Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomaly start PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
sparcosk
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 14 pro 2010 21:04

Pomaly start PC

#1 Příspěvek od sparcosk »

Zdravim ,prosim o kontrolu logu. Po zapnuti trva velmi dlhu dobu kym win nacita . Dakujem

Logfile of random's system information tool 1.08 (written by random/random)
Run by sparcosk at 2017-05-27 11:03:59
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 5 GB (1%) free of 430 GB
Total RAM: 3325 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:04:02, on 27.5.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CPUCooL\CooLSrv.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\Program Files\Razer\Diamondback 3G\razerhid.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Razer\Lycosa\razertra.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Razer\Diamondback 3G\razertra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
C:\Program Files\Razer\Diamondback 3G\razerofa.exe
C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
C:\Program Files\Sony\Content Manager Assistant\CMA.exe
C:\Program Files\Panasonic\MotionSD STUDIO\SD_Browser\AutoLauncher.exe
C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Documents and Settings\sparcosk\Desktop\RSIT.exe
C:\Program Files\trend micro\sparcosk.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [scheduler_monitor] C:\Program Files\ReaConverter 5.5 Pro\init_scheduler.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6C334189-2DA3-4D67-B0D9-EF7A95BE73F5} (UDROCX_RT Control) - http://88.212.45.152:1999/UDROCX_RT.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ReaConverter scheduler service (rcp_service) - ReaSoft - C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

--
End of file - 13203 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1220945662-1004336348-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1220945662-1004336348-725345543-1004.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-15 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2017-05-17 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2017-05-17 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2017-05-17 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-01-30 281760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2013-07-24 84576]
"Lycosa"=C:\Program Files\Razer\Lycosa\razerhid.exe [2007-11-20 147456]
"Diamondback"=C:\Program Files\Razer\Diamondback 3G\razerhid.exe [2007-08-01 147456]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-12-14 47904]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-03-20 60712]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2012-10-25 421888]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-11-15 296096]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-03-21 5078504]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-05-12 15677728]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-05-12 2562848]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-04-07 157480]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2017-05-17 136600]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 169984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-09-04 95536]
"scheduler_monitor"=C:\Program Files\ReaConverter 5.5 Pro\init_scheduler.exe [2007-06-15 27136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPLTarget\P0000000000000000"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE [2012-02-29 249440]
"AdobeBridge"= []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Olympus ib]
C:\Program Files\Olympus\ib\olycamdetect.exe [2009-10-30 93376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2007-09-04 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CineForm Status.lnk]
C:\PROGRA~1\CineForm\Tools\GOPROC~1.EXE [2013-09-05 144384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Content Manager Assistant for PlayStation(R).lnk]
C:\PROGRA~1\Sony\CONTEN~1\CMA.exe [2014-03-04 3576440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GoPro Importer.lnk]
C:\Program Files\GoPro\Tools\Importer\GoPro Importer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MotionSD STUDIO - SD Browser auto start -.lnk]
C:\PROGRA~1\PANASO~1\MOTION~1\SD_BRO~1\AUTOLA~1.EXE [2007-08-31 66952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\HRY\Guitar.Hero.3-Legends.of.Rock\GH3.exe"="E:\HRY\Guitar.Hero.3-Legends.of.Rock\GH3.exe:*:Disabled:Guitar Hero III"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Documents and Settings\sparcosk\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\sparcosk\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe"="C:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2"
"E:\HRY\PES 2011\pes2011.exe"="E:\HRY\PES 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"C:\StrongDC\StrongDC.exe"="C:\StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\PFPortChecker\PFPortChecker.exe"="C:\Program Files\PFPortChecker\PFPortChecker.exe:*:Enabled:PFPortchecker by portforward.com helps check if your ports are properly forwarded."
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"E:\Docasne\CryptLoad_1.1.8\RouterClient.exe"="E:\Docasne\CryptLoad_1.1.8\RouterClient.exe:*:Disabled:RouterClient"
"C:\Program Files\PS3 Media Server\PMS.exe"="C:\Program Files\PS3 Media Server\PMS.exe:192.168.0.103/255.255.255.255:Enabled:PS3 Media Server"
"F:\crysis2(5620)_01_13\Bin32\Crysis2.exe"="F:\crysis2(5620)_01_13\Bin32\Crysis2.exe:*:Enabled:Crysis2"
"C:\Program Files\Atari\TDU2\TestDrive2.exe"="C:\Program Files\Atari\TDU2\TestDrive2.exe:*:Disabled:Test Drive Unlimited 2"
"C:\Program Files\Atari\TDU2\UpLauncher.exe"="C:\Program Files\Atari\TDU2\UpLauncher.exe:*:Disabled:UpLauncher"
"C:\Program Files\Atari\TDU2\_UpLauncher.exe"="C:\Program Files\Atari\TDU2\_UpLauncher.exe:*:Disabled:UpLauncher"
"G:\Hry\Floorball League\FBL.exe"="G:\Hry\Floorball League\FBL.exe:*:Enabled:FBL"
"G:\Hry\PES2011\pes2011.exe"="G:\Hry\PES2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"G:\Hry\Dirt3\dirt3_game.exe"="G:\Hry\Dirt3\dirt3_game.exe:*:Enabled:DiRT 3"
"C:\Program Files\Steam\steamapps\banan222\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\banan222\team fortress 2\hl2.exe:*:Enabled:hl2"
"G:\Hry\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe"="G:\Hry\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe:*:Enabled:Bulletstorm"
"G:\Hry\BBC2\BFBC2Updater.exe"="G:\Hry\BBC2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB.exe"
"C:\Program Files\Origin Games\Medal of Honor\MP\MoHMPGame.exe"="C:\Program Files\Origin Games\Medal of Honor\MP\MoHMPGame.exe:*:Enabled:Medal of Honor: Multiplayer"
"G:\Hry\Call of Juarez The Cartel\CoJ_TheCartel.exe"="G:\Hry\Call of Juarez The Cartel\CoJ_TheCartel.exe:*:Enabled:Call of Juarez®: The Cartel"
"C:\Program Files\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe"="C:\Program Files\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer"
"C:\Program Files\Origin Games\Battlefield Bad Company 2 Digital Deluxe Edition\BFBC2Game.exe"="C:\Program Files\Origin Games\Battlefield Bad Company 2 Digital Deluxe Edition\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"G:\Hry\Dead Island\deadislandgame.exe"="G:\Hry\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland"
"G:\Hry\PES 2012\pes2012.exe"="G:\Hry\PES 2012\pes2012.exe:*:Enabled:Pro Evolution Soccer 2012"
"G:\Hry\FIFA 12\Game\fifa.exe"="G:\Hry\FIFA 12\Game\fifa.exe:*:Enabled:FIFA 12"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"G:\Hry\Saints Row The Third\saintsrowthethird.exe"="G:\Hry\Saints Row The Third\saintsrowthethird.exe:*:Enabled:Saints Row: the Third"
"G:\Hry\Virtua Tennis 4\VT4.exe"="G:\Hry\Virtua Tennis 4\VT4.exe:*:Enabled:Virtua Tennis 4™"
"C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.515\Agent.exe"="C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.515\Agent.exe:*:Enabled:Blizzard Agent"
"C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.868\Agent.exe"="C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.868\Agent.exe:*:Enabled:Blizzard Agent"
"G:\Hry\Diablo 3 beta\Diablo III Beta\Diablo III.exe"="G:\Hry\Diablo 3 beta\Diablo III Beta\Diablo III.exe:*:Enabled:Diablo III Beta"
"C:\Documents and Settings\sparcosk\Local Settings\Application Data\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\sparcosk\Local Settings\Application Data\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Steam\steamapps\common\deus ex - human revolution\dxhr.exe"="C:\Program Files\Steam\steamapps\common\deus ex - human revolution\dxhr.exe:*:Enabled:Deus Ex: Human Revolution"
"E:\HRY\GTA IV PC Version\Grand Theft Auto IV\GTAIV.exe"="E:\HRY\GTA IV PC Version\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Hry\Grand Theft Auto IV\LaunchGTAIV.exe"="G:\Hry\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Hry\Grand Theft Auto IV\GTAIV.exe"="G:\Hry\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Hry\Grand Theft Auto IV\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe"="G:\Hry\Grand Theft Auto IV\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe:*:Enabled:Grand Theft Auto IV - Episodes From Liberty City"
"G:\Hry\Battlefield 1942\BF1942.exe"="G:\Hry\Battlefield 1942\BF1942.exe:*:Enabled:Battlefield 1942™"
"C:\Program Files\Steam\steamapps\common\mafia ii\pc\mafia2.exe"="C:\Program Files\Steam\steamapps\common\mafia ii\pc\mafia2.exe:*:Enabled:Mafia II"
"C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe"="C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe:*:Enabled:Metro 2033"
"C:\Documents and Settings\sparcosk\Local Settings\temp\EPSON SX235 Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe"="C:\Documents and Settings\sparcosk\Local Settings\temp\EPSON SX235 Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe:*:Enabled:EpsonNet Setup"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"E:\Games\World_of_Warplanes\WorldOfWarplanes.exe"="E:\Games\World_of_Warplanes\WorldOfWarplanes.exe:*:Enabled:World of Warplanes"
"G:\Hry\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe"="G:\Hry\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe:*:Enabled:csgo"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Steam\steamapps\common\Shadow Warrior Original\bin\launcher.exe"="C:\Program Files\Steam\steamapps\common\Shadow Warrior Original\bin\launcher.exe:*:Enabled:Shadow Warrior Classic (1997)"
"C:\Program Files\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe"="C:\Program Files\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe:*:Enabled:Medal of Honor(TM) Single Player"
"C:\Program Files\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe"="C:\Program Files\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe:*:Enabled:Medal of Honor(TM) Multiplayer"
"C:\Program Files\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm"="C:\Program Files\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Medal of Honor(TM) Multiplayer"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Games\World_of_Warplanes\WOWpLauncher.exe"="E:\Games\World_of_Warplanes\WOWpLauncher.exe:*:Enabled:World of Warplanes Launcher"
"C:\Program Files\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe"="C:\Program Files\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\PS3 Media Server\jre\bin\javaw.exe"="C:\Program Files\PS3 Media Server\jre\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"G:\Hry\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe"="G:\Hry\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe:*:Enabled:Sniper Elite V2"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Steam\steamapps\banan222\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\banan222\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"G:\Hry\SteamLibrary\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe"="G:\Hry\SteamLibrary\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe:*:Enabled:Sniper Elite V2"
"C:\Program Files\Steam\steamapps\common\Half-Life\hl.exe"="C:\Program Files\Steam\steamapps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Steam\steamapps\common\Shadow Warrior Original\bin\DOSBox.exe"="C:\Program Files\Steam\steamapps\common\Shadow Warrior Original\bin\DOSBox.exe:*:Enabled:Shadow Warrior Classic (1997)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

======File associations======

.reg - open - "regedit.exe" "%1"
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2017-05-27 10:10:14 ----SD---- C:\ComboFix
2017-05-27 09:50:33 ----D---- C:\WINDOWS\pss
2017-05-17 20:17:21 ----A---- C:\WINDOWS\system32\javaw.exe
2017-05-17 20:17:21 ----A---- C:\WINDOWS\system32\java.exe
2017-05-17 20:17:21 ----A---- C:\WINDOWS\system32\deploytk.dll
2017-05-14 21:09:09 ----D---- C:\Documents and Settings\All Users\Application Data\Oracle
2017-05-14 20:49:55 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2017-05-27 11:04:00 ----D---- C:\Program Files\Trend Micro
2017-05-27 10:10:15 ----AD---- C:\Qoobox
2017-05-27 09:57:48 ----D---- C:\Program Files\Steam
2017-05-27 09:54:12 ----SH---- C:\boot.ini
2017-05-27 09:54:12 ----A---- C:\WINDOWS\win.ini
2017-05-27 09:54:12 ----A---- C:\WINDOWS\system.ini
2017-05-27 09:50:33 ----D---- C:\WINDOWS
2017-05-27 09:28:48 ----D---- C:\WINDOWS\system32\CatRoot2
2017-05-27 09:28:47 ----D---- C:\WINDOWS\system32\Macromed
2017-05-27 09:15:28 ----D---- C:\WINDOWS\temp
2017-05-26 22:48:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2017-05-26 15:13:38 ----D---- C:\Config.Msi
2017-05-26 15:13:35 ----SHD---- C:\WINDOWS\Installer
2017-05-26 15:13:33 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2017-05-26 15:05:48 ----SD---- C:\WINDOWS\Tasks
2017-05-17 20:17:21 ----D---- C:\WINDOWS\system32
2017-05-17 20:17:12 ----A---- C:\WINDOWS\system32\javaws.exe
2017-05-17 20:17:09 ----D---- C:\Program Files\Java
2017-05-17 19:47:26 ----D---- C:\Documents and Settings\sparcosk\Application Data\vlc
2017-05-17 17:53:46 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-05-14 21:53:06 ----D---- C:\Program Files\Common Files
2017-05-14 21:31:06 ----D---- C:\Program Files
2017-05-12 20:59:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2008-11-04 83296]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-12-13 243128]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2013-01-10 161368]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2013-01-10 105784]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ntiomin;ntiomin; C:\WINDOWS\system32\drivers\ntiomin.sys [2010-01-03 11392]
R1 ntiopnp;ntiopnp; C:\WINDOWS\system32\drivers\ntiopnp.sys [2010-01-03 12800]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 LycoFltr;Lycosa Keyboard; C:\WINDOWS\System32\Drivers\Lycosa.sys [2008-01-18 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-05-12 10967200]
R3 Razerlow;Diamondback 3G USB Filter Driver; C:\WINDOWS\System32\Drivers\DB3G.sys [2005-04-24 13225]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz135;cpuz135; \??\C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2008-01-16 65024]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2014-08-16 45056]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2006-12-28 122512]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 CPUCooLServer;CPUCooLServer Service; C:\Program Files\CPUCooL\CooLSrv.exe [2010-01-03 118784]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-05-12 156960]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-08-18 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2013-08-18 218496]
R2 TVersityMediaServer;TVersityMediaServer; C:\Program Files\TVersity\Media Server\MediaServer.exe [2010-01-19 884736]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-04-07 540968]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 60744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-03-21 1341664]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2017-05-17 147456]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-29 935208]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-27 270016]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-27 1045256]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-08-15 130976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-14 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rcp_service;ReaConverter scheduler service; C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe [2007-11-30 558592]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119670
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomaly start PC

#2 Příspěvek od Rudy »

Zdravím!
Máte málo volného místa na systémovém disku. Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
sparcosk
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 14 pro 2010 21:04

Re: Pomaly start PC

#3 Příspěvek od sparcosk »

# AdwCleaner v6.047 - Logfile created 27/05/2017 at 13:19:30
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-19.1 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (X86)
# Username : sparcosk - SPARCO
# Running from : E:\Docasne\adwcleaner_6.047.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Documents and Settings\All Users\Application Data\Tarma Installer
[-] Folder deleted: C:\Documents and Settings\All Users\Application Data\ReviverSoft
[-] Folder deleted: C:\Documents and Settings\All Users\Start Menu\Programs\ReviverSoft
[-] Folder deleted: C:\Program Files\ReviverSoft


***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\Toolbar.CT2786678
[-] Key deleted: HKLM\SOFTWARE\Classes\AskIBar.PopSwatterBarButton
[-] Key deleted: HKLM\SOFTWARE\Classes\AskIBar.PopSwatterBarButton.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AskIBar.PopSwatterSettingsControl
[-] Key deleted: HKLM\SOFTWARE\Classes\AskIBar.PopSwatterSettingsControl.1
[-] Key deleted: HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{528B5866-2BA6-42CE-8F74-39FB23B49767}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
[-] Key deleted: HKU\S-1-5-21-1220945662-1004336348-725345543-1004\Software\YahooPartnerToolbar
[-] Key deleted: HKU\S-1-5-21-1220945662-1004336348-725345543-1004\Software\AppDataLow\AskBarDis
[#] Key deleted on reboot: HKCU\Software\YahooPartnerToolbar
[#] Key deleted on reboot: HKCU\Software\AppDataLow\AskBarDis
[-] Key deleted: HKLM\SOFTWARE\AskBarDis
[-] Key deleted: HKLM\SOFTWARE\Conduit
[-] Key deleted: HKLM\SOFTWARE\Tarma Installer
[-] Key deleted: HKLM\SOFTWARE\DeviceVM Inc.
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\registry Reviver
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\registry Reviver
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Value deleted: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp


***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3948 Bytes] - [27/05/2017 13:19:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [4038 Bytes] - [27/05/2017 13:13:08]
C:\AdwCleaner\AdwCleaner[S1].txt - [4111 Bytes] - [27/05/2017 13:19:03]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4167 Bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119670
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomaly start PC

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
sparcosk
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 14 pro 2010 21:04

Re: Pomaly start PC

#5 Příspěvek od sparcosk »

Logfile of random's system information tool 1.08 (written by random/random)
Run by sparcosk at 2017-05-27 20:02:17
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (2%) free of 430 GB
Total RAM: 3325 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:02:24, on 27.5.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CPUCooL\CooLSrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Razer\Diamondback 3G\razerhid.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\Program Files\Razer\Lycosa\razertra.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Razer\Diamondback 3G\razertra.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Razer\Diamondback 3G\razerofa.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\sparcosk\Desktop\RSIT.exe
C:\Program Files\trend micro\sparcosk.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [scheduler_monitor] C:\Program Files\ReaConverter 5.5 Pro\init_scheduler.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-21-1220945662-1004336348-725345543-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6C334189-2DA3-4D67-B0D9-EF7A95BE73F5} (UDROCX_RT Control) - http://88.212.45.152:1999/UDROCX_RT.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - C:\Program Files\CPUCooL\CooLSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ReaConverter scheduler service (rcp_service) - ReaSoft - C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

--
End of file - 12861 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1220945662-1004336348-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1220945662-1004336348-725345543-1004.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-15 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2017-05-17 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2017-05-17 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2017-05-17 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-01-30 281760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2013-07-24 84576]
"Lycosa"=C:\Program Files\Razer\Lycosa\razerhid.exe [2007-11-20 147456]
"Diamondback"=C:\Program Files\Razer\Diamondback 3G\razerhid.exe [2007-08-01 147456]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-12-14 47904]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-03-20 60712]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2012-10-25 421888]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-11-15 296096]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-03-21 5078504]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-05-12 15677728]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-05-12 2562848]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-04-07 157480]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2017-05-17 136600]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 169984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-09-04 95536]
"scheduler_monitor"=C:\Program Files\ReaConverter 5.5 Pro\init_scheduler.exe [2007-06-15 27136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AdobeBridge"= []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Olympus ib]
C:\Program Files\Olympus\ib\olycamdetect.exe [2009-10-30 93376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2007-09-04 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CineForm Status.lnk]
C:\PROGRA~1\CineForm\Tools\GOPROC~1.EXE [2013-09-05 144384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Content Manager Assistant for PlayStation(R).lnk]
C:\PROGRA~1\Sony\CONTEN~1\CMA.exe [2014-03-04 3576440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GoPro Importer.lnk]
C:\Program Files\GoPro\Tools\Importer\GoPro Importer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MotionSD STUDIO - SD Browser auto start -.lnk]
C:\PROGRA~1\PANASO~1\MOTION~1\SD_BRO~1\AUTOLA~1.EXE [2007-08-31 66952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\HRY\Guitar.Hero.3-Legends.of.Rock\GH3.exe"="E:\HRY\Guitar.Hero.3-Legends.of.Rock\GH3.exe:*:Disabled:Guitar Hero III"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Documents and Settings\sparcosk\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\sparcosk\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe"="C:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2"
"E:\HRY\PES 2011\pes2011.exe"="E:\HRY\PES 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"C:\StrongDC\StrongDC.exe"="C:\StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\PFPortChecker\PFPortChecker.exe"="C:\Program Files\PFPortChecker\PFPortChecker.exe:*:Enabled:PFPortchecker by portforward.com helps check if your ports are properly forwarded."
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"E:\Docasne\CryptLoad_1.1.8\RouterClient.exe"="E:\Docasne\CryptLoad_1.1.8\RouterClient.exe:*:Disabled:RouterClient"
"C:\Program Files\PS3 Media Server\PMS.exe"="C:\Program Files\PS3 Media Server\PMS.exe:192.168.0.103/255.255.255.255:Enabled:PS3 Media Server"
"F:\crysis2(5620)_01_13\Bin32\Crysis2.exe"="F:\crysis2(5620)_01_13\Bin32\Crysis2.exe:*:Enabled:Crysis2"
"C:\Program Files\Atari\TDU2\TestDrive2.exe"="C:\Program Files\Atari\TDU2\TestDrive2.exe:*:Disabled:Test Drive Unlimited 2"
"C:\Program Files\Atari\TDU2\UpLauncher.exe"="C:\Program Files\Atari\TDU2\UpLauncher.exe:*:Disabled:UpLauncher"
"C:\Program Files\Atari\TDU2\_UpLauncher.exe"="C:\Program Files\Atari\TDU2\_UpLauncher.exe:*:Disabled:UpLauncher"
"G:\Hry\Floorball League\FBL.exe"="G:\Hry\Floorball League\FBL.exe:*:Enabled:FBL"
"G:\Hry\PES2011\pes2011.exe"="G:\Hry\PES2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"G:\Hry\Dirt3\dirt3_game.exe"="G:\Hry\Dirt3\dirt3_game.exe:*:Enabled:DiRT 3"
"C:\Program Files\Steam\steamapps\banan222\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\banan222\team fortress 2\hl2.exe:*:Enabled:hl2"
"G:\Hry\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe"="G:\Hry\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe:*:Enabled:Bulletstorm"
"G:\Hry\BBC2\BFBC2Updater.exe"="G:\Hry\BBC2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB.exe"
"C:\Program Files\Origin Games\Medal of Honor\MP\MoHMPGame.exe"="C:\Program Files\Origin Games\Medal of Honor\MP\MoHMPGame.exe:*:Enabled:Medal of Honor: Multiplayer"
"G:\Hry\Call of Juarez The Cartel\CoJ_TheCartel.exe"="G:\Hry\Call of Juarez The Cartel\CoJ_TheCartel.exe:*:Enabled:Call of Juarez®: The Cartel"
"C:\Program Files\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe"="C:\Program Files\Steam\steamapps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer"
"C:\Program Files\Origin Games\Battlefield Bad Company 2 Digital Deluxe Edition\BFBC2Game.exe"="C:\Program Files\Origin Games\Battlefield Bad Company 2 Digital Deluxe Edition\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"G:\Hry\Dead Island\deadislandgame.exe"="G:\Hry\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland"
"G:\Hry\PES 2012\pes2012.exe"="G:\Hry\PES 2012\pes2012.exe:*:Enabled:Pro Evolution Soccer 2012"
"G:\Hry\FIFA 12\Game\fifa.exe"="G:\Hry\FIFA 12\Game\fifa.exe:*:Enabled:FIFA 12"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"G:\Hry\Saints Row The Third\saintsrowthethird.exe"="G:\Hry\Saints Row The Third\saintsrowthethird.exe:*:Enabled:Saints Row: the Third"
"G:\Hry\Virtua Tennis 4\VT4.exe"="G:\Hry\Virtua Tennis 4\VT4.exe:*:Enabled:Virtua Tennis 4™"
"C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.515\Agent.exe"="C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.515\Agent.exe:*:Enabled:Blizzard Agent"
"C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.868\Agent.exe"="C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.868\Agent.exe:*:Enabled:Blizzard Agent"
"G:\Hry\Diablo 3 beta\Diablo III Beta\Diablo III.exe"="G:\Hry\Diablo 3 beta\Diablo III Beta\Diablo III.exe:*:Enabled:Diablo III Beta"
"C:\Documents and Settings\sparcosk\Local Settings\Application Data\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\sparcosk\Local Settings\Application Data\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Steam\steamapps\common\deus ex - human revolution\dxhr.exe"="C:\Program Files\Steam\steamapps\common\deus ex - human revolution\dxhr.exe:*:Enabled:Deus Ex: Human Revolution"
"E:\HRY\GTA IV PC Version\Grand Theft Auto IV\GTAIV.exe"="E:\HRY\GTA IV PC Version\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Hry\Grand Theft Auto IV\LaunchGTAIV.exe"="G:\Hry\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Hry\Grand Theft Auto IV\GTAIV.exe"="G:\Hry\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Hry\Grand Theft Auto IV\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe"="G:\Hry\Grand Theft Auto IV\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe:*:Enabled:Grand Theft Auto IV - Episodes From Liberty City"
"G:\Hry\Battlefield 1942\BF1942.exe"="G:\Hry\Battlefield 1942\BF1942.exe:*:Enabled:Battlefield 1942™"
"C:\Program Files\Steam\steamapps\common\mafia ii\pc\mafia2.exe"="C:\Program Files\Steam\steamapps\common\mafia ii\pc\mafia2.exe:*:Enabled:Mafia II"
"C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe"="C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe:*:Enabled:Metro 2033"
"C:\Documents and Settings\sparcosk\Local Settings\temp\EPSON SX235 Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe"="C:\Documents and Settings\sparcosk\Local Settings\temp\EPSON SX235 Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe:*:Enabled:EpsonNet Setup"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"E:\Games\World_of_Warplanes\WorldOfWarplanes.exe"="E:\Games\World_of_Warplanes\WorldOfWarplanes.exe:*:Enabled:World of Warplanes"
"G:\Hry\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe"="G:\Hry\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe:*:Enabled:csgo"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Steam\steamapps\common\Shadow Warrior Original\bin\launcher.exe"="C:\Program Files\Steam\steamapps\common\Shadow Warrior Original\bin\launcher.exe:*:Enabled:Shadow Warrior Classic (1997)"
"C:\Program Files\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe"="C:\Program Files\Steam\steamapps\common\Medal of Honor\Binaries\moh.exe:*:Enabled:Medal of Honor(TM) Single Player"
"C:\Program Files\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe"="C:\Program Files\Steam\steamapps\common\Medal of Honor\MP\mohmpgame.exe:*:Enabled:Medal of Honor(TM) Multiplayer"
"C:\Program Files\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm"="C:\Program Files\Steam\steamapps\common\Medal of Honor\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Medal of Honor(TM) Multiplayer"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Games\World_of_Warplanes\WOWpLauncher.exe"="E:\Games\World_of_Warplanes\WOWpLauncher.exe:*:Enabled:World of Warplanes Launcher"
"C:\Program Files\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe"="C:\Program Files\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\PS3 Media Server\jre\bin\javaw.exe"="C:\Program Files\PS3 Media Server\jre\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"G:\Hry\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe"="G:\Hry\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe:*:Enabled:Sniper Elite V2"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Steam\steamapps\banan222\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\banan222\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"G:\Hry\SteamLibrary\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe"="G:\Hry\SteamLibrary\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe:*:Enabled:Sniper Elite V2"
"C:\Program Files\Steam\steamapps\common\Half-Life\hl.exe"="C:\Program Files\Steam\steamapps\common\Half-Life\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Steam\steamapps\common\Shadow Warrior Original\bin\DOSBox.exe"="C:\Program Files\Steam\steamapps\common\Shadow Warrior Original\bin\DOSBox.exe:*:Enabled:Shadow Warrior Classic (1997)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

======File associations======

.reg - open - "regedit.exe" "%1"
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2017-05-27 13:11:56 ----D---- C:\AdwCleaner
2017-05-27 10:10:14 ----SD---- C:\ComboFix
2017-05-27 09:50:33 ----D---- C:\WINDOWS\pss
2017-05-17 20:17:21 ----A---- C:\WINDOWS\system32\javaw.exe
2017-05-17 20:17:21 ----A---- C:\WINDOWS\system32\java.exe
2017-05-17 20:17:21 ----A---- C:\WINDOWS\system32\deploytk.dll
2017-05-14 21:09:09 ----D---- C:\Documents and Settings\All Users\Application Data\Oracle
2017-05-14 20:49:55 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2017-05-27 20:02:20 ----D---- C:\Program Files\Trend Micro
2017-05-27 20:01:25 ----SH---- C:\boot.ini
2017-05-27 20:01:25 ----A---- C:\WINDOWS\win.ini
2017-05-27 20:01:25 ----A---- C:\WINDOWS\system.ini
2017-05-27 19:49:36 ----D---- C:\WINDOWS\temp
2017-05-27 19:47:50 ----SD---- C:\WINDOWS\Tasks
2017-05-27 19:45:13 ----D---- C:\WINDOWS\system32\CatRoot2
2017-05-27 19:43:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2017-05-27 13:19:17 ----D---- C:\Program Files
2017-05-27 10:10:15 ----AD---- C:\Qoobox
2017-05-27 09:57:48 ----D---- C:\Program Files\Steam
2017-05-27 09:50:33 ----D---- C:\WINDOWS
2017-05-27 09:28:47 ----D---- C:\WINDOWS\system32\Macromed
2017-05-26 15:13:38 ----D---- C:\Config.Msi
2017-05-26 15:13:35 ----SHD---- C:\WINDOWS\Installer
2017-05-26 15:13:33 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2017-05-17 20:17:21 ----D---- C:\WINDOWS\system32
2017-05-17 20:17:12 ----A---- C:\WINDOWS\system32\javaws.exe
2017-05-17 20:17:09 ----D---- C:\Program Files\Java
2017-05-17 19:47:26 ----D---- C:\Documents and Settings\sparcosk\Application Data\vlc
2017-05-17 17:53:46 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-05-14 21:53:06 ----D---- C:\Program Files\Common Files
2017-05-12 20:59:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2008-11-04 83296]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-12-13 243128]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2013-01-10 161368]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2013-01-10 105784]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ntiomin;ntiomin; C:\WINDOWS\system32\drivers\ntiomin.sys [2010-01-03 11392]
R1 ntiopnp;ntiopnp; C:\WINDOWS\system32\drivers\ntiopnp.sys [2010-01-03 12800]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 LycoFltr;Lycosa Keyboard; C:\WINDOWS\System32\Drivers\Lycosa.sys [2008-01-18 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-05-12 10967200]
R3 Razerlow;Diamondback 3G USB Filter Driver; C:\WINDOWS\System32\Drivers\DB3G.sys [2005-04-24 13225]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz135;cpuz135; \??\C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2008-01-16 65024]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2014-08-16 45056]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 60744]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2006-12-28 122512]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 CPUCooLServer;CPUCooLServer Service; C:\Program Files\CPUCooL\CooLSrv.exe [2010-01-03 118784]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-03-21 1341664]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2017-05-17 147456]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-29 935208]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-05-12 156960]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-08-18 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2013-08-18 218496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-04-07 540968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TVersityMediaServer;TVersityMediaServer; C:\Program Files\TVersity\Media Server\MediaServer.exe [2010-01-19 884736]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-27 270016]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-27 1045256]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-08-15 130976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-14 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rcp_service;ReaConverter scheduler service; C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe [2007-11-30 558592]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119670
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomaly start PC

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files\Bonjour
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-
"SunJavaUpdateSched"=-

:services
Bonjour Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Proč spouštíte Combofix, utiltu určenou pouze profesionálům? Hodláte si poškodit systém?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“