PC sa zasekava

[Lestatos]

Dobry den, pred casom som pomocou vasich uzasných sluzieb, cistil svoj PC. Pomohlo to, ale problem je spat. Som zufaly, nemozem pracovat. PC sa zasekava, niekedy niekdy mozem mat spustene a Lightroom a Photoshop naraz a stiha a za 3 min zase nie je schopny otvorit jednoduchu zlozku. Je mozne ze moj probelm by bol hardware poskodeny? Nustale citim CCcleanerom, advcleanerom, rougekillerom. Chvilku to ide a zase to zacne blbnut. NOD nenajde tiez nic. Dakujem

Logfile of random's system information tool 1.10 (written by random/random)
Run by lestatos at 2015-05-14 10:47:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 20 GB (7%) free of 278 GB
Total RAM: 4003 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:47:23, on 14. 5. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\lestatos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11608 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
taskeng.exe {59240F7D-903E-474E-B260-B251A262E8C3}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2444
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-870cacea-893e-40c0-9935-597ee16870f4 -SystemEventPortName:HostProcess-4ca420e6-c16b-4a1a-9926-0252c79616ec -IoCancelEventPortName:HostProcess-c103c112-c6b7-4f8f-ab30-f0d670825c88 -NonStateChangingEventPortName:HostProcess-4e44cd7d-ccaa-48b2-863d-7a72c59d0dfa -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3335b1fb-9680-449c-a854-95a38c1444d2 -DeviceGroupId:WpdFsGroup
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
taskeng.exe {C4112D35-1661-41CE-8B27-D6F66B79FF25}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2648.0.1662944727\880128511" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,19,42 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2372 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2648 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2648.2.1750694405\377552495" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2648 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2648.3.1731836085\1130799585" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2648 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2648.4.1710608795\82713363" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2648 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2648.5.976258856\1116252594" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=2648 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2648.6.648188812\1991835444" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2648.7.1997606255\311205126" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Users\lestatos\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\lestatos\AppData\Roaming\Mozilla\Firefox\Profiles\6xw6lgmv.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-10 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-10 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-05-23 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-05-23 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-05-23 416024]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-23 11780712]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25 31682144]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-10-18 752736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-05-26 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-06-14 1563440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-06-14 310064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-10-18 752736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QSign.lnk]
C:\PROGRA~2\Ardaco\QSign\zepapp.exe [2011-10-13 4970496]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-05-23 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-14 03:16:41 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:16:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:09:36 ----A---- C:\Windows\system32\schannel.dll
2015-05-13 13:09:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-05-13 13:09:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 13:09:35 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 13:09:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-05-13 13:09:14 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-05-13 13:09:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-05-13 13:09:14 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-05-13 13:09:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-13 13:09:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-13 13:09:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-05-13 13:09:13 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-05-13 13:09:13 ----A---- C:\Windows\system32\iernonce.dll
2015-05-13 13:09:13 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-13 13:09:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-05-13 13:09:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-05-13 13:09:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-05-13 13:09:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 13:09:11 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-05-13 13:09:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-05-13 13:09:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-05-13 13:09:05 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-05-13 13:09:04 ----A---- C:\Windows\system32\urlmon.dll
2015-05-13 13:09:04 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-13 13:09:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-05-13 13:09:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-05-13 13:09:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-05-13 13:09:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 13:09:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-05-13 13:09:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-05-13 13:09:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-05-13 13:09:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-05-13 13:09:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 13:09:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-13 13:09:00 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-13 13:08:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-05-13 13:08:58 ----A---- C:\Windows\system32\iesetup.dll
2015-05-13 13:08:57 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-13 13:08:56 ----A---- C:\Windows\system32\iertutil.dll
2015-05-13 13:08:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-05-13 13:08:54 ----A---- C:\Windows\system32\vbscript.dll
2015-05-13 13:08:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-05-13 13:08:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-05-13 13:08:52 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-13 13:08:52 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-13 13:08:51 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-05-13 13:08:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-13 13:08:48 ----A---- C:\Windows\system32\ieui.dll
2015-05-13 13:08:47 ----A---- C:\Windows\system32\ieframe.dll
2015-05-13 13:08:46 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-13 13:08:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-13 13:08:45 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-13 13:08:45 ----A---- C:\Windows\system32\jscript.dll
2015-05-13 13:08:44 ----A---- C:\Windows\system32\jscript9.dll
2015-05-13 13:08:43 ----A---- C:\Windows\system32\wininet.dll
2015-05-13 13:08:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-13 13:08:39 ----A---- C:\Windows\system32\msrating.dll
2015-05-13 13:08:36 ----A---- C:\Windows\system32\mshtml.dll
2015-05-13 13:06:18 ----A---- C:\Windows\system32\services.exe
2015-05-13 13:06:01 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-13 13:06:01 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-13 13:05:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-13 13:05:58 ----A---- C:\Windows\system32\ntdll.dll
2015-05-13 13:05:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-05-13 13:05:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-05-13 13:05:55 ----A---- C:\Windows\system32\tdh.dll
2015-05-13 13:05:54 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-05-13 13:05:54 ----A---- C:\Windows\system32\advapi32.dll
2015-05-13 13:05:53 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-05-13 13:05:53 ----A---- C:\Windows\system32\kernel32.dll
2015-05-13 13:05:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-05-13 13:05:48 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-05-13 13:05:48 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-13 13:05:48 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-13 13:05:47 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-05-13 13:05:47 ----A---- C:\Windows\system32\wow64.dll
2015-05-13 13:05:47 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-13 13:05:47 ----A---- C:\Windows\system32\KernelBase.dll
2015-05-13 13:05:46 ----A---- C:\Windows\system32\srcore.dll
2015-05-13 13:05:46 ----A---- C:\Windows\system32\sechost.dll
2015-05-13 13:05:46 ----A---- C:\Windows\system32\logman.exe
2015-05-13 13:05:46 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-13 13:05:46 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-13 13:05:45 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-05-13 13:05:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-05-13 13:05:45 ----A---- C:\Windows\system32\winsrv.dll
2015-05-13 13:05:45 ----A---- C:\Windows\system32\kerberos.dll
2015-05-13 13:05:45 ----A---- C:\Windows\system32\conhost.exe
2015-05-13 13:05:44 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-05-13 13:05:44 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-05-13 13:05:44 ----A---- C:\Windows\system32\rstrui.exe
2015-05-13 13:05:43 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-05-13 13:05:43 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-05-13 13:05:43 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-05-13 13:05:43 ----A---- C:\Windows\system32\wdigest.dll
2015-05-13 13:05:43 ----A---- C:\Windows\system32\typeperf.exe
2015-05-13 13:05:43 ----A---- C:\Windows\system32\smss.exe
2015-05-13 13:05:43 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-13 13:05:42 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-05-13 13:05:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-05-13 13:05:42 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-05-13 13:05:42 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-13 13:05:42 ----A---- C:\Windows\system32\sspicli.dll
2015-05-13 13:05:42 ----A---- C:\Windows\system32\relog.exe
2015-05-13 13:05:42 ----A---- C:\Windows\system32\lsass.exe
2015-05-13 13:05:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-05-13 13:05:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-05-13 13:05:41 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-05-13 13:05:41 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-05-13 13:05:41 ----A---- C:\Windows\system32\srclient.dll
2015-05-13 13:05:41 ----A---- C:\Windows\system32\diskperf.exe
2015-05-13 13:05:41 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-13 13:05:41 ----A---- C:\Windows\system32\auditpol.exe
2015-05-13 13:05:40 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-05-13 13:05:40 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-05-13 13:05:40 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-05-13 13:05:40 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-05-13 13:05:40 ----A---- C:\Windows\system32\wow64win.dll
2015-05-13 13:05:40 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-13 13:05:40 ----A---- C:\Windows\system32\secur32.dll
2015-05-13 13:05:40 ----A---- C:\Windows\system32\ntvdm64.dll
2015-05-13 13:05:40 ----A---- C:\Windows\system32\credssp.dll
2015-05-13 13:05:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:05:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:05:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:05:39 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:05:39 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:05:39 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:05:39 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:05:39 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-05-13 13:05:39 ----A---- C:\Windows\system32\wow64cpu.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:05:38 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:05:37 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:05:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:05:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:05:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:05:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:05:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:05:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:05:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:05:36 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:05:36 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-05-13 13:05:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:05:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:05:35 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:05:35 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:05:35 ----A---- C:\Windows\SYSWOW64\user.exe
2015-05-13 13:05:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-05-13 13:05:35 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-05-13 13:05:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-05-13 13:05:35 ----A---- C:\Windows\system32\msaudite.dll
2015-05-13 13:05:35 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-13 13:05:35 ----A---- C:\Windows\system32\adtschema.dll
2015-05-13 13:05:34 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-05-13 13:05:34 ----A---- C:\Windows\system32\msobjs.dll
2015-05-13 13:04:27 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 13:04:27 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 13:04:25 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 13:04:24 ----A---- C:\Windows\system32\win32k.sys
2015-05-13 13:04:02 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 13:04:02 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 13:03:59 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 13:03:55 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 13:03:54 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 13:03:37 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 13:03:37 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 13:03:27 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 13:03:26 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 13:03:26 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 13:03:26 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 13:03:26 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 13:03:26 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-13 13:03:25 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-02 21:15:36 ----D---- C:\ProgramData\ArcSoft
2015-05-02 21:13:27 ----D---- C:\Program Files (x86)\ArcSoft
2015-05-02 21:11:52 ----D---- C:\Users\lestatos\AppData\Roaming\ArcSoft
2015-04-18 21:40:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-18 12:41:32 ----D---- C:\Users\lestatos\AppData\Roaming\Google Chrome Backup
2015-04-18 12:41:18 ----D---- C:\Program Files (x86)\Google Chrome Backup
2015-04-15 15:17:42 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-15 15:16:22 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-15 15:16:22 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-15 15:16:22 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-15 15:16:21 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-15 14:15:55 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 14:15:55 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 14:15:55 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 14:15:55 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 14:15:54 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wups.dll
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 14:15:54 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 14:15:54 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 14:15:53 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 14:15:29 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 14:15:29 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 14:15:28 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 14:15:28 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 14:15:28 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 14:15:28 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 14:15:27 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 14:15:26 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 14:15:22 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 14:15:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 14:15:16 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 14:15:15 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 14:15:15 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 14:15:15 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 14:06:56 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 14:06:53 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 14:06:53 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 14:06:53 ----A---- C:\Windows\system32\clfs.sys

======List of files/folders modified in the last 1 month======

2015-05-14 10:47:23 ----D---- C:\Windows\Temp
2015-05-14 10:47:17 ----D---- C:\Program Files\trend micro
2015-05-14 10:47:14 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-14 10:46:27 ----D---- C:\Users\lestatos\AppData\Roaming\Skype
2015-05-14 10:33:34 ----D---- C:\Windows\system32\config
2015-05-14 09:22:44 ----D---- C:\Windows\Microsoft.NET
2015-05-14 08:44:21 ----RSD---- C:\Windows\assembly
2015-05-14 04:00:02 ----D---- C:\Windows\System32
2015-05-14 04:00:02 ----D---- C:\Windows\inf
2015-05-14 04:00:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-14 03:54:33 ----D---- C:\Windows\SysWOW64
2015-05-14 03:54:26 ----D---- C:\Windows\winsxs
2015-05-14 03:50:52 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-14 03:50:52 ----D---- C:\Windows\system32\en-US
2015-05-14 03:50:52 ----D---- C:\Program Files\Internet Explorer
2015-05-14 03:50:51 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-14 03:50:48 ----D---- C:\Windows\system32\drivers
2015-05-14 03:50:48 ----D---- C:\Windows\AppPatch
2015-05-14 03:50:47 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-14 03:50:47 ----D---- C:\Program Files\Windows Journal
2015-05-14 03:50:44 ----D---- C:\Windows\system32\DriverStore
2015-05-14 03:50:43 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-14 03:44:34 ----SHD---- C:\Windows\Installer
2015-05-14 03:44:03 ----D---- C:\ProgramData\Microsoft Help
2015-05-14 03:24:29 ----D---- C:\Windows\system32\MRT
2015-05-14 03:24:27 ----D---- C:\Windows\debug
2015-05-14 03:24:26 ----A---- C:\Windows\system32\MRT.exe
2015-05-14 03:13:28 ----SHD---- C:\System Volume Information
2015-05-13 22:21:09 ----AD---- C:\Windows
2015-05-13 12:59:47 ----D---- C:\Windows\system32\catroot2
2015-05-13 09:17:25 ----D---- C:\Users\lestatos\AppData\Roaming\vlc
2015-05-12 13:09:18 ----D---- C:\Windows\Prefetch
2015-05-12 06:10:44 ----D---- C:\AdwCleaner
2015-05-11 22:02:26 ----D---- C:\Users\lestatos\AppData\Roaming\uTorrent
2015-05-11 02:32:17 ----D---- C:\torrents
2015-05-10 20:16:06 ----D---- C:\Program Files (x86)\PokerStars
2015-05-02 21:24:07 ----D---- C:\Users\lestatos\AppData\Roaming\NVIDIA
2015-05-02 21:15:36 ----HD---- C:\ProgramData
2015-05-02 21:13:27 ----D---- C:\Program Files (x86)
2015-05-02 21:13:24 ----D---- C:\Program Files (x86)\Common Files
2015-05-02 21:13:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-04-29 04:21:16 ----D---- C:\ProgramData\Skype
2015-04-29 04:21:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-21 03:51:37 ----D---- C:\Windows\rescache
2015-04-21 03:50:18 ----D---- C:\Windows\AppCompat
2015-04-19 12:47:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-19 11:44:42 ----SD---- C:\Users\lestatos\AppData\Roaming\Microsoft
2015-04-18 11:38:21 ----D---- C:\Program Files\RogueKiller
2015-04-17 03:20:23 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-17 03:20:22 ----SD---- C:\Windows\system32\CompatTel
2015-04-17 03:20:22 ----D---- C:\Windows\system32\sk-SK
2015-04-17 03:20:22 ----D---- C:\Windows\system32\appraiser
2015-04-16 09:19:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 08:47:45 ----A---- C:\Windows\win.ini
2015-04-15 22:45:45 ----D---- C:\Windows\Web

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-05-23 12228128]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-23 2795880]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-05-23 317440]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2014-05-23 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2014-05-23 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2014-03-06 11527888]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-05-23 311400]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 34816]
S3 A38CCID;CCID USB Smart Card Reader; C:\Windows\system32\DRIVERS\a38ccid.sys [2014-11-13 62976]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-05-12 136408]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-09-16 39528]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-05-23 326168]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2013-11-22 70768]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-15 5426448]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-23 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-05-23 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-23 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-05-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 641352]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-18 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-24 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Vidim tam MBAM. Udelejte novou kontrolu. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Lestatos]

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2015/05/14 11:20:22

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- WDC WD5000BEKT-22KA9T0 ATA Device
+ ATA Channel 1 (1) [ATA]
- TSSTcorp CDDVDW TS-L633F ATA Device
+ Intel(R) 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C03 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BEKT-22KA9T0 : 500,1 GB [0/0/0, pd1]
(2) WDC WD5000AAVS-00G9B0 : 500,1 GB [2/X/X, sa1] (V=1058, P=1100)

----------------------------------------------------------------------------
(1) WDC WD5000BEKT-22KA9T0
----------------------------------------------------------------------------
Model : WDC WD5000BEKT-22KA9T0
Firmware : 01.01A01
Serial Number : WD-WXB1A41M4850
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 23161 hours
Power On Count : 2314 count
Temparature : 49 C (120 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 00000000000C Read Error Rate
03 180 177 _21 0000000007C7 Spin-Up Time
04 _98 _98 __0 00000000090C Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 100 253 __0 000000000000 Seek Error Rate
09 _69 _69 __0 000000005A79 Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _98 _98 __0 00000000090A Power Cycle Count
BF __1 __1 __0 000000001BAF G-Sense Error Rate
C0 200 200 __0 000000000165 Power-off Retract Count
C1 157 157 __0 00000001F821 Load/Unload Cycle Count
C2 _98 _78 __0 000000000031 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4134 4134 314D 3438 3530
020: 0000 8000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3530 3030 4245 4B54 2D32 4139 4139 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0000 004C 0048
080: 01FE 0000 746B 7F09 6163 BC09 BC09 6163 207F 0035
090: 0035 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 5B3F 99C4 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 011E 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 7035 7035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 2BA5

----------------------------------------------------------------------------
(2) WDC WD5000AAVS-00G9B0
----------------------------------------------------------------------------
Enclosure : WD 5000AAV External USB Device (V=1058, P=1100, sa1)
Model : WDC WD5000AAVS-00G9B0
Firmware : 05.04C05
Serial Number : WD-WCAUF0366054
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Unknown
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 7431 hours
Power On Count : 168 count
Temparature : 37 C (98 F)
Health Status : Good
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 152 130 _21 00000000150F Spin-Up Time
04 _98 _98 __0 000000000A91 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 100 253 _51 000000000000 Seek Error Rate
09 _90 _90 __0 000000001D07 Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 _51 000000000000 Recalibration Retries
0C 100 100 __0 0000000000A8 Power Cycle Count
C0 200 200 __0 000000000009 Power-off Retract Count
C1 200 200 __0 000000000A90 Load/Unload Cycle Count
C2 110 _91 __0 000000000025 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 200 200 _51 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4630 4630 3336 3630 3534
020: 0000 4000 0032 3035 2E30 3035 3035 5744 4320 5744
030: 3530 3030 4141 5653 2D30 3942 3942 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 BE41 BE41 4123 007F 004B
090: 004B 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 01DA 1428 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 16BA 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4FA5

[Lestatos]

# AdwCleaner v4.204 - Log vytvorený 14/05/2015 at 11:24:23
# Aktualizované 12/05/2015 by Xplode
# Databáza : 2015-05-12.2 [Server]
# Operačný systém : Windows 7 Professional Service Pack 1 (x64)
# Uživateľské meno : lestatos - LESTATOS-PC
# Spustené z : C:\Users\lestatos\Desktop\adwcleaner_4.204.exe
# Nastavenia : Čistenie

***** [ Služby ] *****


***** [ Súbory / Priečinky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupcovia ] *****


***** [ Registre ] *****


***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v37.0.1 (x86 sk)


-\\ Google Chrome v42.0.2311.152


*************************

AdwCleaner[R0].txt - [15686 bajtov] - [08/04/2014 18:44:48]
AdwCleaner[R10].txt - [1880 bajtov] - [25/10/2014 16:57:40]
AdwCleaner[R11].txt - [3338 bajtov] - [11/04/2015 11:59:54]
AdwCleaner[R12].txt - [2158 bajtov] - [11/04/2015 17:49:15]
AdwCleaner[R13].txt - [2219 bajtov] - [13/04/2015 21:02:26]
AdwCleaner[R14].txt - [2341 bajtov] - [14/04/2015 17:08:09]
AdwCleaner[R15].txt - [2402 bajtov] - [17/04/2015 14:19:55]
AdwCleaner[R16].txt - [2525 bajtov] - [22/04/2015 09:20:17]
AdwCleaner[R17].txt - [2749 bajtov] - [26/04/2015 21:15:55]
AdwCleaner[R18].txt - [3056 bajtov] - [02/05/2015 08:59:37]
AdwCleaner[R19].txt - [2832 bajtov] - [06/05/2015 11:31:03]
AdwCleaner[R1].txt - [3319 bajtov] - [09/04/2014 12:09:44]
AdwCleaner[R20].txt - [2946 bajtov] - [12/05/2015 06:08:07]
AdwCleaner[R21].txt - [3015 bajtov] - [14/05/2015 11:22:40]
AdwCleaner[R2].txt - [4168 bajtov] - [11/04/2014 06:05:37]
AdwCleaner[R3].txt - [3956 bajtov] - [12/04/2014 14:37:27]
AdwCleaner[R4].txt - [1769 bajtov] - [14/04/2014 19:17:40]
AdwCleaner[R5].txt - [3774 bajtov] - [18/04/2014 17:13:01]
AdwCleaner[R6].txt - [3836 bajtov] - [24/04/2014 11:06:20]
AdwCleaner[R7].txt - [1795 bajtov] - [10/10/2014 11:12:11]
AdwCleaner[R8].txt - [1908 bajtov] - [22/10/2014 12:26:24]
AdwCleaner[R9].txt - [1759 bajtov] - [23/10/2014 13:35:27]
AdwCleaner[S0].txt - [15369 bajtov] - [08/04/2014 18:46:02]
AdwCleaner[S10].txt - [2282 bajtov] - [13/04/2015 21:05:56]
AdwCleaner[S11].txt - [2464 bajtov] - [17/04/2015 14:23:34]
AdwCleaner[S12].txt - [2727 bajtov] - [26/04/2015 21:23:55]
AdwCleaner[S13].txt - [3118 bajtov] - [02/05/2015 09:02:30]
AdwCleaner[S14].txt - [2894 bajtov] - [06/05/2015 11:34:05]
AdwCleaner[S15].txt - [2394 bajtov] - [14/05/2015 11:24:23]
AdwCleaner[S1].txt - [3225 bajtov] - [09/04/2014 12:13:03]
AdwCleaner[S2].txt - [4215 bajtov] - [11/04/2014 06:06:41]
AdwCleaner[S3].txt - [4040 bajtov] - [12/04/2014 14:38:28]
AdwCleaner[S4].txt - [3282 bajtov] - [14/04/2014 19:18:51]
AdwCleaner[S5].txt - [3904 bajtov] - [18/04/2014 17:14:27]
AdwCleaner[S6].txt - [4279 bajtov] - [24/04/2014 11:07:33]
AdwCleaner[S7].txt - [1813 bajtov] - [23/10/2014 13:37:48]
AdwCleaner[S8].txt - [1934 bajtov] - [25/10/2014 17:10:12]
AdwCleaner[S9].txt - [3345 bajtov] - [11/04/2015 12:02:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S15].txt - [2995 bajtov] ##########

[Márty84]

Fajn, toto je v poradku. Uvidime co MBAM a podle toho se zaridime dale.

[Lestatos]

trvalo to 8 hodin ale je to tu :

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum skenovania: 14. 5. 2015
Scan ??as: 11:31:01
Logfile: maleware.txt
Správca: áno

Verzia: 2.01.6.1022
Malware databázy: v2015.05.14.01
Rootkit databázy: v2015.04.21.01
Licencia: Zadarmo
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne

OS: Windows 7 Service Pack 1
CPU: x64
Systém súborov: NTFS
Používateľ: lestatos

Typ skenu: Prispôsobená kontrola
Výsledok: Dokon??ené
Objekty naskenované: 1033033
Uplynulý ??as: 8 hr, 26 min 17 sekúnd

Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené

Procesy: 0
(Žiadne zákernej položky neboli zistené)

Moduly: 0
(Žiadne zákernej položky neboli zistené)

Kľú??e databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Hodnoty databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Prie??inky: 0
(Žiadne zákernej položky neboli zistené)

Súbory: 15
PUP.Optional.OpenCandy, C:\FRST\Quarantine\C\Users\robert\DTLite4453-0297.exe.xBAD, , [dbae751e4c3e6dc9a36bef53e81e60a0],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll, , [5b2e1c77c7c39d99ca5614cb837fb54b],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe, , [2c5ddfb4d1b9d660246921b3cb356c94],
PUP.RiskwareTool.CK, C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe.BAK, , [4b3e2d66fc8ed75f533ae5efd52b956b],
CrackTool.Agent, C:\torrents\Google Earth PRO 7.1.1.1888 Final (CZ)\Patch-MPT\google.earth.free2pro.patch-MPT.exe, , [2366b0e31179a4927bdaafa416eb37c9],
CrackTool.Agent, C:\torrents\Google Earth PRO 7.1.2.2019 Final (Patch-MPT) [ChingLiu]\Patch-MPT\google.earth.free2pro.patch-MPT.exe, , [1673078cdfab88aebe97aca7b15050b0],
Trojan.Agent.W, C:\Windows\Setup\SCRIPTS\Windows7Loader.exe, , [b7d2088b7c0ed264b240605d0ff67987],
PUP.Keygen.Intro, C:\Windows.old\Program Files\Adobe Acrobat XI Pro 11.0.4 Multilingual + Keygen + Update\Adobe Acrobat XI Pro 11.0.4\~Get Your Software Here\Keygen\CORE10k.EXE, , [2a5fccc73654b284be1eefbc33d2ca36],
Trojan.Agent, C:\Windows.old\Program Files\Adobe Acrobat XI Pro 11.0.4 Multilingual + Keygen + Update\Adobe Acrobat XI Pro 11.0.4\~Get Your Software Here\Keygen\keygen.exe, , [5a2fc3d06921ff371e3edff058adcf31],
PUP.Keygen.Intro, C:\Windows.old\Program Files\Adobe Acrobat XI Pro 11.0.4 Multilingual + Keygen + Update\Adobe Acrobat XI Pro 11.0.4\~Get Your Software Here\Keygen\keygen.rar, , [5534bfd42565ad89607c367541c411ef],
PUP.RiskwareTool.CK, C:\Windows.old\Program Files\Adobe Acrobat XI Pro 11.0.4 Multilingual + Keygen + Update\Adobe Acrobat XI Pro 11.0.4\~Get Your Software Here\Keygen\xf-mccs6.exe, , [0584771c9befea4c6da45491ff0159a7],
Adware.Vomba, G:\Nase zivoty\disk J\stare C\Documents and Settings\My Documents\Downloads\Programs\daemon410-x86.exe, , [ddac0291b4d601359ee7051fbb4bb24e],
Adware.Vomba, G:\Nase zivoty\disk J\stare C\Documents and Settings\My Documents\Downloads\Programs\daemon410-x86_2.exe, , [bacf6d263a503ef8790cc55f9175768a],
RiskWare.Tool.HCK, G:\Nase zivoty\disk J\stare C\Desktop\Rapid\keymaker.exe, , [8405a4efbbcf7cba1d67b913b74ba15f],
RiskWare.Tool.HCK, G:\Nase zivoty\disk J\stare C\Desktop\Rapid\keymaker.rar, , [87028a09e6a4b3836c185874847e59a7],

Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)


(end)

[Márty84]

Ten system asi moc legalni nebude, ze?

[Lestatos]

Ak myslite windows, tak som mal windows 7 v notebooku, ked som ho kupil. Mam stale na notebooku nalepku aj cislo, ale je pravda, ze som dal reinstalovat windows asi pred rokom. Ale este raz, ja som licenciu na W7 kupil spolu s notebookum.

[Márty84]

Preinstalace windowsu by nevadila. Stacilo k aktivaci pouzit kod z nalepky. To jste (ten kdo to preinstalovaval) ale neudelal, k aktivaci byl pouzit nelegalni aktivator.

A pravidla fora bohuzel hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

21.6. http://forum.viry.cz/viewtopic.php?f=12&t=123975