Pomalé PC po startu

[Wepa]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Roman at 2015-05-07 16:41:13
Microsoft Windows 8.1
System drive C: has 208 GB (44%) free of 476 GB
Total RAM: 6108 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:41:16, on 7. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Roman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9315 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
dashost.exe {87bcef10-6a05-44e5-b953787a31f8225d}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
taskhostex.exe
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe"

"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:2208
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 43E91C0E-E520-50A0-B279-D469726593DE -Reinvoke
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Nero\Update\NASvc.exe"

"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
taskhost.exe $(Arg0)
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\Users\Roman\Documents\TXT\florenta.txt
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576

"C:\Users\Roman\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-29 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-29 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2013-10-21 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2013-10-21 520192]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-03-29 7806232]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2014-10-29 479744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 335232]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-04 16:00:32 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-04 16:00:32 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-04 16:00:27 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-04 16:00:26 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-04 16:00:26 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-04-29 16:36:03 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-04-29 16:36:03 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-04-29 16:36:03 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-04-29 16:36:02 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-04-29 07:48:12 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2015-04-26 20:16:11 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2015-04-26 20:16:11 ----A---- C:\WINDOWS\system32\rascfg.dll
2015-04-26 20:16:11 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2015-04-26 20:16:11 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2015-04-26 20:15:00 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-04-26 20:15:00 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-04-26 20:14:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-04-26 20:14:43 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-04-26 20:14:43 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-04-26 20:14:23 ----A---- C:\WINDOWS\system32\win32k.sys
2015-04-26 20:14:22 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-04-26 20:14:22 ----A---- C:\WINDOWS\system32\SRH.dll
2015-04-26 20:14:03 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-04-26 20:14:03 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-04-26 20:14:02 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-04-26 20:14:02 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-04-26 20:13:59 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-04-26 20:13:59 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-04-26 20:13:59 ----A---- C:\WINDOWS\system32\certcli.dll
2015-04-26 20:13:22 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-04-26 20:13:22 ----A---- C:\WINDOWS\system32\schannel.dll
2015-04-26 20:13:10 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-04-26 20:13:10 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-04-26 20:13:01 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-04-26 20:13:01 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-04-14 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\tdh.dll
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\wow64.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\sechost.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-14 21:11:32 ----A---- C:\WINDOWS\SYSWOW64\tracerpt.exe
2015-04-14 21:11:32 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2015-04-14 21:11:32 ----A---- C:\WINDOWS\system32\tracerpt.exe
2015-04-14 21:11:15 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-04-14 21:11:10 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-04-14 21:11:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-04-14 21:11:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-04-14 21:11:05 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-04-14 21:11:03 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-04-14 21:10:51 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-04-14 21:10:50 ----A---- C:\WINDOWS\system32\wininet.dll
2015-04-14 21:10:49 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-04-14 21:10:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-04-14 21:10:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-04-14 21:10:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-04-14 21:10:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-04-14 21:10:43 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-04-14 21:10:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-04-14 21:10:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-04-14 21:10:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-04-14 21:10:39 ----A---- C:\WINDOWS\system32\jscript.dll
2015-04-14 21:10:38 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-04-14 21:10:38 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-04-14 21:10:37 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-04-14 21:10:36 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-04-14 21:10:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-04-14 21:10:35 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-04-14 21:07:57 ----A---- C:\WINDOWS\system32\pku2u.dll
2015-04-14 21:07:56 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2015-04-14 21:07:45 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\drivers\http.sys
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\clfsw32.dll
2015-04-13 22:20:56 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\wups.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\system32\wups2.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-04-13 22:20:51 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-04-13 22:20:51 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-04-13 22:20:51 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-04-13 22:20:42 ----A---- C:\WINDOWS\system32\lsm.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\invagent.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\devinv.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-04-08 10:20:40 ----D---- C:\ProgramData\HitmanPro
2015-04-08 09:45:00 ----A---- C:\WINDOWS\tweaking.com-regbackup-WEROPA-Windows-8.1-(64-bit).dat
2015-04-08 09:44:50 ----D---- C:\RegBackup

======List of files/folders modified in the last 1 month======

2015-05-07 16:41:16 ----D---- C:\WINDOWS\Prefetch
2015-05-07 16:41:15 ----D---- C:\Program Files\trend micro
2015-05-07 16:40:48 ----D---- C:\WINDOWS\Temp
2015-05-07 16:33:00 ----D---- C:\Program Files\SUPERAntiSpyware
2015-05-07 16:31:47 ----RD---- C:\Program Files
2015-05-07 16:28:50 ----AD---- C:\ProgramData\TEMP
2015-05-07 16:28:30 ----D---- C:\WINDOWS\system32\sru
2015-05-07 16:25:12 ----D---- C:\WINDOWS\debug
2015-05-07 16:25:12 ----D---- C:\Windows
2015-05-07 16:24:00 ----D---- C:\WINDOWS\AppReadiness
2015-05-07 16:08:26 ----D---- C:\Users\Roman\AppData\Roaming\ClassicShell
2015-05-07 16:00:24 ----HD---- C:\Program Files\WindowsApps
2015-05-06 16:17:54 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-05 20:22:46 ----D---- C:\WINDOWS\system32\config
2015-05-04 17:57:33 ----D---- C:\WINDOWS\system32\wbem
2015-05-04 17:47:38 ----D---- C:\Program Files\CCleaner
2015-05-04 17:47:38 ----D---- C:\Program Files (x86)\Opera
2015-05-04 17:47:19 ----D---- C:\Users\Roman\AppData\Roaming\PhotoFiltre Studio X
2015-05-04 17:47:19 ----D---- C:\Users\Roman\AppData\Roaming\MyPhoneExplorer
2015-05-04 17:47:18 ----D---- C:\WINDOWS\apppatch
2015-05-04 17:47:18 ----D---- C:\Users\Roman\AppData\Roaming\XnView
2015-05-04 17:47:18 ----D---- C:\Users\Roman\AppData\Roaming\vlc
2015-05-04 17:47:16 ----SHD---- C:\WINDOWS\Installer
2015-05-04 17:47:16 ----RSD---- C:\WINDOWS\Fonts
2015-05-04 17:47:16 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-04 17:47:16 ----D---- C:\WINDOWS\rescache
2015-05-04 17:47:16 ----D---- C:\WINDOWS\PolicyDefinitions
2015-05-04 17:47:16 ----D---- C:\WINDOWS\Inf
2015-05-04 17:47:15 ----SD---- C:\WINDOWS\system32\CompatTel
2015-05-04 17:47:15 ----RD---- C:\WINDOWS\System32
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\drivers
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\cs-CZ
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\catroot2
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-04 17:47:15 ----D---- C:\WINDOWS\servicing
2015-05-04 17:47:14 ----SD---- C:\WINDOWS\system32\GWX
2015-05-04 17:47:14 ----D---- C:\WINDOWS\WinSxS
2015-05-04 17:47:14 ----D---- C:\WINDOWS\Tasks
2015-05-04 17:47:14 ----D---- C:\WINDOWS\SYSWOW64\wbem
2015-05-04 17:47:14 ----D---- C:\WINDOWS\SYSWOW64\ras
2015-05-04 17:47:14 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-05-04 17:47:14 ----D---- C:\WINDOWS\SysWOW64
2015-05-04 17:47:14 ----D---- C:\WINDOWS\system32\Tasks
2015-05-04 17:47:14 ----D---- C:\WINDOWS\system32\Sysprep
2015-05-04 17:47:14 ----D---- C:\WINDOWS\system32\ras
2015-05-04 17:37:35 ----D---- C:\WINDOWS\registration
2015-05-04 16:38:16 ----D---- C:\Users\Roman\AppData\Roaming\LangSoft
2015-05-04 16:20:47 ----SHD---- C:\System Volume Information
2015-05-04 16:06:48 ----D---- C:\WINDOWS\CbsTemp
2015-05-03 12:39:43 ----D---- C:\WINDOWS\system32\wdi
2015-04-29 21:22:45 ----D---- C:\Program Files (x86)\Common Files
2015-04-29 21:20:01 ----D---- C:\ProgramData\Oracle
2015-04-29 21:19:20 ----D---- C:\Program Files\Java
2015-04-29 21:17:55 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-04-27 13:51:37 ----D---- C:\WINDOWS\system32\DriverStore
2015-04-26 22:17:28 ----D---- C:\WINDOWS\SoftwareDistribution
2015-04-15 19:49:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-15 12:46:09 ----RD---- C:\WINDOWS\assembly
2015-04-15 00:00:21 ----D---- C:\Program Files\Internet Explorer
2015-04-14 21:24:18 ----D---- C:\WINDOWS\system32\MRT
2015-04-14 21:22:18 ----A---- C:\WINDOWS\system32\MRT.exe
2015-04-14 21:22:13 ----D---- C:\ProgramData\Microsoft Help
2015-04-14 12:57:06 ----D---- C:\WINDOWS\AppCompat
2015-04-14 09:01:57 ----D---- C:\WINDOWS\system32\catroot
2015-04-14 01:24:21 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-04-13 22:21:53 ----D---- C:\WINDOWS\system32\appraiser
2015-04-12 13:15:09 ----D---- C:\Users\Roman\AppData\Roaming\Skype
2015-04-08 10:20:40 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-09-24 157016]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;@oem64.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 VWiFiFlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 athur;@oem74.inf,%ATHR.Service.DispName%;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 MEIx64;@oem23.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 dg_ssudbus;@oem85.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-05-03 129752]
S3 ssudmdm;@oem86.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WinUsb;@oem88.inf,%WinUSB_SvcDesc%;SAMSUNG Android USB Driver; C:\WINDOWS\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-12-18 2103096]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-29 268976]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PDF Architect 2 Creator;PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [2014-10-10 738856]
S4 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S4 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Wepa]

# AdwCleaner v4.203 - Log vytvořen 07/05/2015 v 18:01:35
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-05.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Roman - WEROPA
# Spuštěno z : C:\Users\Roman\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Opera v29.0.1795.47


*************************

AdwCleaner[R2].txt - [724 bytů] - [07/05/2015 18:00:32]
AdwCleaner[S2].txt - [650 bytů] - [07/05/2015 18:01:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [707 bytů] ##########

[Rudy]

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Skype\Toolbars

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:services
c2cautoupdatesvc
c2cpnrsvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[Wepa]

Log RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Roman at 2015-05-07 19:48:40
Microsoft Windows 8.1
System drive C: has 207 GB (44%) free of 476 GB
Total RAM: 6108 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:48:45, on 7. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\08938A66.ForecaWeather_1.1.1.3_neutral__ehkm8sa10hy4e\Foreca.WeatherApp.exe
C:\Program Files\trend micro\Roman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9199 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
dashost.exe {088fe499-6b83-4807-a192ebf0bcf6a4cf}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe"

"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:1936
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\SettingSyncHost.exe" -Embedding

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\05072015_193729.log
ClassicStartMenu.exe -startup
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 050CCD3B-3864-D988-AE6E-9E8CB4D4FAA1 -Reinvoke
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
taskeng.exe {141B39D8-F561-45B6-B788-44AC358AC5D6}
"C:\Program Files\WindowsApps\08938A66.ForecaWeather_1.1.1.3_neutral__ehkm8sa10hy4e\Foreca.WeatherApp.exe" -ServerName:App.AppXke6hd4egn7ybnvqcrgd7p73r442n3dnh.mca
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-82449ed7-ee94-4fc8-acc5-996db89d357b -SystemEventPortName:HostProcess-14eb729b-34d7-4ee7-9c18-e97c6ffe1cb1 -IoCancelEventPortName:HostProcess-112354eb-1beb-468b-b733-ac687ebb6f24 -NonStateChangingEventPortName:HostProcess-4f5c07d0-c852-4831-b3a3-a519bee7a335 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fced135f-3a33-4839-82b9-ca3a2cfcbbb6 -DeviceGroupId:WudfDefaultDevicePool

"C:\Users\Roman\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-29 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-29 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2013-10-21 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2013-10-21 520192]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-03-29 7806232]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2014-10-29 479744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-07 19:37:29 ----D---- C:\_OTM
2015-05-07 18:00:25 ----D---- C:\AdwCleaner
2015-05-04 16:00:32 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-04 16:00:32 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-04 16:00:27 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-04 16:00:26 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-04 16:00:26 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-04-29 16:36:03 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-04-29 16:36:03 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-04-29 16:36:03 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-04-29 16:36:02 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-04-29 07:48:12 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2015-04-26 20:16:11 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2015-04-26 20:16:11 ----A---- C:\WINDOWS\system32\rascfg.dll
2015-04-26 20:16:11 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2015-04-26 20:16:11 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2015-04-26 20:15:00 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-04-26 20:15:00 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-04-26 20:14:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-04-26 20:14:43 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-04-26 20:14:43 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-04-26 20:14:23 ----A---- C:\WINDOWS\system32\win32k.sys
2015-04-26 20:14:22 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-04-26 20:14:22 ----A---- C:\WINDOWS\system32\SRH.dll
2015-04-26 20:14:03 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-04-26 20:14:03 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-04-26 20:14:02 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-04-26 20:14:02 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-04-26 20:13:59 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-04-26 20:13:59 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-04-26 20:13:59 ----A---- C:\WINDOWS\system32\certcli.dll
2015-04-26 20:13:22 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-04-26 20:13:22 ----A---- C:\WINDOWS\system32\schannel.dll
2015-04-26 20:13:10 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-04-26 20:13:10 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-04-26 20:13:01 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-04-26 20:13:01 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-04-14 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\tdh.dll
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\wow64.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\sechost.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-14 21:11:32 ----A---- C:\WINDOWS\SYSWOW64\tracerpt.exe
2015-04-14 21:11:32 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2015-04-14 21:11:32 ----A---- C:\WINDOWS\system32\tracerpt.exe
2015-04-14 21:11:15 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-04-14 21:11:10 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-04-14 21:11:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-04-14 21:11:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-04-14 21:11:05 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-04-14 21:11:03 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-04-14 21:10:51 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-04-14 21:10:50 ----A---- C:\WINDOWS\system32\wininet.dll
2015-04-14 21:10:49 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-04-14 21:10:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-04-14 21:10:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-04-14 21:10:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-04-14 21:10:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-04-14 21:10:43 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-04-14 21:10:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-04-14 21:10:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-04-14 21:10:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-04-14 21:10:39 ----A---- C:\WINDOWS\system32\jscript.dll
2015-04-14 21:10:38 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-04-14 21:10:38 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-04-14 21:10:37 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-04-14 21:10:36 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-04-14 21:10:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-04-14 21:10:35 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-04-14 21:07:57 ----A---- C:\WINDOWS\system32\pku2u.dll
2015-04-14 21:07:56 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2015-04-14 21:07:45 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\drivers\http.sys
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\clfsw32.dll
2015-04-13 22:20:56 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\wups.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\system32\wups2.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-04-13 22:20:51 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-04-13 22:20:51 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-04-13 22:20:51 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-04-13 22:20:42 ----A---- C:\WINDOWS\system32\lsm.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\invagent.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\devinv.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-04-08 10:20:40 ----D---- C:\ProgramData\HitmanPro
2015-04-08 09:45:00 ----A---- C:\WINDOWS\tweaking.com-regbackup-WEROPA-Windows-8.1-(64-bit).dat
2015-04-08 09:44:50 ----D---- C:\RegBackup

======List of files/folders modified in the last 1 month======

2015-05-07 19:48:45 ----D---- C:\WINDOWS\Prefetch
2015-05-07 19:48:43 ----D---- C:\Program Files\trend micro
2015-05-07 19:46:21 ----D---- C:\WINDOWS\Temp
2015-05-07 19:41:12 ----RD---- C:\Program Files (x86)\Skype
2015-05-07 19:09:02 ----HD---- C:\Program Files\WindowsApps
2015-05-07 19:00:01 ----D---- C:\WINDOWS\system32\sru
2015-05-07 18:53:01 ----D---- C:\WINDOWS\AppReadiness
2015-05-07 18:27:55 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-07 18:02:59 ----D---- C:\Windows
2015-05-07 18:02:16 ----D---- C:\WINDOWS\Inf
2015-05-07 16:59:54 ----D---- C:\WINDOWS\debug
2015-05-07 16:51:12 ----SHD---- C:\System Volume Information
2015-05-07 16:49:49 ----D---- C:\Users\Roman\AppData\Roaming\ClassicShell
2015-05-07 16:33:00 ----D---- C:\Program Files\SUPERAntiSpyware
2015-05-07 16:31:47 ----RD---- C:\Program Files
2015-05-07 16:28:50 ----AD---- C:\ProgramData\TEMP
2015-05-05 20:22:46 ----D---- C:\WINDOWS\system32\config
2015-05-04 17:57:33 ----D---- C:\WINDOWS\system32\wbem
2015-05-04 17:47:38 ----D---- C:\Program Files\CCleaner
2015-05-04 17:47:38 ----D---- C:\Program Files (x86)\Opera
2015-05-04 17:47:19 ----D---- C:\Users\Roman\AppData\Roaming\PhotoFiltre Studio X
2015-05-04 17:47:19 ----D---- C:\Users\Roman\AppData\Roaming\MyPhoneExplorer
2015-05-04 17:47:18 ----D---- C:\WINDOWS\apppatch
2015-05-04 17:47:18 ----D---- C:\Users\Roman\AppData\Roaming\XnView
2015-05-04 17:47:18 ----D---- C:\Users\Roman\AppData\Roaming\vlc
2015-05-04 17:47:16 ----SHD---- C:\WINDOWS\Installer
2015-05-04 17:47:16 ----RSD---- C:\WINDOWS\Fonts
2015-05-04 17:47:16 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-04 17:47:16 ----D---- C:\WINDOWS\rescache
2015-05-04 17:47:16 ----D---- C:\WINDOWS\PolicyDefinitions
2015-05-04 17:47:15 ----SD---- C:\WINDOWS\system32\CompatTel
2015-05-04 17:47:15 ----RD---- C:\WINDOWS\System32
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\drivers
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\cs-CZ
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\catroot2
2015-05-04 17:47:15 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-04 17:47:15 ----D---- C:\WINDOWS\servicing
2015-05-04 17:47:14 ----SD---- C:\WINDOWS\system32\GWX
2015-05-04 17:47:14 ----D---- C:\WINDOWS\WinSxS
2015-05-04 17:47:14 ----D---- C:\WINDOWS\Tasks
2015-05-04 17:47:14 ----D---- C:\WINDOWS\SYSWOW64\wbem
2015-05-04 17:47:14 ----D---- C:\WINDOWS\SYSWOW64\ras
2015-05-04 17:47:14 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-05-04 17:47:14 ----D---- C:\WINDOWS\SysWOW64
2015-05-04 17:47:14 ----D---- C:\WINDOWS\system32\Tasks
2015-05-04 17:47:14 ----D---- C:\WINDOWS\system32\Sysprep
2015-05-04 17:47:14 ----D---- C:\WINDOWS\system32\ras
2015-05-04 17:37:35 ----D---- C:\WINDOWS\registration
2015-05-04 16:38:16 ----D---- C:\Users\Roman\AppData\Roaming\LangSoft
2015-05-04 16:06:48 ----D---- C:\WINDOWS\CbsTemp
2015-05-03 12:39:43 ----D---- C:\WINDOWS\system32\wdi
2015-04-29 21:22:45 ----D---- C:\Program Files (x86)\Common Files
2015-04-29 21:20:01 ----D---- C:\ProgramData\Oracle
2015-04-29 21:19:20 ----D---- C:\Program Files\Java
2015-04-29 21:17:55 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-04-27 13:51:37 ----D---- C:\WINDOWS\system32\DriverStore
2015-04-26 22:17:28 ----D---- C:\WINDOWS\SoftwareDistribution
2015-04-15 19:49:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-15 12:46:09 ----RD---- C:\WINDOWS\assembly
2015-04-15 00:00:21 ----D---- C:\Program Files\Internet Explorer
2015-04-14 21:24:18 ----D---- C:\WINDOWS\system32\MRT
2015-04-14 21:22:18 ----A---- C:\WINDOWS\system32\MRT.exe
2015-04-14 21:22:13 ----D---- C:\ProgramData\Microsoft Help
2015-04-14 12:57:06 ----D---- C:\WINDOWS\AppCompat
2015-04-14 09:01:57 ----D---- C:\WINDOWS\system32\catroot
2015-04-14 01:24:21 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-04-13 22:21:53 ----D---- C:\WINDOWS\system32\appraiser
2015-04-12 13:15:09 ----D---- C:\Users\Roman\AppData\Roaming\Skype
2015-04-08 10:20:40 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-09-24 157016]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;@oem64.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 VWiFiFlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 athur;@oem74.inf,%ATHR.Service.DispName%;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 MEIx64;@oem23.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 dg_ssudbus;@oem85.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-05-03 129752]
S3 ssudmdm;@oem86.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WinUsb;@oem88.inf,%WinUSB_SvcDesc%;SAMSUNG Android USB Driver; C:\WINDOWS\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-12-18 2103096]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-29 268976]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PDF Architect 2 Creator;PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [2014-10-10 738856]
S4 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S4 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Roman.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

[Wepa]

OTM po sobě uklidil i co neměl, přestalo fungovat metro. Po obnově systému v nouzovém režimu opět funkční.
Vkládám nový log z RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Roman at 2015-05-08 09:06:41
Microsoft Windows 8.1
System drive C: has 207 GB (43%) free of 476 GB
Total RAM: 6108 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:06:44, on 8. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\08938A66.ForecaWeather_1.1.1.3_neutral__ehkm8sa10hy4e\Foreca.WeatherApp.exe
C:\Program Files\trend micro\Roman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9420 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {694bd5b8-fa92-4341-83c9c2f145385f0b}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe"

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7e102079-3cbe-49d3-8266-032d43d4d12a -SystemEventPortName:HostProcess-4097286d-7d08-4911-8ebd-0dd64d2e67c5 -IoCancelEventPortName:HostProcess-b568377c-115d-4d36-aece-12d4f7bb56a5 -NonStateChangingEventPortName:HostProcess-2052b58c-5475-4ad6-bcb1-6b01964d51fb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8eb28b81-e42f-439e-88a2-bd68d0f8d409 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 62FB0D82-3405-AD32-6285-000CFE2A5F6A -Reinvoke

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:2076
taskhostex.exe
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\StikyNot.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\08938A66.ForecaWeather_1.1.1.3_neutral__ehkm8sa10hy4e\Foreca.WeatherApp.exe" -ServerName:App.AppXke6hd4egn7ybnvqcrgd7p73r442n3dnh.mca
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584

"C:\Users\Roman\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-07 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-07 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2013-10-21 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2013-10-21 520192]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-03-29 7806232]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2014-10-29 479744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-08 09:06:41 ----D---- C:\rsit
2015-05-07 23:17:57 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2015-05-07 23:17:57 ----A---- C:\WINDOWS\system32\rascfg.dll
2015-05-07 23:17:57 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2015-05-07 23:17:57 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2015-05-07 23:17:36 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-07 23:17:35 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-07 23:17:11 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-07 23:17:11 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-07 23:16:53 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-07 23:16:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-07 23:16:44 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-07 23:16:43 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-07 23:16:23 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-07 23:16:23 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-07 23:16:23 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-07 23:16:23 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-07 23:16:23 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-07 23:16:08 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-07 23:16:08 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-07 23:16:08 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-07 23:16:08 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-07 23:16:02 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-07 23:15:50 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-07 23:15:50 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-05-07 23:15:50 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-05-07 23:15:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-07 23:15:40 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-07 23:15:40 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-07 23:15:37 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-07 23:15:36 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-07 23:15:33 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-07 23:15:33 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-07 23:15:08 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-07 23:15:08 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-07 23:14:58 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-07 23:14:58 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-07 18:00:25 ----D---- C:\AdwCleaner
2015-04-14 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\tdh.dll
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-04-14 21:11:34 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\wow64.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\sechost.dll
2015-04-14 21:11:33 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-14 21:11:32 ----A---- C:\WINDOWS\SYSWOW64\tracerpt.exe
2015-04-14 21:11:32 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2015-04-14 21:11:32 ----A---- C:\WINDOWS\system32\tracerpt.exe
2015-04-14 21:11:15 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-04-14 21:11:10 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-04-14 21:11:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-04-14 21:11:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-04-14 21:11:05 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-04-14 21:11:03 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-04-14 21:10:51 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-04-14 21:10:50 ----A---- C:\WINDOWS\system32\wininet.dll
2015-04-14 21:10:49 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-04-14 21:10:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-04-14 21:10:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-04-14 21:10:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-04-14 21:10:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-04-14 21:10:43 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-04-14 21:10:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-04-14 21:10:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-04-14 21:10:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-04-14 21:10:39 ----A---- C:\WINDOWS\system32\jscript.dll
2015-04-14 21:10:38 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-04-14 21:10:38 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-04-14 21:10:37 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-04-14 21:10:36 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-04-14 21:10:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-04-14 21:10:35 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-04-14 21:07:57 ----A---- C:\WINDOWS\system32\pku2u.dll
2015-04-14 21:07:56 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2015-04-14 21:07:45 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\drivers\http.sys
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2015-04-14 21:07:45 ----A---- C:\WINDOWS\system32\clfsw32.dll
2015-04-13 22:20:56 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-04-13 22:20:55 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\wups.dll
2015-04-13 22:20:54 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\system32\wups2.dll
2015-04-13 22:20:53 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-04-13 22:20:52 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-04-13 22:20:51 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-04-13 22:20:51 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-04-13 22:20:51 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-04-13 22:20:42 ----A---- C:\WINDOWS\system32\lsm.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-04-13 22:20:38 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\invagent.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\devinv.dll
2015-04-13 22:20:37 ----A---- C:\WINDOWS\system32\aepdu.dll

======List of files/folders modified in the last 1 month======

2015-05-08 09:06:44 ----D---- C:\WINDOWS\Prefetch
2015-05-08 09:06:43 ----D---- C:\Program Files\trend micro
2015-05-08 09:05:10 ----D---- C:\WINDOWS\Temp
2015-05-08 09:00:00 ----D---- C:\WINDOWS\system32\sru
2015-05-08 02:20:27 ----D---- C:\Users\Roman\AppData\Roaming\ClassicShell
2015-05-08 02:00:41 ----D---- C:\Program Files\SUPERAntiSpyware
2015-05-08 01:51:01 ----D---- C:\Program Files (x86)\Opera
2015-05-08 01:41:09 ----HD---- C:\Program Files\WindowsApps
2015-05-08 01:40:38 ----D---- C:\WINDOWS\AppReadiness
2015-05-08 01:37:48 ----D---- C:\WINDOWS\system32\config
2015-05-08 01:22:19 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-08 00:50:12 ----SHD---- C:\System Volume Information
2015-05-08 00:23:44 ----SHD---- C:\WINDOWS\Installer
2015-05-08 00:12:53 ----D---- C:\Windows
2015-05-08 00:03:31 ----D---- C:\WINDOWS\debug
2015-05-07 23:56:40 ----AD---- C:\ProgramData\TEMP
2015-05-07 23:52:31 ----D---- C:\WINDOWS\Inf
2015-05-07 23:49:21 ----D---- C:\Program Files (x86)\Common Files
2015-05-07 23:48:58 ----D---- C:\Program Files\Java
2015-05-07 23:48:50 ----RD---- C:\WINDOWS\System32
2015-05-07 23:48:50 ----D---- C:\WINDOWS\SysWOW64
2015-05-07 23:47:34 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-05-07 23:46:42 ----D---- C:\WINDOWS\rescache
2015-05-07 23:30:19 ----D---- C:\WINDOWS\WinSxS
2015-05-07 23:22:10 ----D---- C:\WINDOWS\system32\drivers
2015-05-07 23:22:06 ----RSD---- C:\WINDOWS\Fonts
2015-05-07 23:22:06 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-07 23:22:06 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-07 23:22:06 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-07 23:19:16 ----D---- C:\WINDOWS\CbsTemp
2015-05-07 23:18:05 ----D---- C:\WINDOWS\apppatch
2015-05-07 22:47:02 ----D---- C:\WINDOWS\system32\catroot2
2015-05-07 22:40:58 ----RD---- C:\Program Files
2015-05-07 22:24:53 ----D---- C:\Users\Roman\AppData\Roaming\PhotoFiltre Studio X
2015-05-07 22:24:48 ----D---- C:\WINDOWS\system32\wbem
2015-05-07 22:23:18 ----SD---- C:\WINDOWS\system32\CompatTel
2015-05-07 22:23:18 ----D---- C:\WINDOWS\Tasks
2015-05-07 22:23:18 ----D---- C:\WINDOWS\SYSWOW64\wbem
2015-05-07 22:23:18 ----D---- C:\WINDOWS\SYSWOW64\ras
2015-05-07 22:23:18 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-05-07 22:23:18 ----D---- C:\WINDOWS\system32\ras
2015-05-07 22:23:18 ----D---- C:\WINDOWS\system32\drivers\etc
2015-05-07 22:23:18 ----D---- C:\WINDOWS\system32\cs-CZ
2015-05-07 22:23:18 ----D---- C:\WINDOWS\PolicyDefinitions
2015-05-07 22:23:07 ----SD---- C:\WINDOWS\system32\GWX
2015-05-07 22:23:07 ----D---- C:\WINDOWS\system32\Tasks
2015-05-07 22:23:07 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-05-07 22:23:06 ----D---- C:\Users\Roman\AppData\Roaming\XnView
2015-05-07 22:23:06 ----D---- C:\Users\Roman\AppData\Roaming\vlc
2015-05-07 22:23:06 ----D---- C:\Users\Roman\AppData\Roaming\MyPhoneExplorer
2015-05-07 22:23:03 ----D---- C:\Program Files\CCleaner
2015-05-07 22:14:33 ----D---- C:\WINDOWS\registration
2015-05-07 22:13:52 ----D---- C:\WINDOWS\system32\wdi
2015-05-07 22:13:49 ----D---- C:\WINDOWS\system32\Sysprep
2015-05-07 22:13:29 ----D---- C:\WINDOWS\servicing
2015-05-07 22:11:54 ----D---- C:\ProgramData\Oracle
2015-05-07 22:11:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-26 22:17:28 ----D---- C:\WINDOWS\SoftwareDistribution
2015-04-15 19:49:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-15 12:46:09 ----RD---- C:\WINDOWS\assembly
2015-04-15 00:00:21 ----D---- C:\Program Files\Internet Explorer
2015-04-14 21:24:18 ----D---- C:\WINDOWS\system32\MRT
2015-04-14 21:22:18 ----A---- C:\WINDOWS\system32\MRT.exe
2015-04-14 21:22:13 ----D---- C:\ProgramData\Microsoft Help
2015-04-14 12:57:06 ----D---- C:\WINDOWS\AppCompat
2015-04-14 09:01:57 ----D---- C:\WINDOWS\system32\catroot
2015-04-14 01:24:21 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-04-13 22:21:53 ----D---- C:\WINDOWS\system32\appraiser
2015-04-12 13:15:09 ----D---- C:\Users\Roman\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-09-24 157016]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;@oem64.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 VWiFiFlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 athur;@oem74.inf,%ATHR.Service.DispName%;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 MEIx64;@oem23.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 dg_ssudbus;@oem85.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ssudmdm;@oem86.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WinUsb;@oem88.inf,%WinUSB_SvcDesc%;SAMSUNG Android USB Driver; C:\WINDOWS\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-12-18 2103096]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-07 268976]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PDF Architect 2 Creator;PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [2014-10-10 738856]
S4 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S4 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]

-----------------EOF-----------------

[Rudy]

Metro jsem nemazal, proč přestalo fungovat, nevím. S obnovou se vám vrátil i SkypeToolbar (zbytečnost). Nastala nějaká změna?

[Wepa]

PC se zlepšilo, ale není to jako dřív. Dneska se PC sám restartoval a objevila se tato hláška KERNEL_DATA_INPAGE_ERROR.

[Rudy]

Otevřte adresář c:\windows\minidump, jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.

[Wepa]

http://leteckaposta.cz/572218513

[Rudy]

Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

[Wepa]

----------------------------------------------------------------------------
CrystalDiskInfo 6.3.1 (C) 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2015/05/11 15:22:52

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- WDC WD5000AUDX-63WNHY0 ATA Device
+ ATA Channel 1 (1) [ATA]
- HL-DT-ST DVDRAM GH24NS95 ATA Device
+ ATA Channel 0 (0) [ATA]
- WDC WD5000AADS-00L4B1 ATA Device
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AUDX-63WNHY0 : 500,1 GB [0/0/0, pd1] - wd
(2) WDC WD5000AADS-00L4B1 : 500,1 GB [1/2/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000AUDX-63WNHY0
----------------------------------------------------------------------------
Model : WDC WD5000AUDX-63WNHY0
Firmware : 01.01A01
Serial Number : WD-WMC1U7106230
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 7706 hod.
Power On Count : 2376 krát
Temperature : 28 C (82 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 137 134 _21 00000000101D Čas na roztočení ploten
04 _98 _98 __0 000000000960 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _90 _90 __0 000000001E1A Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000948 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000022 Počet vypnutí disku
C1 200 200 __0 00000000093D Počet cyklů načítání/vymazání
C2 115 107 __0 00000000001C Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 4331 5537 3130 3632 3330
020: 0000 FFFF 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4155 4458 2D36 3357 4E48 5930 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 970E 0004 004C 0040
080: 01FE 0000 746B 7D61 4733 7469 BC41 4723 207F 002A
090: 002A 0000 FFFE 0000 0000 0008 0000 0000 86A0 0001
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AD7D C707 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 30B5 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 90A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 89 86 1D 10 00 00 00 00 00 04 32 00 62 62 60
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5A 5A 1A 1E 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 48 09 00 00 00 00 00 C0 32
070: 00 C8 C8 22 00 00 00 00 00 00 C1 32 00 C8 C8 3D
080: 09 00 00 00 00 00 C2 22 00 73 6B 1C 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 68 1F 01 7B
170: 03 00 01 00 02 5E 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7F

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9D

----------------------------------------------------------------------------
(2) WDC WD5000AADS-00L4B1
----------------------------------------------------------------------------
Model : WDC WD5000AADS-00L4B1
Firmware : 05.04C05
Serial Number : WD-WCAUH1573792
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 19202 hod.
Power On Count : 4281 krát
Temperature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 134 133 _21 00000000188B Čas na roztočení ploten
04 _91 _91 __0 00000000234C Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _74 _74 __0 000000004B02 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _96 _96 __0 0000000010B9 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000068 Počet vypnutí disku
C1 197 197 __0 00000000234C Počet cyklů načítání/vymazání
C2 120 100 __0 00000000001B Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4155 4831 3537 3337 3932
020: 0000 FFFF 0032 3035 2E30 3443 3035 5744 4320 5744
030: 3530 3030 4141 4453 2D30 304C 3442 3120 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 207F 003A
090: 003A 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 5854 608C 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16BA 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 05A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 86 85 8B 18 00 00 00 00 00 04 32 00 5B 5B 4C
020: 23 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 4A 4A 02 4B 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 B9 10 00 00 00 00 00 C0 32
070: 00 C8 C8 68 00 00 00 00 00 00 C1 32 00 C5 C5 4C
080: 23 00 00 00 00 00 C2 22 00 78 64 1B 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 88 2C 01 7B
170: 03 00 01 00 02 85 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 03 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3E

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E1

[Wepa]

Poradí mi někdo s tím, prosím?

[Rudy]

Oba disky jsou OK. Zkuste systémový disk proskenovat CheckDiskem, příp. defragmentovat.