Kontrola logu kvuli disku

[Thor]

Dobrý den,

chtěl bych Vás poprosit o zkontrolování logu z RSITu z důvodu pochybností ohledně mého disku Nějak se zasekává při psaní zprávy na facebooku. Resp. se mi sekne ten kurzor při psaní. Proto bych to rád zkontroloval.

Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mike at 2014-04-06 23:42:25
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 46 GB (45%) free of 102 GB
Total RAM: 8136 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:42:30, on 6.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Mike\AppData\Local\MEGAsync\MEGAsync.exe
C:\Program Files\The KMPlayer\KMPlayer.exe
C:\Program Files\trend micro\Mike.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: MEGAsync.lnk = Mike\AppData\Local\MEGAsync\MEGAsync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10298 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"taskhost.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
WLIDSvcM.exe 2488
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "66153568688885057510771102251926937204-1324615496-21078296733188934292718659
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#hp psc 1310 series#1392043826" -Startup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
explorer.exe
C:\Users\Mike\AppData\Local\MEGAsync\MEGAsync.exe
"C:\Program Files\The KMPlayer\KMPlayer.exe" "D:\uTorrent\---Serials---\Grimm\Season 1\Grimm.S01E02.720p.BluRay.X264-CLUE.mkv"
taskeng.exe {D7291D06-B427-4D3B-8B82-5D1CF2879917}
"C:\Users\Mike\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-02 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-06 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-02 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-06 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2014-02-08 206176]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2014-02-08 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2014-02-08 5908928]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2014-02-08 789920]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-30 442328]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-21 2712360]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-28 11786344]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-12 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-02 3854640]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
MEGAsync.lnk - C:\Users\Mike\AppData\Local\MEGAsync\MEGAsync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-30 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-06 23:42:25 ----D---- C:\rsit
2014-04-06 23:42:25 ----D---- C:\Program Files\trend micro
2014-04-06 10:33:19 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-04-06 10:33:14 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-04-06 10:33:14 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-04-06 10:33:14 ----A---- C:\Windows\SYSWOW64\java.exe
2014-04-06 10:33:08 ----D---- C:\Program Files (x86)\Java
2014-04-06 09:57:32 ----AD---- C:\ProgramData\TEMP
2014-04-06 09:57:19 ----D---- C:\Program Files (x86)\Optimizer Pro
2014-04-02 15:24:19 ----A---- C:\Windows\avastSS.scr
2014-04-01 19:49:42 ----D---- C:\ProgramData\Steam
2014-03-31 20:25:10 ----D---- C:\Windows\cs
2014-03-31 20:24:58 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-03-31 20:24:45 ----D---- C:\Program Files (x86)\Windows Live
2014-03-29 20:44:58 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2014-03-29 20:44:55 ----D---- C:\Users\Mike\AppData\Roaming\SystemRequirementsLab
2014-03-24 20:13:47 ----D---- C:\Program Files (x86)\LocK-A-FoLdeR
2014-03-22 01:06:42 ----D---- C:\Windows\SYSWOW64\NV
2014-03-22 01:06:42 ----D---- C:\Windows\system32\NV
2014-03-22 01:03:00 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-03-22 01:03:00 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-03-22 01:03:00 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-03-22 01:03:00 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-03-22 01:03:00 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-03-22 01:03:00 ----A---- C:\Windows\system32\nvopencl.dll
2014-03-22 01:03:00 ----A---- C:\Windows\system32\nvoglv64.dll
2014-03-22 01:03:00 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-03-22 01:03:00 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2014-03-22 01:03:00 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-03-22 01:02:59 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-03-22 01:02:59 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-03-22 01:02:59 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-03-22 01:02:59 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-03-22 01:02:59 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-03-22 01:02:59 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-03-22 01:02:59 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\NvIFR64.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\NvFBC64.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\nvdispgenco6433523.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\nvdispco6433523.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\nvcuvid.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\nvcuda.dll
2014-03-22 01:02:59 ----A---- C:\Windows\system32\nvcompiler.dll
2014-03-19 07:11:05 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-03-19 07:11:05 ----A---- C:\Windows\system32\mstscax.dll
2014-03-19 00:29:10 ----D---- C:\ProgramData\Energy Management
2014-03-18 16:53:01 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-18 16:52:57 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-18 16:52:57 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-18 16:52:57 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-03-18 16:52:56 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-03-18 16:52:56 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-03-18 16:52:56 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-03-18 16:52:56 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-03-18 16:52:56 ----A---- C:\Windows\system32\wksprtPS.dll
2014-03-18 16:52:56 ----A---- C:\Windows\system32\wksprt.exe
2014-03-18 16:52:56 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-03-18 16:52:56 ----A---- C:\Windows\system32\tsgqec.dll
2014-03-18 16:52:56 ----A---- C:\Windows\system32\mstsc.exe
2014-03-18 16:52:56 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-03-18 16:52:55 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-03-18 16:52:55 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-03-18 16:46:36 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-03-18 16:46:36 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-03-18 15:49:20 ----D---- C:\Users\Mike\AppData\Roaming\Malwarebytes
2014-03-18 15:49:12 ----D---- C:\ProgramData\Malwarebytes
2014-03-18 15:49:11 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-03-18 15:49:10 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-13 10:38:37 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-13 10:38:36 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-13 10:38:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-13 10:38:36 ----A---- C:\Windows\system32\win32k.sys
2014-03-13 10:38:36 ----A---- C:\Windows\system32\wer.dll
2014-03-13 10:38:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-13 10:38:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-13 10:38:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-13 10:38:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-13 10:38:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-03-13 10:38:35 ----A---- C:\Windows\system32\iertutil.dll
2014-03-13 10:38:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 10:38:34 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-13 10:38:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-13 10:38:33 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-03-13 10:38:33 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-13 10:38:33 ----A---- C:\Windows\system32\urlmon.dll
2014-03-13 10:38:33 ----A---- C:\Windows\system32\iernonce.dll
2014-03-13 10:38:33 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-03-13 10:38:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-13 10:38:32 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-13 10:38:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-13 10:38:31 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-03-13 10:38:31 ----A---- C:\Windows\system32\iesetup.dll
2014-03-13 10:38:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-13 10:38:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-13 10:38:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-13 10:38:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-03-13 10:38:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-13 10:38:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-03-13 10:38:29 ----A---- C:\Windows\system32\ieui.dll
2014-03-13 10:38:29 ----A---- C:\Windows\system32\ieframe.dll
2014-03-13 10:38:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-03-13 10:38:28 ----A---- C:\Windows\system32\jscript9.dll
2014-03-13 10:38:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-03-13 10:38:28 ----A---- C:\Windows\system32\ieapfltr.dll
2014-03-13 10:38:27 ----A---- C:\Windows\system32\wininet.dll
2014-03-13 10:38:27 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 10:38:27 ----A---- C:\Windows\system32\msrating.dll
2014-03-13 10:38:26 ----A---- C:\Windows\system32\mshtml.dll
2014-03-13 10:38:03 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-13 10:38:03 ----A---- C:\Windows\system32\qedit.dll
2014-03-13 10:38:02 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-13 10:38:02 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-13 02:01:20 ----A---- C:\Windows\iun6002.exe
2014-03-13 01:49:36 ----D---- C:\Program Files (x86)\VideoLAN
2014-03-13 01:39:20 ----D---- C:\Program Files (x86)\Uniblue
2014-03-13 01:36:58 ----D---- C:\Program Files (x86)\Windows Media Player
2014-03-11 21:38:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-03-10 03:07:40 ----D---- C:\Users\Mike\AppData\Roaming\Oracle
2014-03-10 03:07:33 ----D---- C:\Windows\Sun
2014-03-10 03:07:27 ----D---- C:\ProgramData\Oracle
2014-03-10 03:07:25 ----D---- C:\ProgramData\Sun
2014-03-10 02:55:42 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-03-10 02:52:12 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-03-10 02:52:12 ----A---- C:\Windows\system32\nvdispgenco6433489.dll
2014-03-10 02:52:12 ----A---- C:\Windows\system32\nvdispco6433489.dll

======List of files/folders modified in the last 1 month======

2014-04-06 23:42:25 ----RD---- C:\Program Files
2014-04-06 23:18:09 ----D---- C:\Program Files\The KMPlayer
2014-04-06 23:17:26 ----D---- C:\Windows\Temp
2014-04-06 22:41:15 ----D---- C:\Users\Mike\AppData\Roaming\Dropbox
2014-04-06 21:30:52 ----D---- C:\Users\Mike\AppData\Roaming\XnView
2014-04-06 19:13:47 ----D---- C:\Windows
2014-04-06 11:52:56 ----HD---- C:\ProgramData
2014-04-06 11:48:32 ----RD---- C:\Users
2014-04-06 11:25:49 ----D---- C:\Windows\system32\config
2014-04-06 11:16:15 ----D---- C:\Windows\System32
2014-04-06 11:16:15 ----D---- C:\Windows\inf
2014-04-06 11:16:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-06 11:13:57 ----A---- C:\Windows\SYSWOW64\log.txt
2014-04-06 11:11:02 ----HD---- C:\Config.Msi
2014-04-06 10:37:36 ----SHD---- C:\Windows\Installer
2014-04-06 10:37:36 ----D---- C:\Windows\SysWOW64
2014-04-06 10:36:48 ----D---- C:\Users\Mike\AppData\Roaming\Skype
2014-04-06 10:34:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-04-06 10:33:22 ----D---- C:\Program Files (x86)\Common Files
2014-04-06 10:33:08 ----RD---- C:\Program Files (x86)
2014-04-06 10:29:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-02 15:24:23 ----D---- C:\Windows\system32\Tasks
2014-04-02 15:24:19 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-01 23:09:56 ----D---- C:\Users\Mike\AppData\Roaming\DAEMON Tools Lite
2014-04-01 01:19:15 ----D---- C:\Users\Mike\AppData\Roaming\uTorrent
2014-04-01 01:19:14 ----D---- C:\Windows\Logs
2014-03-31 20:25:13 ----RSD---- C:\Windows\assembly
2014-03-31 20:25:12 ----D---- C:\Windows\winsxs
2014-03-31 20:24:49 ----SD---- C:\ProgramData\Microsoft
2014-03-29 23:08:16 ----D---- C:\Windows\system32\wdi
2014-03-29 22:59:54 ----D---- C:\Windows\system32\catroot
2014-03-29 20:47:33 ----D---- C:\Windows\system32\drivers
2014-03-29 20:47:31 ----D---- C:\Windows\system32\DriverStore
2014-03-24 00:24:18 ----D---- C:\Windows\system32\drivers\UMDF
2014-03-22 19:35:04 ----D---- C:\Windows\rescache
2014-03-22 01:06:40 ----D---- C:\ProgramData\NVIDIA
2014-03-19 12:05:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-03-19 12:05:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-03-19 12:05:56 ----D---- C:\Windows\system32\en-US
2014-03-19 12:05:56 ----D---- C:\Windows\system32\cs-CZ
2014-03-19 07:02:39 ----D---- C:\Windows\system32\catroot2
2014-03-19 02:30:43 ----D---- C:\Windows\debug
2014-03-19 00:27:06 ----D---- C:\Windows\SYSWOW64\wbem
2014-03-19 00:27:06 ----D---- C:\Windows\system32\wbem
2014-03-19 00:27:06 ----D---- C:\Windows\system32\drivers\en-US
2014-03-18 16:52:46 ----D---- C:\ProgramData\Microsoft Help
2014-03-18 16:52:22 ----D---- C:\Windows\system32\MRT
2014-03-18 16:46:48 ----A---- C:\Windows\system32\MRT.exe
2014-03-13 18:49:21 ----D---- C:\Program Files\Internet Explorer
2014-03-13 18:49:21 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 18:49:16 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 18:49:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 01:42:25 ----D---- C:\Windows\Tasks
2014-03-13 01:36:58 ----D---- C:\Windows\SYSWOW64\migration
2014-03-13 01:36:58 ----D---- C:\Windows\PolicyDefinitions
2014-03-13 01:36:58 ----D---- C:\Program Files\Windows Media Player
2014-03-12 22:16:31 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-03-10 18:42:42 ----D---- C:\Windows\LiveKernelReports
2014-03-10 02:55:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-02 208928]
R0 fbfmon;fbfmon; C:\Windows\system32\drivers\fbfmon.sys [2014-02-08 57952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2014-02-08 39008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-03-04 33736]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-02 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-02 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-02 423240]
R1 BPntDrv;BPntDrv; C:\Windows\system32\drivers\BPntDrv.sys [2014-02-08 13408]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-08 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-02 79184]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2014-02-08 29792]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-02 84816]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-29 2819560]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2010-12-13 174168]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-09 425000]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2013-11-26 11530992]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2011-03-23 8199016]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-21 1413168]
S1 SASDIFSV;SASDIFSV; \??\F:\Computer\Portable Apps\SuperAntiSpyware 5.6.1014\SASDIFSV64.SYS []
S1 SASKUTIL;SASKUTIL; \??\F:\Computer\Portable Apps\SuperAntiSpyware 5.6.1014\SASKUTIL64.SYS []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cleanhlp;cleanhlp; \??\F:\COMPUTER\PORTABLE APPS\EMSISOFT EMERGENCY KIT (EEK) 3.0.0.4\RUN\cleanhlp64.sys []
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-02 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-06 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2014-01-24 1657128]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-08 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Zdravim


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Thor]

DISK INFO

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/04/09 12:10:56

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- MATSHITA DVD-RAM UJ8B1AS
- ST9500420AS

-- Disk List ---------------------------------------------------------------
(1) ST9500420AS : 500,1 GB [0/0/1, pd1] - st

----------------------------------------------------------------------------
(1) ST9500420AS
----------------------------------------------------------------------------
Model : ST9500420AS
Firmware : 0003LVM1
Serial Number : 5VJDEDXT
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/150
Power On Hours : 8767 hod.
Power On Count : 1465 krát
Temparature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 _34 00000D407CB2 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 _99 _99 _20 0000000005B9 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _81 _60 _30 000009FC9D32 Počet chybných hledání
09 _90 _90 __0 E92C0000223F Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 0000000005B9 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _69 _50 _45 00001F15001F Teplota toku vzduchu
BF 100 100 __0 00000000009B Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000001 Počet vypnutí disku
C1 _56 _56 __0 000000015EB5 Počet cyklů načítání/vymazání
C2 _31 _50 __0 000E0000001F Teplota
C3 _47 _43 __0 00000D407CB2 Počet oprav chybného čtení
C4 _91 _91 _30 642F0000212F Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3556 3556 4A44 4544 5854
020: 0000 8000 0004 3030 3033 4D31 4D31 5354 3935 3030
030: 3432 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0502 0502 0002 0048 0048
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 203F 0033
090: 0033 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 4000 4000 0000 5000 C500
110: 3D55 CACD 0000 0000 0000 0000 0000 0000 0000 401E
120: 401E 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0004 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3E00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0002 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 12A5

OTL

Během skenování se mi zobrazilo tohle - http://www.templario.own.cz/ostatni/error.jpg a skenování se zastavilo.

[Márty84]

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

[Thor]

OTL LOG

https://www.dropbox.com/s/rbo25niy1oot5j2/OTL.Txt

www.templario.own.cz/ostatni/OTL.Txt

EXTRA

OTL Extras logfile created on: 9.4.2014 21:03:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mike\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,95 Gb Total Physical Memory | 6,29 Gb Available Physical Memory | 79,18% Memory free
15,89 Gb Paging File | 13,97 Gb Available in Paging File | 87,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,05 Gb Total Space | 42,63 Gb Free Space | 42,60% Space Free | Partition Type: NTFS
Drive D: | 365,17 Gb Total Space | 158,56 Gb Free Space | 43,42% Space Free | Partition Type: NTFS

Computer Name: WOLF | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1822249150-3586501937-2317889320-1000\SOFTWARE\Classes\<extension>]
.html [@ = Max3.Association.HTML] -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C087F0-1B66-4897-95E4-92D574EC48CC}" = rport=445 | protocol=6 | dir=out | app=system |
"{09F0EDCB-2D73-4EFA-A967-D95D90F7D09D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2F103A9A-5FEC-4D28-B123-5D900A904235}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{30779375-35EE-4621-9BBD-A9F8F2F866DE}" = lport=137 | protocol=17 | dir=in | app=system |
"{4172F4D3-FE9E-4F12-8B42-2FD2FBC8E0AB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{42A21D98-0A1D-4765-9945-70296B757A9E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4C342A9B-B743-4A1E-8CB6-126F1196B509}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{57B9F9A6-AD35-40C1-B7CF-BE3EC951CF7F}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{59CD61E0-619A-4798-881A-35E160BB3022}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{61D971C8-8FD0-4622-A84F-299ED707F6A5}" = lport=445 | protocol=6 | dir=in | app=system |
"{6650EF52-4FD8-432B-8F24-539B065965F8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6CC4CD96-B75B-4F2C-91C7-F4FC7C0F3C37}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{723578B6-B53B-49F5-BFA8-D583980C41AB}" = rport=139 | protocol=6 | dir=out | app=system |
"{72A0C510-08CF-4EDA-A338-597343FB72E5}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{816870CB-EE75-4ED3-AB9A-67AFBE8A42C4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B73123C3-D986-494E-851A-7B29407EDBC5}" = rport=137 | protocol=17 | dir=out | app=system |
"{B766B9D3-03BB-49C4-A185-008E674EA8DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B93D0DFF-F6CC-4BEF-946E-20291DC8ED25}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E2A5E13C-2C41-4D48-85C3-659EC374467D}" = rport=138 | protocol=17 | dir=out | app=system |
"{F10F3AD2-3212-47DD-A682-3BA2F0F17BD9}" = lport=138 | protocol=17 | dir=in | app=system |
"{F365F8EB-ECFE-437C-BCC8-CC3B2E03D92E}" = lport=139 | protocol=6 | dir=in | app=system |
"{FD4B4BEA-AEB6-499B-A9AA-E618D00A2576}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001C0072-91F2-49C1-A3ED-C1F124C3D675}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{0B774CC5-9371-4C79-BB3E-D598DE7A50CA}" = protocol=17 | dir=in | app=c:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe |
"{0BB63599-D2B7-4ADB-AA1B-553568AC6FC8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{0E6FDBB1-50AF-401C-AAC9-5B0534F2F2C5}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{128163AD-BE5E-44CF-A3A1-CD268BC8D87B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{2138BCA6-6664-4162-8F27-BCDA333D782E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{2436C0C8-8C60-4A98-97A0-DF1F320AAFDC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{2EBA9864-EE58-498A-945E-19E1BD31549C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{36F481DB-156C-40BE-9F4A-53CFC0B1427B}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{37CFA0BA-B4C6-4497-9C49-27A34DEDAE7F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{3ADD3755-2E0F-402F-AC81-3F3A224E33CD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{475F03E1-67E5-4745-BD61-25DF4EDF1519}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{4BE9EB7C-A705-40B5-B94F-A0E360C42C4C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{4C0AC91B-72F9-4A30-A4B7-3A1036F9D215}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{4CCD3454-D87F-41D1-A0E3-1E87BCC46A78}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{508934F5-EE76-4AD2-AFB6-149321A9DE6D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{51F4E8D5-A010-4F3A-81AB-DF72A5FDC6AB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{6009F5E6-CEAB-44FD-A137-B9806C3D1122}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{68EEA327-4BB4-4E0E-B83F-D0E1DC0CB01C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6EF6B7F2-872D-461B-BAA9-E31559837675}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{773287DE-E645-4597-86A9-DA7FEB5734A4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7800BF1A-6A8A-4F4C-9D35-F6E13A587EAD}" = protocol=6 | dir=in | app=c:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe |
"{7899C7A6-6A1A-4EB2-A2EB-CC9D1FF0FF74}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{794B5ED7-3E04-4CDE-9690-D28263A4BC8A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{7E454C68-BD00-4744-BB49-ED10073D1D83}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{82EC1852-E69A-4B63-AC59-37C0EBD8C930}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{84236CB2-830B-4457-97EE-29445CBBD794}" = protocol=17 | dir=in | app=c:\users\mike\appdata\roaming\utorrent\utorrent.exe |
"{88FD7FA2-1DFC-4F5C-8F15-7741FDEF0E93}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{8CD9856B-2FA3-4231-9592-D1D0F861F28C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{8E0B60E3-9DEF-43B5-903F-821569B00873}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{9292961E-BBB4-40A5-B953-72B1E5A9ECC2}" = protocol=6 | dir=in | app=c:\users\mike\appdata\roaming\utorrent\utorrent.exe |
"{9871DBFD-C7DE-4007-A224-D01308C40689}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{9CC765EA-E098-4A2A-ACF0-D06A169A3595}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{A2A0E473-6436-468E-BEBD-87833F5655DD}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{A5DF9592-B8AE-4197-98E4-5BFE1A257293}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A6734821-8610-4F65-98A7-0877E3D2F511}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BE1085B0-687F-4AFB-9F18-9B3C48DF4FBB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{C9D5690F-13BA-489A-85F8-8E93E372F447}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{DE77B5F8-9A54-44E5-AE49-1C91C498D7B4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{E1593C11-908A-424A-A10C-0C5C96F7AD05}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E678BDE5-6B32-4A20-9BD8-76F7FA235BCC}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{ECFBD70D-11F8-47CF-8391-FA770A369A8D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{F5E6DC4A-5543-4C12-BA87-A46EB7AF415C}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{F9597A35-1372-4CCC-BE2B-9C93D794E8C1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"TCP Query User{284320C8-A37E-4030-BDD0-DE26D97E8348}C:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{56915912-F7B4-4C5A-B181-36A208CC5D05}F:\computer\portable apps\spybot 2.0.12.0\app\spybot\sdupdate.exe" = protocol=6 | dir=in | app=f:\computer\portable apps\spybot 2.0.12.0\app\spybot\sdupdate.exe |
"UDP Query User{47683221-4E86-4228-A09F-3B82BBE7A555}F:\computer\portable apps\spybot 2.0.12.0\app\spybot\sdupdate.exe" = protocol=17 | dir=in | app=f:\computer\portable apps\spybot 2.0.12.0\app\spybot\sdupdate.exe |
"UDP Query User{7E356EA6-3EE7-4B28-A757-B0A400D789D1}C:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\mike\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{177DE549-9107-4370-A840-9FC4AE8BC2BE}" = O&O Defrag Professional
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.2
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}" = SRS Control Panel
"CCleaner" = CCleaner
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4260CAAE-D108-4223-A1C5-96B67062FE86}" = Windows Live Installer
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{59307833-CB98-4440-B644-0CD352F61907}" = Windows Live PIMT Platform
"{5C1D9C2A-B542-4A21-94A4-783C5A4681DF}" = Photo Common
"{5FDED311-B6BA-4FE7-83C1-7D2F10A5AAE0}" = Windows Live Essentials
"{6093CCDD-5CC8-4C0D-A349-8807B58D19EE}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8C22A294-DBBA-445F-B55C-E26817CCFE69}" = Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F66BFDE-B213-48E2-93EF-7151277A2916}" = Windows Live SOXE Definitions
"{94532CD5-C66D-49E3-9131-5FB04D7647A1}" = Windows Live UX Platform
"{983FA94A-A7DD-40B1-B7F9-F45D2B4FD1DE}" = Windows Live Photo Common
"{9A0C0A74-8AC8-4216-8E1F-B9AD2E14C950}" = Movie Maker
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9FFEC6C-9C44-4597-8E23-EDD78BF5D0B2}" = Windows Live Communications Platform
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{B4299C72-D4BF-4F29-A5A6-63294B1C0368}" = Fotogalerie
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C87DF7BB-4F5C-4BBE-B041-A59FFF4A1D07}" = Windows Live SOXE
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DF7DC45D-8A3C-490C-A70F-8C6A6189EDF9}" = Photo Gallery
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Lenovo EasyCamera
"{E121A4FE-009B-385B-BB0D-B934E2A88288}" = Google Talk Plugin
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"LocK-A-FoLdeR" = LocK-A-FoLdeR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Maxthon3" = Maxthon Cloud Browser
"MEGAsync" = MEGAsync 1.0.13
"TeamViewer 9" = TeamViewer 9
"The KMPlayer" = The KMPlayer
"VGhpZWY=_is1" = Thief
"WinLiveSuite" = Windows Live Essentials
"XnView_is1" = XnView 2.13

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1822249150-3586501937-2317889320-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9.4.2014 8:00:08 | Computer Name = Wolf | Source = Windows Search Service | ID = 9000
Description =

Error - 9.4.2014 8:00:08 | Computer Name = Wolf | Source = Windows Search Service | ID = 7040
Description =

Error - 9.4.2014 8:00:08 | Computer Name = Wolf | Source = Windows Search Service | ID = 7042
Description =

Error - 9.4.2014 8:00:08 | Computer Name = Wolf | Source = Windows Search Service | ID = 9002
Description =

Error - 9.4.2014 8:00:08 | Computer Name = Wolf | Source = Windows Search Service | ID = 3029
Description =

Error - 9.4.2014 8:00:10 | Computer Name = Wolf | Source = WinMgmt | ID = 10
Description =

Error - 9.4.2014 8:00:13 | Computer Name = Wolf | Source = Windows Search Service | ID = 3029
Description =

Error - 9.4.2014 8:00:13 | Computer Name = Wolf | Source = Windows Search Service | ID = 3028
Description =

Error - 9.4.2014 8:00:13 | Computer Name = Wolf | Source = Windows Search Service | ID = 3058
Description =

Error - 9.4.2014 8:00:13 | Computer Name = Wolf | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 9.4.2014 8:00:13 | Computer Name = Wolf | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 9.4.2014 8:00:39 | Computer Name = Wolf | Source = DCOM | ID = 10005
Description =

Error - 9.4.2014 8:00:39 | Computer Name = Wolf | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 9.4.2014 8:00:39 | Computer Name = Wolf | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 9.4.2014 8:00:40 | Computer Name = Wolf | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 9.4.2014 8:00:40 | Computer Name = Wolf | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 9.4.2014 8:00:40 | Computer Name = Wolf | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 9.4.2014 8:00:40 | Computer Name = Wolf | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 9.4.2014 8:00:40 | Computer Name = Wolf | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 9.4.2014 8:00:40 | Computer Name = Wolf | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053


< End of report >

[Márty84]

Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Thor]

Windows mám legální, koupili mi ho rodiče, protože noťas byl bez OS. K tomu MBAMU, má nějaké nové rozhraní a nenašel nic. Zkusím to ještě jednou, ale nemůžu tam najít kompletní kontrolu, je tam pouze něco jako Zkontrolovat, pak Vlastní a Blesková.

[Márty84]

Tak to uz mate tu verzi 2.0

Pokud jste dal Zkontrolovat a nic nenasel, muzete ho odinstalovat.


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[Thor]

# AdwCleaner v3.023 - Report created 10/04/2014 at 21:46:45
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Mike - WOLF
# Running from : C:\Users\Mike\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\uniblue

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateWebSparkle_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateWebSparkle_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Uniblue

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R1].txt - [1609 octets] - [10/04/2014 21:45:19]
AdwCleaner[S1].txt - [1514 octets] - [10/04/2014 21:46:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1574 octets] ##########

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[Thor]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Mike [Práva správce]
Mód : Kontrola -- Datum : 04/11/2014 10:43:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] MEGAsync.exe -- C:\Users\Mike\AppData\Local\MEGAsync\MEGAsync.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Mike][SUSP PATH] MEGAsync.lnk : C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk @C:\Users\Mike\AppData\Local\MEGAsync\MEGAsync.exe [-][-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 player.kmpmedia.net


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500420AS +++++
--- User ---
[MBR] 2cf5487b2d64c12e0ec0cae8306fb75e
[BSP] 3e7976647b753170c291c121668ca871 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 1128448 | Size: 102450 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 210946048 | Size: 373938 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04112014_104322.txt >>

[Márty84]

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[Thor]

ZPRAVA

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Mike [Práva správce]
Mód : Odebrat -- Datum : 04/11/2014 15:13:52
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Mike][SUSP PATH] MEGAsync.lnk : C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk @C:\Users\Mike\AppData\Local\MEGAsync\MEGAsync.exe [-][-] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 player.kmpmedia.net


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500420AS +++++
--- User ---
[MBR] 2cf5487b2d64c12e0ec0cae8306fb75e
[BSP] 3e7976647b753170c291c121668ca871 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 1128448 | Size: 102450 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 210946048 | Size: 373938 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04112014_151352.txt >>
RKreport[0]_S_04112014_104322.txt;RKreport[0]_S_04112014_151139.txt


OPRAVA HOST LOG

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Mike [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/11/2014 15:16:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 player.kmpmedia.net


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_04112014_151622.txt >>
RKreport[0]_D_04112014_151352.txt;RKreport[0]_S_04112014_104322.txt;RKreport[0]_S_04112014_151139.txt

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Thor]

ComboFix 14-04-09.02 - Mike 11.04.2014 16:48:40.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.8136.6628 [GMT 2:00]
Spuštěný z: c:\users\Mike\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-11 do 2014-04-11 )))))))))))))))))))))))))))))))
.
.
2014-04-11 14:53 . 2014-04-11 14:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-10 08:14 . 2014-04-10 18:04 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-10 08:13 . 2014-04-10 08:14 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-10 08:13 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-10 08:13 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-09 10:16 . 2014-04-09 19:05 512 ----a-w- C:\PhysicalMBR.bin
2014-04-08 19:16 . 2014-04-08 19:16 -------- d-----w- c:\program files (x86)\TeamViewer
2014-04-06 21:42 . 2014-04-06 21:42 -------- d-----w- c:\program files\trend micro
2014-04-06 09:52 . 2014-04-06 09:52 -------- d-----w- c:\users\Mike\AppData\Local\Mega Limited
2014-04-06 09:52 . 2014-04-06 09:52 -------- d-----w- c:\users\Mike\AppData\Local\MEGAsync
2014-04-06 08:33 . 2014-04-06 08:33 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-04-06 08:33 . 2014-04-06 08:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-06 08:33 . 2014-04-06 08:33 -------- d-----w- c:\program files (x86)\Java
2014-04-02 13:24 . 2014-04-02 13:24 43152 ----a-w- c:\windows\avastSS.scr
2014-04-01 17:49 . 2014-04-01 17:49 -------- d-----w- c:\programdata\Steam
2014-03-31 18:25 . 2014-03-31 18:25 -------- d-----w- c:\windows\cs
2014-03-31 18:24 . 2014-03-31 18:24 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2014-03-31 18:24 . 2014-03-31 18:24 -------- d-----w- c:\program files (x86)\Windows Live
2014-03-31 18:23 . 2014-03-31 18:28 -------- d-----w- c:\users\Mike\AppData\Local\Windows Live
2014-03-31 18:22 . 2014-03-31 18:22 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2014-03-29 18:44 . 2014-03-29 18:44 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-03-29 18:44 . 2014-03-29 18:44 -------- d-----w- c:\users\Mike\AppData\Roaming\SystemRequirementsLab
2014-03-24 18:13 . 2014-03-24 18:13 -------- d-----w- c:\program files (x86)\LocK-A-FoLdeR
2014-03-21 23:06 . 2014-03-21 23:06 -------- d-----w- c:\windows\SysWow64\NV
2014-03-21 23:06 . 2014-03-21 23:06 -------- d-----w- c:\windows\system32\NV
2014-03-21 23:03 . 2014-03-04 14:35 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-03-21 23:03 . 2014-03-04 14:35 353504 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-03-21 23:03 . 2014-03-04 14:35 33736 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2014-03-21 23:03 . 2014-03-04 14:35 31474976 ----a-w- c:\windows\system32\nvoglv64.dll
2014-03-21 23:03 . 2014-03-04 14:35 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-03-21 23:03 . 2014-03-04 14:35 23716640 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-03-21 23:03 . 2014-03-04 14:35 18302384 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-03-21 23:03 . 2014-03-04 14:35 15783992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-03-21 23:03 . 2014-03-04 14:35 12708128 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-03-21 23:03 . 2014-03-04 14:35 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-03-19 05:11 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-03-19 05:11 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-03-18 22:29 . 2014-03-18 22:29 -------- d-----w- c:\programdata\Energy Management
2014-03-18 14:53 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-03-18 14:46 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-03-18 14:46 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-03-18 13:49 . 2014-04-10 08:14 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes
2014-03-18 13:49 . 2014-04-10 08:14 -------- d-----w- c:\programdata\Malwarebytes
2014-03-18 13:49 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-13 00:01 . 2014-03-13 00:00 737280 ----a-w- c:\windows\iun6002.exe
2014-03-12 23:49 . 2014-03-16 23:18 -------- d-----w- c:\program files (x86)\VideoLAN
2014-03-12 21:48 . 2014-03-12 22:03 -------- d-----w- c:\users\Mike\AppData\Local\NFS Underground 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-10 19:56 . 2014-02-08 19:01 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-10 19:56 . 2014-02-08 19:01 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-09 10:49 . 2014-02-08 14:05 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-04-02 13:24 . 2014-02-08 18:44 84816 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-04-02 13:24 . 2014-02-08 18:44 208928 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-02 13:24 . 2014-02-08 18:44 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-02 13:24 . 2014-02-08 18:44 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-02 13:24 . 2014-02-08 18:44 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-02 13:24 . 2014-02-08 18:44 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-02 13:24 . 2014-02-08 18:44 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-02 13:24 . 2014-02-08 18:44 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-31 18:24 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-03-11 19:38 . 2014-03-11 19:38 5777288 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-03-04 14:35 . 2014-03-10 00:52 14709720 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2014-02-08 13:55 947808 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2014-02-08 13:55 832936 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-03-04 14:35 . 2014-02-08 13:55 3093280 ----a-w- c:\windows\system32\nvapi64.dll
2014-03-04 14:35 . 2014-02-08 13:55 174296 ----a-w- c:\windows\system32\nvinitx.dll
2014-03-04 14:35 . 2014-02-08 13:55 148016 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-03-04 13:06 . 2014-02-08 14:03 6714312 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2014-02-08 14:03 3497816 ----a-w- c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2014-02-08 14:03 922968 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2014-02-08 14:03 64968 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2014-02-08 14:03 607064 ----a-w- c:\windows\SysWow64\oemdspif.dll
2014-03-04 13:05 . 2014-02-08 14:03 2558808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2014-02-08 14:03 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-03-04 13:05 . 2014-02-08 14:03 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2014-02-08 14:03 1075032 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-03-04 13:05 . 2014-02-08 14:03 3649185 ----a-w- c:\windows\system32\nvcoproc.bin
2014-03-04 09:17 . 2014-04-09 10:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-02-08 19:04 . 2014-02-08 19:04 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-02-08 18:34 . 2014-03-10 00:52 1885472 ----a-w- c:\windows\system32\nvdispco6433489.dll
2014-02-08 18:34 . 2014-03-10 00:52 1515296 ----a-w- c:\windows\system32\nvdispgenco6433489.dll
2014-02-08 17:30 . 2014-02-08 17:30 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-02-08 17:30 . 2014-02-08 17:30 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-02-08 17:30 . 2014-02-08 17:30 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-02-08 17:30 . 2014-02-08 17:30 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-02-08 17:30 . 2014-02-08 17:30 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-02-08 17:30 . 2014-02-08 17:30 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-02-08 17:30 . 2014-02-08 17:30 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-02-08 17:30 . 2014-02-08 17:30 81408 ----a-w- c:\windows\system32\icardie.dll
2014-02-08 17:30 . 2014-02-08 17:30 774144 ----a-w- c:\windows\system32\jscript.dll
2014-02-08 17:30 . 2014-02-08 17:30 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-02-08 17:30 . 2014-02-08 17:30 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-02-08 17:30 . 2014-02-08 17:30 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-02-08 17:30 . 2014-02-08 17:30 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-02-08 17:30 . 2014-02-08 17:30 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-02-08 17:30 . 2014-02-08 17:30 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-02-08 17:30 . 2014-02-08 17:30 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-02-08 17:30 . 2014-02-08 17:30 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-02-08 17:30 . 2014-02-08 17:30 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-02-08 17:30 . 2014-02-08 17:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-02-08 17:30 . 2014-02-08 17:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-02-08 17:30 . 2014-02-08 17:30 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-02-08 17:30 . 2014-02-08 17:30 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-02-08 17:30 . 2014-02-08 17:30 413696 ----a-w- c:\windows\system32\html.iec
2014-02-08 17:30 . 2014-02-08 17:30 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-02-08 17:30 . 2014-02-08 17:30 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-02-08 17:30 . 2014-02-08 17:30 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-02-08 17:30 . 2014-02-08 17:30 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-02-08 17:30 . 2014-02-08 17:30 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-08 17:30 . 2014-02-08 17:30 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-02-08 17:30 . 2014-02-08 17:30 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-02-08 17:30 . 2014-02-08 17:30 247808 ----a-w- c:\windows\system32\msls31.dll
2014-02-08 17:30 . 2014-02-08 17:30 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-02-08 17:30 . 2014-02-08 17:30 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-02-08 17:30 . 2014-02-08 17:30 235520 ----a-w- c:\windows\system32\url.dll
2014-02-08 17:30 . 2014-02-08 17:30 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-02-08 17:30 . 2014-02-08 17:30 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-02-08 17:30 . 2014-02-08 17:30 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-02-08 17:30 . 2014-02-08 17:30 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-02-08 17:30 . 2014-02-08 17:30 147968 ----a-w- c:\windows\system32\occache.dll
2014-02-08 17:30 . 2014-02-08 17:30 143872 ----a-w- c:\windows\system32\wextract.exe
2014-02-08 17:30 . 2014-02-08 17:30 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-02-08 17:30 . 2014-02-08 17:30 13824 ----a-w- c:\windows\system32\mshta.exe
2014-02-08 17:30 . 2014-02-08 17:30 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-02-08 17:30 . 2014-02-08 17:30 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-02-08 17:30 . 2014-02-08 17:30 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-02-08 17:30 . 2014-02-08 17:30 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-02-08 17:30 . 2014-02-08 17:30 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-02-08 17:30 . 2014-02-08 17:30 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-02-08 17:30 . 2014-02-08 17:30 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-02-08 17:30 . 2014-02-08 17:30 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-02-08 17:30 . 2014-02-08 17:30 101376 ----a-w- c:\windows\system32\inseng.dll
2014-02-08 14:55 . 2014-02-08 14:55 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-02-08 14:55 . 2014-02-08 14:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-02-08 14:55 . 2014-02-08 14:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-08 14:55 . 2014-02-08 14:55 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2014-01-20 06:04 460288 ----a-w- c:\users\Mike\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2014-01-20 06:04 460288 ----a-w- c:\users\Mike\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2014-01-20 06:04 460288 ----a-w- c:\users\Mike\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-02 3854640]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 33508336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R1 SASDIFSV;SASDIFSV;f:\computer\Portable Apps\SuperAntiSpyware 5.6.1014\SASDIFSV64.SYS;f:\computer\Portable Apps\SuperAntiSpyware 5.6.1014\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;f:\computer\Portable Apps\SuperAntiSpyware 5.6.1014\SASKUTIL64.SYS;f:\computer\Portable Apps\SuperAntiSpyware 5.6.1014\SASKUTIL64.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 cleanhlp;cleanhlp;f:\computer\PORTABLE APPS\EMSISOFT EMERGENCY KIT (EEK) 3.0.0.4\RUN\cleanhlp64.sys;f:\computer\PORTABLE APPS\EMSISOFT EMERGENCY KIT (EEK) 3.0.0.4\RUN\cleanhlp64.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
R3 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-09 14:56 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-08 19:56]
.
2014-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 13:40]
.
2014-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-08 13:40]
.
2014-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1822249150-3586501937-2317889320-1000Core.job
- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-08 16:55]
.
2014-04-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1822249150-3586501937-2317889320-1000UA.job
- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-08 16:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2014-01-19 13:36 468480 ----a-w- c:\users\Mike\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2014-01-19 13:36 468480 ----a-w- c:\users\Mike\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2014-01-19 13:36 468480 ----a-w- c:\users\Mike\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-02 13:24 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2014-02-08 206176]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2014-02-08 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2014-02-08 5908928]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2014-02-08 789920]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.192.12.1 208.67.222.222
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="8727602C571622CC2A552349F755D83E443794CCA391518AFA867A83867B59B483E7AE988D139A36862AD7539690E726A156BF31B7A00F356C11FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14078EDD5E5BE2F6E667A2D97226D213B5559DB7CE019D40AA5C9361D9810D7A678EF400F2B07790631E699FE58D3AD1D7B29978F120E487F309672BF0B495E3049EB950978C4D7CF516DE674DED5819F666F67D09F9C24C1DDAF33EC6D163E223E3A9BE0994EB9E31376D2B6C2212C5B7BFBDB149BA4AFC5B6188CD64618572ED84F45AB715115F77FAC5F8BC5B76CDD62DC1BDD39AF53D639E3941B6BC888530381067F8AC7C9DCE705C0F9C9D171E313498803221CAA58CAC5CB18C138302DACEB0DC865174AAE1B96BE54EC088934A691C0BCD2D4F42D3370EED1CE70B3E842756657DC8C04E7C0D6FA178746502C9F9EA22786F8E1257FC2DF9FC113B09E4B63F615F30ADC09134A922A5364AB17AA466C0E26F160BDBD5DB8A2A3935A35808EFE411760C32B80E1FF544DC5ADB49BBB513A685F7934AA6030B865F9C41E0B830B6DD60B041A80E1AE1278F3930CBA7C1FABE60CC09ACECCB19D4D6170D23F70C53F08474074138A5DF83CD9252B7643A0F0A01AE39B4B927883E4652A2668C55E75CCFB28B8427949AF3659358E7009096CB3E3B6A34B0C75FCEA8FC141A4F9D5A96014ECE980BFB73787C6DCD5A9C7A12AB411653A509A358F64CCA65CDADBF42F6ACAAC14524B300710CD531B374F1AF350765212311F6E10B537410B6A8D5E83D3A30C9FACA5A07A66106763A5037D7576254736DA7C09D4335B301ADD540CF88644C424AE6D005421BBC83D9124AA266F811DCE6414462BC3D4999AF5EA42B60BD6E786977BAACD1B0BA351F2A71DD98444EE799E5883C7789F8AE5E00E95F2D270D2EB2100460C8E8C5D83E21B78B0A13430E3033D868578C8A0A7C8BBC8A3CD99E9923565739FCE0A7B10E916A603B052AC17AD7C3D9A68EC86674E60D7B3FE1A165DC832784298AAEF609AC1C478D92C1E46D191DB50FA884F6D2890E364B1E95AE26E628C0EAA9AB54CFB324DAC903CB51A04F7CD8A34A10E04982B9F1D94200096862D3A5C5D674E723FE9AEF1AF590D1CE66BBD056B6443CAB72CB99C8D769F832EC66989F7F63456B79DE0A8FDA59A658DE7ADE8184FC95F30F43CCD8B8DD78368F623842E3D473B1A292E31BFA7584C2CB1DFAE01D186E3EA1E4DF2F15EE75C7698BD35D992B6DA70D9C6A17EC3792B3D7484F93C07B3CCA86B8D9567030D363AD6D700309CBA11E61263F3DA0F5EC773DE93B20030DE780B00CF6BA24BA67A42152C6A8ED21F38C591EB7AD568C2500CC2FCFEDC7384FE6A36D252F5A2B7BCF9D4C4329DA983A"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-04-11 16:54:44
ComboFix-quarantined-files.txt 2014-04-11 14:54
.
Před spuštěním: Volných bajtů: 45 900 292 096
Po spuštění: Volných bajtů: 45 615 022 080
.
- - End Of File - - E9CEDD1AB0C2F0287FE1965837D0B53E