Prosím o kontrolu- samovolné zavírání otevřených oken

[Pepinoo]

Dobrý den, včera se mi dvakrát stalo, že se mi samovolně zavřely všechny otevřené programy a okna (firefox, media player, winamp atd). Zkrátka to, co bylo zrovna dole na liště otevřeno. Po restartu notebooku se to zatím znovu nestalo, ale raději bych tedy prosil o preventivní kontrolu.

Zde je tedy log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Já at 2014-07-28 10:41:25
Microsoft Windows 8
System drive C: has 62 GB (7%) free of 905 GB
Total RAM: 8058 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:41:37, on 28. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
C:\Program Files (x86)\Altap Salamander\salamand.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files\trend micro\Já.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: @oem18.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9389 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 1004927873568
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\BtwRSupportService.exe
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 2adcba29-af96-4b26-a291-bbfd9d962790 1
\??\C:\windows\system32\conhost.exe 0x4
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7bbbc482-36db-4ab8-a324-f6b8ad047f52 -SystemEventPortName:HostProcess-11f4b1c3-d891-4ca2-b664-e3f90e6d0d5d -IoCancelEventPortName:HostProcess-85fa47d8-f6ce-484f-b88a-9a2cf7d3d0bc -NonStateChangingEventPortName:HostProcess-13d04f03-2f0f-4c99-ae4d-0ba5e82c350d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7982beb2-418e-41a4-8c14-f055eb1ffa89 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe 0x4
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Altap Salamander\salamand.exe"

"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x11b4_0x121c_0x5c58a70e"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5240.df09130.1707376992 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5240 "\\.\pipe\gecko-crash-server-pipe.5240" plugin
"C:\windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash4712.6E930D80.11932 --host-broker-channel=Flash4712.6E930D80.26038 --host-pid=4712 --host-npapi-version=27 --plugin-path="C:\windows\SYSTEM32\Macromed\Flash\NPSWF32_14_0_0_145.dll"
"C:\windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=1616.0124F120.1554412984 --proxy-stub-channel=Flash4712.6E930D80.11932 --plugin-path="C:\windows\SYSTEM32\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Winamp\winamp.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\oem\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL


C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-05-20 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-06-10 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2014-06-17 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2014-06-10 1730264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-08-08 170304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-08-08 398656]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-08-08 440640]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2012-06-15 887968]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-22 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-22 191568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-04-30 1225920]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-07-26 508656]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-08-03 439296]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-28 10:41:26 ----D---- C:\Program Files\trend micro
2014-07-28 10:41:25 ----D---- C:\rsit
2014-07-27 23:21:55 ----A---- C:\windows\system32\FNTCACHE.DAT
2014-07-19 11:42:42 ----D---- C:\ProgramData\Media Center Programs
2014-07-18 17:17:45 ----D---- C:\Users\oem\AppData\Roaming\theHunterSteam
2014-07-09 23:47:58 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 23:44:04 ----SD---- C:\windows\system32\CompatTel
2014-07-09 18:26:24 ----A---- C:\windows\system32\ntoskrnl.exe
2014-07-09 18:26:24 ----A---- C:\windows\system32\localspl.dll
2014-07-09 18:26:21 ----A---- C:\windows\system32\ntdll.dll
2014-07-09 18:26:18 ----A---- C:\windows\SYSWOW64\WSShared.dll
2014-07-09 18:26:18 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 18:26:18 ----A---- C:\windows\SYSWOW64\Robocopy.exe
2014-07-09 18:26:18 ----A---- C:\windows\SYSWOW64\ntdll.dll
2014-07-09 18:26:18 ----A---- C:\windows\system32\WSShared.dll
2014-07-09 18:26:18 ----A---- C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 18:26:18 ----A---- C:\windows\system32\Robocopy.exe
2014-07-09 18:26:18 ----A---- C:\windows\system32\drivers\hdaudbus.sys
2014-07-09 18:26:17 ----A---- C:\windows\system32\win32k.sys
2014-07-09 18:26:16 ----A---- C:\windows\SYSWOW64\osk.exe
2014-07-09 18:26:16 ----A---- C:\windows\system32\osk.exe
2014-07-09 18:26:14 ----A---- C:\windows\system32\InkEd.dll
2014-07-09 18:25:51 ----A---- C:\windows\SYSWOW64\SHCore.dll
2014-07-09 18:25:51 ----A---- C:\windows\system32\SHCore.dll
2014-07-09 18:25:51 ----A---- C:\windows\system32\lsm.dll
2014-07-09 18:25:51 ----A---- C:\windows\system32\lsasrv.dll
2014-07-09 18:25:43 ----A---- C:\windows\system32\aepdu.dll
2014-07-09 18:25:41 ----A---- C:\windows\system32\devinv.dll
2014-07-09 18:25:41 ----A---- C:\windows\system32\aepic.dll
2014-07-09 18:25:41 ----A---- C:\windows\system32\aeinv.dll
2014-07-09 18:25:28 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-07-09 18:25:25 ----A---- C:\windows\system32\mshtml.dll
2014-07-09 18:25:20 ----A---- C:\windows\system32\ieframe.dll
2014-07-09 18:25:18 ----A---- C:\windows\system32\jscript9.dll
2014-07-09 18:25:17 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-07-09 18:25:17 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-07-09 18:25:17 ----A---- C:\windows\system32\iedkcs32.dll
2014-07-09 18:25:16 ----A---- C:\windows\system32\iertutil.dll
2014-07-09 18:25:15 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-07-09 18:25:13 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-07-09 18:25:13 ----A---- C:\windows\system32\wininet.dll
2014-07-09 18:25:13 ----A---- C:\windows\system32\urlmon.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\UXInit.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-07-09 18:25:12 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\uxtheme.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\UXInit.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\msrating.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\mshtmled.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\msfeeds.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\jsproxy.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\jscript.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\iesysprep.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\iesetup.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\iernonce.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\ie4uinit.exe
2014-07-09 18:25:12 ----A---- C:\windows\system32\dxtrans.dll
2014-07-09 18:25:12 ----A---- C:\windows\system32\dxtmsft.dll
2014-07-09 12:59:26 ----D---- C:\Program Files\7-Zip
2014-07-09 09:03:24 ----A---- C:\windows\system32\drivers\afd.sys
2014-07-09 09:03:23 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-07-09 09:03:23 ----A---- C:\windows\system32\qedit.dll
2014-07-07 23:36:59 ----D---- C:\ProgramData\ESET
2014-07-07 23:36:59 ----D---- C:\Program Files\ESET
2014-07-06 10:30:08 ----A---- C:\windows\SYSWOW64\wudriver.dll
2014-07-06 10:30:08 ----A---- C:\windows\system32\wudriver.dll
2014-07-06 10:30:08 ----A---- C:\windows\system32\storewuauth.dll
2014-07-06 10:30:07 ----A---- C:\windows\system32\WUSettingsProvider.dll
2014-07-06 10:30:07 ----A---- C:\windows\system32\wuauclt.exe
2014-07-06 10:30:06 ----A---- C:\windows\system32\wuaueng.dll
2014-07-06 10:30:05 ----A---- C:\windows\SYSWOW64\wuapi.dll
2014-07-06 10:30:05 ----A---- C:\windows\system32\wucltux.dll
2014-07-06 10:30:05 ----A---- C:\windows\system32\wuapi.dll
2014-07-06 10:29:43 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2014-07-06 10:29:43 ----A---- C:\windows\SYSWOW64\wuapp.exe
2014-07-06 10:29:43 ----A---- C:\windows\system32\wuwebv.dll
2014-07-06 10:29:43 ----A---- C:\windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2014-07-28 10:41:26 ----RD---- C:\Program Files
2014-07-28 10:41:19 ----D---- C:\windows\Temp
2014-07-28 10:09:53 ----D---- C:\windows\system32\sru
2014-07-28 00:50:43 ----D---- C:\windows\Prefetch
2014-07-27 23:28:50 ----D---- C:\windows\Inf
2014-07-27 23:28:50 ----AD---- C:\windows\System32
2014-07-27 23:28:50 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-07-27 23:24:54 ----A---- C:\windows\SYSWOW64\log.txt
2014-07-27 23:21:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-27 23:17:21 ----SHD---- C:\System Volume Information
2014-07-27 23:15:06 ----D---- C:\windows\Microsoft.NET
2014-07-24 19:16:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-23 11:04:12 ----HD---- C:\Program Files\WindowsApps
2014-07-23 11:04:12 ----D---- C:\windows\AUInstallAgent
2014-07-21 17:11:18 ----D---- C:\P
2014-07-21 09:47:42 ----D---- C:\windows\system32\config
2014-07-20 11:38:19 ----D---- C:\windows\WinSxS
2014-07-19 22:01:50 ----SD---- C:\Users\oem\AppData\Roaming\Microsoft
2014-07-19 21:52:03 ----D---- C:\ProgramData\Origin
2014-07-19 11:43:22 ----SHD---- C:\windows\Installer
2014-07-19 11:43:22 ----SHD---- C:\Config.Msi
2014-07-19 11:42:42 ----HD---- C:\ProgramData
2014-07-19 11:42:37 ----D---- C:\Program Files (x86)\Common Files
2014-07-19 11:25:33 ----D---- C:\GAMES
2014-07-16 11:50:23 ----RSD---- C:\windows\assembly
2014-07-14 19:25:16 ----D---- C:\Users\oem\AppData\Roaming\vlc
2014-07-14 09:45:47 ----D---- C:\windows\system32\catroot
2014-07-13 09:36:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-07-13 09:35:42 ----D---- C:\Program Files\Microsoft Office 15
2014-07-12 14:39:08 ----D---- C:\windows\system32\catroot2
2014-07-12 14:37:25 ----D---- C:\windows\system32\DriverStore
2014-07-10 01:15:18 ----AD---- C:\Windows
2014-07-09 23:47:58 ----D---- C:\windows\SysWOW64
2014-07-09 23:44:00 ----D---- C:\Program Files\Windows Journal
2014-07-09 23:43:57 ----D---- C:\windows\WinStore
2014-07-09 23:43:55 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 23:43:53 ----D---- C:\Program Files\Internet Explorer
2014-07-09 23:43:51 ----D---- C:\windows\system32\Drivers
2014-07-09 23:42:51 ----D---- C:\windows\CbsTemp
2014-07-09 14:38:01 ----D---- C:\windows\debug
2014-07-09 14:30:55 ----D---- C:\Users\oem\AppData\Roaming\Media Player Classic
2014-07-09 09:53:18 ----D---- C:\windows\system32\MRT
2014-07-09 09:51:45 ----A---- C:\windows\system32\MRT.exe
2014-07-02 19:00:37 ----D---- C:\windows\SoftwareDistribution
2014-07-02 14:59:08 ----D---- C:\Program Files (x86)\Winamp
2014-07-02 14:58:45 ----D---- C:\windows\Minidump
2014-07-02 14:58:45 ----D---- C:\windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\windows\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-10-22 39008]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-05-20 32544]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 EpfwLWF;@oem24.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 ACPIVPC;@oem20.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2012-10-22 33560]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2013-09-16 32600]
R3 bcbtums;@oem18.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2012-08-26 164152]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl63a.sys [2012-07-10 6824520]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2012-08-10 158008]
R3 btwaudio;@oem13.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-07-26 186680]
R3 btwavdt;@oem13.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\windows\System32\drivers\btwavdt.sys [2012-07-26 212792]
R3 btwl2cap;@oem16.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 btwrchid;btwrchid; C:\windows\System32\drivers\btwrchid.sys [2012-07-26 22328]
R3 CnxtHdAudService;@oem7.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2012-06-27 1608864]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-08-03 8987456]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 L1C;@oem9.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2012-07-19 110744]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 18776]
R3 nvvad_WaveExtensible;@oem27.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-27 43832]
R3 SynTP;@oem11.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-08-27 448312]
R3 VClone;VClone; C:\windows\System32\drivers\VClone.sys [2013-07-24 34816]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 PSI;PSI; C:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
S3 RSUSBVSTOR;@oem8.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]
S3 vm332avs;@oem19.inf,%USBCamera.DeviceDesc2%;Lenovo Camera2; C:\windows\System32\Drivers\vm332avs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BcmBtRSupport;@oem18.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\windows\system32\BtwRSupportService.exe [2012-08-26 2252600]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-08-27 953720]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-06-19 2356408]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21007192]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2012-06-08 201376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-08-08 276288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-02-19 1662424]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-24 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-04-25 178760]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[Pepinoo]

# AdwCleaner v3.300 - Report created 28/07/2014 at 15:06:48
# Updated 27/07/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Já - IDEA-PC
# Running from : C:\Users\oem\Desktop\adwcleaner_3.300.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Tâches planifiées ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\Trymedia Systems

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17028


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


[ File : C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\l6dtnwkv.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2170 octets] - [28/07/2014 15:05:31]
AdwCleaner[S0].txt - [2095 octets] - [28/07/2014 15:06:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2155 octets] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Pepinoo]

Ok. Dnes už to nestihnu, ale zítra kontrolu udělám a pošlu výsledek. Já jen aby to nevypadalo, že nereaguju

[Márty84]

Jasne, v pohode, diky za info

[Pepinoo]

Tak tedy posílám log, jak jsem slíbil:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29. 7. 2014
Scan Time: 12:15:47
Logfile: log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.29.02
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: JA!

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 637404
Time Elapsed: 2 hr, 27 min, 29 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

MBAM odinstalujte.



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Pepinoo]

Ten Combofix může opravdu smazat nějaká data? Docela se té vaši radě o záloze děsím. Mám na hadru poměrně velkou sbírku filmů (skoro 500 gb-studuju filmovou školu ) a plánuju si v budoucnu koupit externí hdd, kam je všechny přesunu. Jinak mám taky dost hudby atd. Osobní data (ty které nelze znova stáhnout) zálohuju pravidelně. Nicméně obsah mého hdd v ntbku (hry, instalačky her, filmy, hudba) zálohovat nemůžu, protože zkrátka nemám kam. Nemám tak velký exterák zatím. A o všechno se mi opravdu nechce přijít. Sice lze v podstatě všechno stáhnout znova, ale zrovna ty filmy některé jsou poměrně raritní kousky a nevím, kde bych je znova sháněl, protože je mám obstarané ze serverů, které mnohdy třeba už ani neexistují.
Teď teda nevím, jestli se na to raději nevykašlat, pokud hrozí nějaké smazání.
Podle MBAMu je systém čistý. Myslíte, že tam i přesto něco je? Nějaká brebera?
A pokud ten combofix použiju přesně podle vašeho návodu, jaká je šance, že vše proběhne ok a nic z mých dat se nesmaže?
Omlouvám se za mírnou paranoiu, ale o data se mi fakt nechce přijít.

[Márty84]

Ten Combofix může opravdu smazat nějaká data?

Filmy urcite nesmaze, ale nemusi uz najet system. Ta pravdepodobnost je malinka, ale proste muze se to stat, zvlast pokud tam opravdu nejaky previt je. Ja zadnou havet nevidim, MBAM taky ne. Na druhou stranu, log neukaze zdaleka vsechno a MBAM taky nedetekuje vsechno. A ten vas problem neni obvykly, takze jsem chtel radeji udelat dalsi sken, protoze CF jde hodne do hloubky a muze i trochu opravit system. Byt jen hodne omezene.

Takze zalezi na vas, jak se rozhodnete

[Pepinoo]

Heleďte víte co? Vzhledem k tomu, že ten můj problém se od té doby, co jsem založil tohle téma, znovu neobjevil (vlastně už se neobjevil hned po tom restartu), tak bych to asi neriskoval. Systémy mám jinak v pořádku (pokud se tam fakt neděje něco skrytě, ale musím říct,že správce úloh neukazuje žádnou zvláštní aktivitu neznámou; jinými slovy pokud nedělám nic, tak procesor dle správce úloh opravdu nedělá nic;).
Jako ochranu mám Eset Smart Security. Vím, že jsou dost protichůdné reakce na tento balík programů, ale když už nic, tak má alespoň ukazování veškeré siťové komunikace, která probíhá, což si taky poměrně často kontroluju.
Ono je to i tím, že ty W8 mají jen něco kolem 3 měsíců od instalace a navíc si dávám bacha na to, abych si nezasíral systémy nesmyslama (jakože při instalaci programů vždy dávám ruční instalaci a někdy se nestačím divit, co za sviňárničky se zároveň s tím programem chtějí instalovat).
Pokud by se mi ale jakýkoliv problém objevil nebo začalo zase to samozavírání programů, tak bych se ozval a projeli bychom to tím combofixem. Může být? Založil bych to ale asi do nového tématu.
Díky moc za ochotu.
P.S. Jako vždy smekám před váma všema z tohoto fóra- jste v dnešní době opravdu unikát. Fakt klobouk dolů.

[Márty84]

Eset je dobra volba, pokud teda neni cracknuty, ony ty cracknute verze ne vzdy funguji korektne.

Mohla to byt fakt jen nahoda a restartem se to opravilo.

Logy jsou ciste, ale nechtel jsem nic podcenit

Urcite kdyztak zalozte nove tema, muselo by se zacit od zacatku

Jeste spustte ADWCleaner jako spravce a kliknete na Uninstall. Program se odinstaluje a uklidi po sobe.


Nemate vubec zac!

Dekujeme za pochvalu

Mejte se a treba zase nekdy