Preventivní kontrola.

[nulka]

Prosím o preventivní kontrolu,počitač se občas nespustí.Díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by ZdenulkaPC at 2015-03-09 18:55:00
Microsoft Windows 8.1 Pro
System drive C: has 198 GB (83%) free of 238 GB
Total RAM: 2047 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:55:04, on 9. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Users\ZdenulkaPC\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\ZdenulkaPC.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bb6d9528-45f5-4c75-91c9-93290710ec4c} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {bb6d9528-45f5-4c75-91c9-93290710ec4c} - (no file)
O3 - Toolbar: (no name) - {bb6d9528-45f5-4c75-91c9-93290710ec4c} - (no file)
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7821 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\ZdenulkaPC\AppData\Roaming\Mozilla\Firefox\Profiles\2hplr8iy.default-1407950119248

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL


C:\Users\ZdenulkaPC\AppData\Roaming\Mozilla\Firefox\Profiles\2hplr8iy.default-1407950119248\extensions\
{bb6d9528-45f5-4c75-91c9-93290710ec4c}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bb6d9528-45f5-4c75-91c9-93290710ec4c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bb6d9528-45f5-4c75-91c9-93290710ec4c}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-12-19 248176]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

C:\Users\ZdenulkaPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PowerReg Scheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-09 18:45:06 ----D---- C:\rsit
2015-03-06 17:39:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-26 10:13:15 ----A---- C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-26 10:13:14 ----A---- C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-13 14:00:48 ----A---- C:\Windows\SysWOW64\jscript9.dll
2015-02-13 09:46:41 ----A---- C:\Windows\SysWOW64\schannel.dll
2015-02-13 09:46:40 ----A---- C:\Windows\SysWOW64\scesrv.dll
2015-02-13 09:46:40 ----A---- C:\Windows\SysWOW64\ntdll.dll
2015-02-13 09:46:39 ----A---- C:\Windows\SysWOW64\wow32.dll
2015-02-13 09:46:39 ----A---- C:\Windows\SysWOW64\user.exe
2015-02-13 09:46:39 ----A---- C:\Windows\SysWOW64\setup16.exe
2015-02-13 09:46:39 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2015-02-13 09:46:39 ----A---- C:\Windows\SysWOW64\instnm.exe
2015-02-13 09:46:38 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-13 09:46:37 ----A---- C:\Windows\SysWOW64\msaudite.dll
2015-02-13 09:46:37 ----A---- C:\Windows\SysWOW64\certcli.dll
2015-02-13 09:46:37 ----A---- C:\Windows\SysWOW64\adtschema.dll
2015-02-13 09:46:33 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2015-02-13 09:46:26 ----A---- C:\Windows\SysWOW64\mshtml.dll
2015-02-13 09:46:21 ----A---- C:\Windows\SysWOW64\ieframe.dll
2015-02-13 09:46:20 ----A---- C:\Windows\SysWOW64\iertutil.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SysWOW64\vbscript.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SysWOW64\urlmon.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SysWOW64\jscript.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2015-02-13 09:46:17 ----A---- C:\Windows\SysWOW64\wininet.dll
2015-02-13 09:46:17 ----A---- C:\Windows\SysWOW64\webcheck.dll
2015-02-13 09:46:17 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-13 09:46:17 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2015-02-13 09:46:16 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2015-02-13 09:46:16 ----A---- C:\Windows\SysWOW64\iepeers.dll
2015-02-13 09:46:16 ----A---- C:\Windows\SysWOW64\ieapfltr.dll

======List of files/folders modified in the last 1 month======

2015-03-09 18:55:03 ----D---- C:\Program Files (x86)\trend micro
2015-03-09 18:54:01 ----D---- C:\Windows\Temp
2015-03-09 18:54:01 ----D---- C:\Windows\Prefetch
2015-03-08 09:46:45 ----D---- C:\Windows\Microsoft.NET
2015-03-06 22:01:07 ----D---- C:\Windows
2015-03-06 22:00:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 17:56:20 ----RD---- C:\Program Files (x86)
2015-03-06 15:02:09 ----D---- C:\Windows\Inf
2015-03-06 14:24:47 ----D---- C:\Windows\debug
2015-03-05 12:51:49 ----SHD---- C:\System Volume Information
2015-03-05 12:27:54 ----D---- C:\Windows\AppReadiness
2015-03-03 12:11:27 ----D---- C:\Windows\WinSxS
2015-03-03 11:56:04 ----D---- C:\Program Files (x86)\CDBurnerXP
2015-03-02 17:37:38 ----D---- C:\Windows\System32
2015-03-02 11:34:38 ----D---- C:\Users\ZdenulkaPC\AppData\Roaming\Skype
2015-02-27 16:41:38 ----D---- C:\Windows\SoftwareDistribution
2015-02-27 16:07:06 ----D---- C:\Program Files (x86)\Steam
2015-02-27 10:18:59 ----D---- C:\Windows\SysWOW64
2015-02-26 10:47:50 ----D---- C:\Windows\CbsTemp
2015-02-22 09:35:33 ----D---- C:\Program Files (x86)\Common Files\Steam
2015-02-19 09:31:15 ----SHD---- C:\Windows\Installer
2015-02-19 09:31:15 ----SHD---- C:\Config.Msi
2015-02-19 09:31:10 ----D---- C:\Program Files (x86)\TomTom HOME 2
2015-02-18 14:43:52 ----D---- C:\Windows\rescache
2015-02-13 13:47:08 ----D---- C:\Windows\SysWOW64\cs-CZ
2015-02-13 13:47:05 ----D---- C:\Windows\apppatch
2015-02-13 09:32:39 ----D---- C:\Windows\Tasks
2015-02-13 09:32:37 ----D---- C:\Windows\servicing
2015-02-13 09:32:30 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-13 09:32:30 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
2015-02-13 09:31:42 ----RD---- C:\Program Files
2015-02-13 09:29:33 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\SysWOW64\drivers\Wof.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\Windows\system32\DRIVERS\L1C63x64.sys []
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys []
R3 MTsensor;@oem4.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S3 nmwcd;@oem8.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;@oem12.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys []
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-12-19 93040]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-06 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]

-----------------EOF-----------------

[Márty84]

Zdravim

Muzete trochu upresnit, jak to probiha? Hodi nejakou hlasku? Nebo zustane monitor cerny? Pripadne, nezacne ani hucet?

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Mate 64bit system, tak dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe

[nulka]

Když PC zapnu tak asi po 20 sec.napíše něco anglicky a když se podívám do Biosu tak ten nevidí HDD.Když to zkusím znova tak po několika pokusech PC normálně naběhne.

[nulka]

Logfile of random's system information tool 1.10 (written by random/random)
Run by ZdenulkaPC at 2015-03-09 19:26:24
Microsoft Windows 8.1 Pro
System drive C: has 198 GB (83%) free of 238 GB
Total RAM: 2047 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:26:28, on 9. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\ZdenulkaPC.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bb6d9528-45f5-4c75-91c9-93290710ec4c} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {bb6d9528-45f5-4c75-91c9-93290710ec4c} - (no file)
O3 - Toolbar: (no name) - {bb6d9528-45f5-4c75-91c9-93290710ec4c} - (no file)
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7827 bytes

======Listing Processes======





wininit.exe


C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
dashost.exe {6a081373-5722-4077-b12c88d1c36f94a5}
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"

"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 1365A283-7440-8911-23A6-D35B8A711AC2 -Reinvoke
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580

"C:\Users\ZdenulkaPC\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\ZdenulkaPC\AppData\Roaming\Mozilla\Firefox\Profiles\2hplr8iy.default-1407950119248

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


C:\Users\ZdenulkaPC\AppData\Roaming\Mozilla\Firefox\Profiles\2hplr8iy.default-1407950119248\extensions\
{bb6d9528-45f5-4c75-91c9-93290710ec4c}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bb6d9528-45f5-4c75-91c9-93290710ec4c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{bb6d9528-45f5-4c75-91c9-93290710ec4c}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2007-09-06 406944]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-11-17 7575768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-12-19 248176]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

C:\Users\ZdenulkaPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PowerReg Scheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-09 19:26:26 ----D---- C:\Program Files\trend micro
2015-03-09 18:45:06 ----D---- C:\rsit
2015-03-06 17:39:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-26 10:13:15 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2015-02-26 10:13:15 ----A---- C:\Windows\system32\Windows.Globalization.dll
2015-02-26 10:13:14 ----A---- C:\Windows\SYSWOW64\GlobCollationHost.dll
2015-02-26 10:13:14 ----A---- C:\Windows\system32\GlobCollationHost.dll
2015-02-13 14:00:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-13 14:00:48 ----A---- C:\Windows\system32\jscript9.dll
2015-02-13 09:46:41 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-13 09:46:41 ----A---- C:\Windows\system32\schannel.dll
2015-02-13 09:46:40 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-13 09:46:40 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-02-13 09:46:40 ----A---- C:\Windows\system32\scesrv.dll
2015-02-13 09:46:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-13 09:46:39 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-02-13 09:46:39 ----A---- C:\Windows\SYSWOW64\user.exe
2015-02-13 09:46:39 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-02-13 09:46:39 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-02-13 09:46:39 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-02-13 09:46:39 ----A---- C:\Windows\system32\wow64cpu.dll
2015-02-13 09:46:39 ----A---- C:\Windows\system32\wow64.dll
2015-02-13 09:46:39 ----A---- C:\Windows\system32\ntvdm64.dll
2015-02-13 09:46:39 ----A---- C:\Windows\system32\ntdll.dll
2015-02-13 09:46:38 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-13 09:46:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-13 09:46:38 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-13 09:46:37 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-13 09:46:37 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-02-13 09:46:37 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-13 09:46:37 ----A---- C:\Windows\system32\msaudite.dll
2015-02-13 09:46:37 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-13 09:46:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-13 09:46:37 ----A---- C:\Windows\system32\certcli.dll
2015-02-13 09:46:37 ----A---- C:\Windows\system32\adtschema.dll
2015-02-13 09:46:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-13 09:46:33 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-13 09:46:30 ----A---- C:\Windows\system32\mshtml.dll
2015-02-13 09:46:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-13 09:46:23 ----A---- C:\Windows\system32\ieframe.dll
2015-02-13 09:46:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-13 09:46:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-13 09:46:20 ----A---- C:\Windows\system32\iertutil.dll
2015-02-13 09:46:19 ----A---- C:\Windows\system32\wininet.dll
2015-02-13 09:46:19 ----A---- C:\Windows\system32\vbscript.dll
2015-02-13 09:46:19 ----A---- C:\Windows\system32\jscript.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-02-13 09:46:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-13 09:46:18 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-13 09:46:18 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-13 09:46:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-13 09:46:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-02-13 09:46:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-13 09:46:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-13 09:46:17 ----A---- C:\Windows\system32\webcheck.dll
2015-02-13 09:46:17 ----A---- C:\Windows\system32\urlmon.dll
2015-02-13 09:46:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-13 09:46:17 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-13 09:46:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-13 09:46:17 ----A---- C:\Windows\system32\actxprxy.dll
2015-02-13 09:46:16 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-02-13 09:46:16 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-02-13 09:46:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-13 09:46:16 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-13 09:46:16 ----A---- C:\Windows\system32\inetcomm.dll
2015-02-13 09:46:16 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-13 09:45:59 ----A---- C:\Windows\system32\sppobjs.dll
2015-02-13 09:45:57 ----A---- C:\Windows\system32\generaltel.dll
2015-02-13 09:45:57 ----A---- C:\Windows\system32\appraiser.dll
2015-02-13 09:45:56 ----A---- C:\Windows\system32\invagent.dll
2015-02-13 09:45:56 ----A---- C:\Windows\system32\devinv.dll
2015-02-13 09:45:56 ----A---- C:\Windows\system32\aepdu.dll
2015-02-13 09:45:56 ----A---- C:\Windows\system32\aeinv.dll
2015-02-13 09:45:51 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-03-09 19:26:26 ----RD---- C:\Program Files
2015-03-09 19:16:12 ----D---- C:\Windows\Temp
2015-03-09 19:02:00 ----D---- C:\Windows\system32\sru
2015-03-09 18:55:14 ----D---- C:\Windows\Prefetch
2015-03-09 18:55:03 ----D---- C:\Program Files (x86)\trend micro
2015-03-08 09:46:45 ----D---- C:\Windows\Microsoft.NET
2015-03-06 22:01:07 ----D---- C:\Windows
2015-03-06 22:00:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 17:56:20 ----RD---- C:\Program Files (x86)
2015-03-06 15:02:09 ----D---- C:\Windows\Inf
2015-03-06 14:24:47 ----D---- C:\Windows\debug
2015-03-05 12:51:49 ----SHD---- C:\System Volume Information
2015-03-05 12:27:54 ----D---- C:\Windows\AppReadiness
2015-03-05 12:27:53 ----HD---- C:\Program Files\WindowsApps
2015-03-03 22:03:10 ----D---- C:\Windows\system32\config
2015-03-03 14:17:35 ----N---- C:\Windows\system32\MpSigStub.exe
2015-03-03 12:11:27 ----D---- C:\Windows\WinSxS
2015-03-03 11:56:04 ----D---- C:\Program Files (x86)\CDBurnerXP
2015-03-02 17:37:38 ----RD---- C:\Windows\System32
2015-03-02 17:37:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-02 11:34:38 ----D---- C:\Users\ZdenulkaPC\AppData\Roaming\Skype
2015-02-27 16:41:38 ----D---- C:\Windows\SoftwareDistribution
2015-02-27 16:07:06 ----D---- C:\Program Files (x86)\Steam
2015-02-27 10:18:59 ----D---- C:\Windows\SysWOW64
2015-02-26 10:47:50 ----D---- C:\Windows\CbsTemp
2015-02-19 09:31:15 ----SHD---- C:\Windows\Installer
2015-02-19 09:31:15 ----SHD---- C:\Config.Msi
2015-02-19 09:31:10 ----D---- C:\Program Files (x86)\TomTom HOME 2
2015-02-18 14:43:52 ----D---- C:\Windows\rescache
2015-02-18 09:17:48 ----D---- C:\Windows\system32\MRT
2015-02-18 09:14:07 ----A---- C:\Windows\system32\MRT.exe
2015-02-13 13:49:51 ----SD---- C:\Windows\system32\CompatTel
2015-02-13 13:49:51 ----D---- C:\Windows\system32\appraiser
2015-02-13 13:47:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-13 13:47:08 ----D---- C:\Windows\system32\drivers
2015-02-13 13:47:08 ----D---- C:\Windows\system32\cs-CZ
2015-02-13 13:47:05 ----D---- C:\Windows\apppatch
2015-02-13 09:39:19 ----D---- C:\Windows\system32\catroot2
2015-02-13 09:33:23 ----D---- C:\Windows\system32\wbem
2015-02-13 09:32:39 ----D---- C:\Windows\Tasks
2015-02-13 09:32:38 ----D---- C:\Windows\system32\Tasks
2015-02-13 09:32:38 ----D---- C:\Windows\system32\Sysprep
2015-02-13 09:32:38 ----D---- C:\Windows\system32\CodeIntegrity
2015-02-13 09:32:37 ----D---- C:\Windows\servicing
2015-02-13 09:32:30 ----D---- C:\Program Files\Internet Explorer
2015-02-13 09:32:30 ----D---- C:\Program Files\Common Files\microsoft shared
2015-02-13 09:32:30 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-13 09:29:33 ----D---- C:\Windows\registration
2015-02-12 16:54:07 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-11-17 3962840]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-03-09 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 64216]
R3 MTsensor;@oem4.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2013-05-17 17280]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-12-15 12866008]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S3 nmwcd;@oem8.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem12.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2014-11-13 16152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-12-19 93040]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-06 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]

-----------------EOF-----------------

[Márty84]

Kde mam log z CDI?

Jak casto se to asi stava, ze to nenajede?

[nulka]

Jednou za 14 dní.

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 Professional [6.2 Build 9200] (x64)
Date : 2015/03/09 19:32:42

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- TSSTcorp CDDVDW SH-S223F ATA Device
+ ATA Channel 1 (1) [ATA]
- SAMSUNG HD252HJ ATA Device
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ Řadič úložiště Intel(R) 82801GB/GR/GH (řada ICH7) s rozhraním Serial ATA - 27C0 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Řadiče úložiště Intel(R) 82801G (řada ICH7) v režimu Ultra ATA - 27DF [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD252HJ : 250,0 GB [0/3/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD252HJ
----------------------------------------------------------------------------
Model : SAMSUNG HD252HJ
Firmware : 1AC01113
Serial Number : S17HJ9CQ722184
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 8798 hod.
Power On Count : 5563 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _94 _94 _11 000000000B40 Čas na roztočení ploten
04 _94 _94 __0 0000000015C4 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 00000000225E Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _94 _94 __0 0000000015BB Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _76 _66 __0 0000180E0018 Teplota toku vzduchu
C2 _71 _65 __0 00001D0E001D Teplota
C3 100 100 __0 00000006D2D7 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 253 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 003F 003F 0000 0000 0000
010: 5331 3748 4A39 4351 3732 3834 3834 2020 2020 2020
020: 0003 8000 0004 3141 4330 3133 3133 5341 4D53 554E
030: 4720 4844 3235 3248 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 BC41 BC41 4123 20FF 001A
090: 001A 0000 FFFE 0000 FE00 0005 0005 005D 86A0 0001
100: 5970 1D1C 0000 0000 0064 0000 0000 0000 5000 0F00
110: 0827 1248 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 AAA5

[Márty84]

Vidim tam MBAM. Nasel neco?


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[nulka]

Sem tam něco.

# AdwCleaner v4.112 - Logfile created 09/03/2015 at 20:36:28
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : ZdenulkaPC - ZDENULKA
# Running from : C:\Users\ZdenulkaPC\Desktop\adwcleaner_4.112.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Users\ZdenulkaPC\AppData\Roaming\RHEng

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91397D20-1446-11D4-8AF4-0040CA1127B6}]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.1 (x86 cs)


-\\ Pale Moon v


-\\ Google Chrome v

[C:\Users\ZdenulkaPC\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1408813594&from=exp&uid=SAMSUNGXHD252HJ_S17HJ9CQ722184&q={searchTerms}
[C:\Users\ZdenulkaPC\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1408813594&from=exp&uid=SAMSUNGXHD252HJ_S17HJ9CQ722184&q={searchTerms}

-\\ Chromium v

[C:\Users\ZdenulkaPC\AppData\Local\Chromium\User Data\Default\Web data] - Found [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=0&systemid=473&v=u13452-443&apn_uid=1550824207354361&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}

-\\ Comodo Dragon v


-\\ Chrome Canary v

*************************

AdwCleaner[R1].txt - [2039 bytes] - [09/03/2015 20:36:28]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2098 bytes] ##########

[Márty84]

Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[nulka]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10. 3. 2015
Čas skenování: 8:36:48
Protokol: txt.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.10.02
Databáze rootkitů: v2015.02.25.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: ZdenulkaPC

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 377629
Uplynulý čas: 1 min, 52 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Vypnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

[Márty84]

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach



29.3. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975