostaneš při restartu mačkáním klávesy :

* DEL
* F2
* F1
* F10

záleží na PC, ale vždy je to na monitoru napsáno,

otevři nabídku ADVANCED BIOS FEATURES a vyhledej Boot Devices 0 až 4 nebo Boot Sequence.

Na první místo nastav CD-ROM,

na druhé pevný disk HDD, u obou položek bývá napsán i výrobce.

Stisknutím Save většinou je to F10 a potvrzením Entrem uložíš nastavení,

pak ještě stisknutím Save and Exit se dostaneš z Biosu.

Vlož CD z Memetestem do mechaniky a po restartu z něj PC nabootuje.

Test nech projet minimálně jednou, ideálně však několikrát třeba přes noc a s každým RAM modulem zvlášť.

cmejlapat · #9 Příspěvek od **cmejlapat** » 07 dub 2014 16:41

dobrý den.Memtest běžel snad 12 hodin a moc tomu nerozumím.Žádný výběr mě to nedalo a po spuštění to hn ed běželo.Pak to napsalo po 11 hod něco že 100% a snad žádná chyba ale zas to začalo běžet znova a tak jsem dal storno.

#10 Příspěvek od **Roli** » 07 dub 2014 20:41

Ano Memtest jede pořád dokola dokud ho nestopneš.

To tedy znamená, že hardware který jsme mohli takhle na dálku testnout je v pořádku.

Vyskočí nějaká chyba když systém najíždí až na několikátý pokus ?

cmejlapat · #11 Příspěvek od **cmejlapat** » 09 dub 2014 12:51

ne.jen nabíhalo spuštění windows a najednou černá obrazovka.Teď to momentálně startuje bez problémů.Několikrát jsem je spustil a prozatím ok.

#12 Příspěvek od **Roli** » 09 dub 2014 18:49

cmejlapat píše:Teď to momentálně startuje bez problémů.Několikrát jsem je spustil a prozatím ok.

Tak PC ještě nějaký den pozoruj a pak dej vědět.

cmejlapat · #13 Příspěvek od **cmejlapat** » 24 dub 2014 15:54

omlouvám se za pozdní reakci ale chtěl jsem několik dnů pozorovat.Nějaký čas to dalo pokoj, ale dnes opět po startu černá obrazovka,tak jsem restartoval a naběhla nabídka dosu a tak jsem zvolil normální spuštění.V protokolu událostí je výpis: Systém se znovu restartoval, aniž by se předtím zcela vypnul. Tato chyba mohla být způsobena tím, že systém přestal reagovat, selhal nebo že došlo k neočekávané ztrátě napájení..Tak nevím.Možná zkusit teplotu procesoru a zkontrolovat větrák jestli to bios nevypíná z důvodů ochrany pc proti přehřívání.

#14 Příspěvek od **Roli** » 24 dub 2014 18:23

cmejlapat píše:omlouvám se za pozdní reakci ale chtěl jsem několik dnů pozorovat

V pohodě, proto jsem psal abys mu dal nějaký čas.

cmejlapat píše:Možná zkusit teplotu procesoru a zkontrolovat větrák jestli to bios nevypíná z důvodů ochrany pc proti přehřívání.

No můžeš otevřít skříň PC a stlačeným vzduchem odstranit prach ze všech komponent.

Ještě kouknem zda je tam záznam proč to padá.

Použij, WhoCrashed

po spuštění klikni v levo nahoře na Analyze,

aplikace po chvilce ve svém okně níže pod Crash Dump Analysis vytvoří zprávu o příčině pádu, kterou mi sem nakopíruj.

cmejlapat · #15 Příspěvek od **cmejlapat** » 27 dub 2014 15:03

Žádnou zprávu crash nenapsal.viz screenshot obrazovky v příloze.

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu