VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Velké využití fyzické paměti od startu PC

https://forum.viry.cz:443/viewtopic.php?t=137670

Stránka 1 z 3

Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 08:26
od slecna_sy
Ahoj. Potřebuji poradit s vysokým využitím fyzické paměti, ale i CPU už od startu PC.

Nedávno jsem instalovala novou Aviru, včera se zbavila programu Bluestacks a jeho Notification Center, což trochu pomohlo. Pozoruji problém se zamrzáním her, které fungovaly bez problémů, i když nebyl PC sestaven zrovna nedávno.

Malware Bytes nic nenašel, Avira tež nic.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Simona at 2014-04-27 09:11:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 430 GB (90%) free of 477 GB
Total RAM: 3327 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:11:18, on 27.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Simona\Downloads\RSIT.exe
C:\Program Files\trend micro\Simona.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: (no name) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 6657 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-04-27 752960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-06 43848]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2014-03-11 689744]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2014-04-02 1081112]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-02 2201032]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-02-21 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-27 09:11:01 ----D---- C:\Program Files\trend micro
2014-04-27 09:11:00 ----D---- C:\rsit
2014-04-27 01:57:39 ----D---- C:\Program Files\CCleaner
2014-04-27 01:31:46 ----D---- C:\Users\Simona\AppData\Roaming\ProductData
2014-04-27 01:31:34 ----D---- C:\ProgramData\IObit
2014-04-27 01:31:33 ----D---- C:\Users\Simona\AppData\Roaming\IObit
2014-04-27 01:31:33 ----D---- C:\ProgramData\ProductData
2014-04-27 01:31:28 ----D---- C:\Program Files\IObit
2014-04-27 01:08:41 ----D---- C:\Users\Simona\AppData\Roaming\NVIDIA
2014-04-27 00:10:05 ----D---- C:\Program Files\Speccy
2014-04-26 23:59:31 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-04-26 23:59:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-04-26 23:59:31 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-04-26 23:59:31 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-04-26 22:45:43 ----D---- C:\Users\Simona\AppData\Roaming\Avira
2014-04-26 22:40:36 ----D---- C:\Users\Simona\AppData\Roaming\Apple Computer
2014-04-26 22:40:14 ----D---- C:\Users\Simona\AppData\Roaming\Identities
2014-04-26 22:40:04 ----D---- C:\Users\Simona\AppData\Roaming\Adobe
2014-04-26 22:39:51 ----SD---- C:\Users\Simona\AppData\Roaming\Microsoft
2014-04-26 22:39:51 ----D---- C:\Users\Simona\AppData\Roaming\Media Center Programs
2014-04-26 22:39:51 ----D---- C:\Users\Simona\AppData\Roaming\Macromedia
2014-04-26 15:46:55 ----D---- C:\Program Files\AGEIA Technologies
2014-04-26 15:46:14 ----A---- C:\Windows\system32\nvStreaming.exe
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvopencl.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvoglv32.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\NvIFR.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\NvFBC.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvdispgenco3233523.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvdispco3233523.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvcuvid.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvcuda.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-04-26 15:40:52 ----A---- C:\Windows\system32\nvcompiler.dll
2014-04-26 15:31:29 ----A---- C:\Windows\system32\drivers\nvvad32v.sys
2014-04-25 20:40:28 ----RASH---- C:\MSDOS.SYS
2014-04-25 20:40:28 ----RASH---- C:\IO.SYS
2014-04-25 17:40:27 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-25 17:37:13 ----D---- C:\ProgramData\Malwarebytes
2014-04-25 14:48:40 ----A---- C:\Windows\system32\vbscript.dll
2014-04-25 14:48:39 ----A---- C:\Windows\system32\ieui.dll
2014-04-25 14:48:36 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-25 14:48:35 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-25 14:48:34 ----A---- C:\Windows\system32\msrating.dll
2014-04-25 14:48:34 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-25 14:48:34 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-25 14:48:33 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-25 14:48:32 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-25 14:48:31 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-25 14:48:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-25 14:48:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-25 14:48:30 ----A---- C:\Windows\system32\iesetup.dll
2014-04-25 14:48:30 ----A---- C:\Windows\system32\iernonce.dll
2014-04-25 14:48:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-25 14:48:29 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-25 14:48:29 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-25 14:48:29 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-25 14:48:25 ----A---- C:\Windows\system32\iertutil.dll
2014-04-25 14:48:24 ----A---- C:\Windows\system32\wininet.dll
2014-04-25 14:48:24 ----A---- C:\Windows\system32\urlmon.dll
2014-04-25 14:48:17 ----A---- C:\Windows\system32\ieframe.dll
2014-04-25 14:48:16 ----A---- C:\Windows\system32\mshtml.dll
2014-04-25 14:48:16 ----A---- C:\Windows\system32\jscript9.dll
2014-04-23 17:29:23 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-04-20 14:57:21 ----D---- C:\ProgramData\MediaMonkey
2014-04-20 14:50:55 ----D---- C:\ProgramData\Ashampoo
2014-04-09 14:03:57 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 14:03:57 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 14:03:57 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 14:03:57 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 14:03:55 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 14:03:55 ----A---- C:\Windows\system32\drivers\ntfs.sys

======List of files/folders modified in the last 1 month======

2014-04-27 09:11:04 ----D---- C:\Windows\Temp
2014-04-27 09:11:01 ----RD---- C:\Program Files
2014-04-27 09:10:04 ----D---- C:\Windows\system32\config
2014-04-27 08:58:40 ----D---- C:\Windows\inf
2014-04-27 08:56:54 ----D---- C:\Windows
2014-04-27 08:56:54 ----D---- C:\ProgramData\NVIDIA
2014-04-27 03:00:32 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2014-04-27 02:58:20 ----D---- C:\Windows\Prefetch
2014-04-27 02:49:04 ----D---- C:\Windows\Microsoft.NET
2014-04-27 02:49:03 ----RSD---- C:\Windows\assembly
2014-04-27 01:59:40 ----D---- C:\Windows\Panther
2014-04-27 01:59:39 ----D---- C:\Windows\Logs
2014-04-27 01:59:39 ----D---- C:\Windows\debug
2014-04-27 01:57:41 ----D---- C:\Windows\system32\Tasks
2014-04-27 01:42:51 ----SHD---- C:\System Volume Information
2014-04-27 01:34:17 ----SHD---- C:\Windows\Installer
2014-04-27 01:31:34 ----HD---- C:\ProgramData
2014-04-27 01:23:49 ----D---- C:\ProgramData\BlueStacksSetup
2014-04-27 01:16:13 ----D---- C:\ProgramData\BlueStacks
2014-04-27 00:40:57 ----D---- C:\Windows\system32\catroot2
2014-04-26 23:59:31 ----D---- C:\Windows\system32\drivers
2014-04-26 23:19:17 ----SHD---- C:\$Recycle.Bin
2014-04-26 23:19:08 ----RD---- C:\Users
2014-04-26 22:55:21 ----D---- C:\Windows\System32
2014-04-26 20:43:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-26 15:46:55 ----D---- C:\Program Files\NVIDIA Corporation
2014-04-26 15:46:09 ----D---- C:\Windows\system32\catroot
2014-04-26 15:46:08 ----D---- C:\Windows\system32\DriverStore
2014-04-26 15:32:11 ----D---- C:\ProgramData\NVIDIA Corporation
2014-04-26 14:47:55 ----D---- C:\Windows\rescache
2014-04-25 20:43:27 ----D---- C:\Program Files\Common Files\Apple
2014-04-25 20:43:01 ----D---- C:\Windows\winsxs
2014-04-25 20:37:17 ----HD---- C:\Program Files\InstallShield Installation Information
2014-04-25 20:37:17 ----D---- C:\Program Files\Electronic Arts
2014-04-25 20:34:07 ----RSD---- C:\Windows\Fonts
2014-04-25 20:32:45 ----D---- C:\Program Files\Common Files
2014-04-25 20:24:37 ----D---- C:\Program Files\Google
2014-04-25 18:41:48 ----D---- C:\Windows\Minidump
2014-04-25 15:02:28 ----D---- C:\Windows\system32\en-US
2014-04-25 15:02:28 ----D---- C:\Windows\system32\cs-CZ
2014-04-25 15:02:28 ----D---- C:\Windows\PolicyDefinitions
2014-04-25 15:02:27 ----D---- C:\Program Files\Internet Explorer
2014-04-25 15:01:05 ----D---- C:\Program Files\Opera
2014-04-23 10:49:23 ----D---- C:\Windows\system32\NDF
2014-04-10 00:44:21 ----D---- C:\Windows\system32\MRT
2014-04-10 00:42:27 ----A---- C:\Windows\system32\MRT.exe
2014-04-02 15:27:17 ----A---- C:\Windows\system32\nvspcap.dll
2014-03-31 09:35:10 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-18 135648]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-01 37352]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-18 90400]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-04-03 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-04-27 107736]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-04-03 51416]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-03-21 34080]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 AIRPLUS;D-Link AirPlus Wireless Adapter; C:\Windows\system32\DRIVERS\airplus.sys [2003-06-05 155776]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2012-07-28 904192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2014-03-11 440400]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2014-03-11 440400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-02 1615192]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-02 19405768]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 663896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 553288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-04 136176]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-04-27 2153792]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-04 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-03 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 08:39
od Márty84
Zdravim :)

:arrow: Spustte spravce uloh a napiste mi, ktery proces nejvic zatezuje pamet a procesor.

:arrow: Odinstalujte vse od IObit. Dokaze to nadelat vice skody, nez uzitku.

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 09:00
od slecna_sy
iobit jsem tedy odinstalovala.. vydrzel v pc par hodin :)
pc pořád funguje na 32bit, nepoužívám prostředí Aero.
kromě mbam.exe a mbamservice.exe, avguard.exe to jsou csrss.exe, schvost.exe, ale vím, že ty jsou od MS a cesta vede do System32, jak podle všeho má.

před odinstalovanim iobit jsem uz ten adwcleaner pouzila.. potom jsem to jeste zopakovala.


# AdwCleaner v3.204 - Report created 27/04/2014 at 09:29:51
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Simona - PAVEL-PC
# Running from : C:\Users\Simona\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1470 octets] - [27/04/2014 09:28:46]
AdwCleaner[S0].txt - [1405 octets] - [27/04/2014 09:29:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1465 octets] ##########



a

# AdwCleaner v3.204 - Report created 27/04/2014 at 09:51:19
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Simona - PAVEL-PC
# Running from : C:\Users\Simona\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Simi\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1470 octets] - [27/04/2014 09:28:46]
AdwCleaner[R1].txt - [972 octets] - [27/04/2014 09:50:46]
AdwCleaner[S0].txt - [1545 octets] - [27/04/2014 09:29:51]
AdwCleaner[S1].txt - [894 octets] - [27/04/2014 09:51:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [953 octets] ##########

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 09:08
od Márty84
MBAM odinstalujte, pokud nic nenasel, je tam uz zbytecny.


:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 09:12
od slecna_sy
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Simona [Práva správce]
Mód : Kontrola -- Datum : 04/27/2014 10:12:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[84] : NtCreateSection @ 0x82C3013D -> HOOKED (Unknown @ 0x90EE8E2E)
[Address] SSDT[299] : NtRequestWaitReplyPort @ 0x82C4AB22 -> HOOKED (Unknown @ 0x90EE8E38)
[Address] SSDT[316] : NtSetContextThread @ 0x82CEA84F -> HOOKED (Unknown @ 0x90EE8E33)
[Address] SSDT[347] : NtSetSecurityObject @ 0x82C0E805 -> HOOKED (Unknown @ 0x90EE8E3D)
[Address] SSDT[368] : NtSystemDebugControl @ 0x82C92802 -> HOOKED (Unknown @ 0x90EE8E42)
[Address] SSDT[370] : NtTerminateProcess @ 0x82C67D9A -> HOOKED (Unknown @ 0x90EE8DCF)
[Address] Shadow SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x90EE8E56)
[Address] Shadow SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x90EE8E5B)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox~÷ëŒÈ•áø"¶) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts



0.0.0.0 mpa.one.microsoft.com genuine.microsoft.com sls.microsoft.com


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AACS-00ZUB0 ATA Device +++++
--- User ---
[MBR] 0c14e411259148bc8ae8b5cd2697699b
[BSP] e3f20918253f691e85761351f386300f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) -Pretec 16GB USB Device +++++
--- User ---
[MBR] 09ce6b0e9ca43a6b4ca3fce590fb1985
[BSP] 0e18d9f1c319c6e81b21f65ba5c94b3d : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 234840425 | Size: 994568 MB
1 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1376390655 | Size: 798350 MB
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1802725748 | Size: 877581 MB
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): -1409286144 | Size: 26 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_04272014_101209.txt >>

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 09:14
od Márty84
:arrow: Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 09:20
od slecna_sy
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Simona [Práva správce]
Mód : Odebrat -- Datum : 04/27/2014 10:19:29
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[84] : NtCreateSection @ 0x82C3013D -> HOOKED (Unknown @ 0x90EE8E2E)
[Address] SSDT[299] : NtRequestWaitReplyPort @ 0x82C4AB22 -> HOOKED (Unknown @ 0x90EE8E38)
[Address] SSDT[316] : NtSetContextThread @ 0x82CEA84F -> HOOKED (Unknown @ 0x90EE8E33)
[Address] SSDT[347] : NtSetSecurityObject @ 0x82C0E805 -> HOOKED (Unknown @ 0x90EE8E3D)
[Address] SSDT[368] : NtSystemDebugControl @ 0x82C92802 -> HOOKED (Unknown @ 0x90EE8E42)
[Address] SSDT[370] : NtTerminateProcess @ 0x82C67D9A -> HOOKED (Unknown @ 0x90EE8DCF)
[Address] Shadow SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x90EE8E56)
[Address] Shadow SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x90EE8E5B)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxùTŒX›^ø"¶) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x73D7DD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts



0.0.0.0 mpa.one.microsoft.com genuine.microsoft.com sls.microsoft.com


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AACS-00ZUB0 ATA Device +++++
--- User ---
[MBR] 0c14e411259148bc8ae8b5cd2697699b
[BSP] e3f20918253f691e85761351f386300f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) -Pretec 16GB USB Device +++++
--- User ---
[MBR] 09ce6b0e9ca43a6b4ca3fce590fb1985
[BSP] 0e18d9f1c319c6e81b21f65ba5c94b3d : MBR Code unknown
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 234840425 | Size: 994568 MB
1 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1376390655 | Size: 798350 MB
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1802725748 | Size: 877581 MB
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): -1409286144 | Size: 26 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_D_04272014_101929.txt >>
RKreport[0]_D_04272014_101706.txt;RKreport[0]_S_04272014_101209.txt;RKreport[0]_S_04272014_101909.txt

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 09:21
od slecna_sy
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Simona [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/27/2014 10:20:37
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts



0.0.0.0 mpa.one.microsoft.com genuine.microsoft.com sls.microsoft.com


¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončeno : << RKreport[0]_H_04272014_102037.txt >>
RKreport[0]_D_04272014_101706.txt;RKreport[0]_D_04272014_101929.txt;RKreport[0]_S_04272014_101209.txt
RKreport[0]_S_04272014_101909.txt

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 09:26
od Márty84
:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 09:55
od slecna_sy
ComboFix 14-04-26.01 - Simona 27.04.2014 10:45:10.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3327.2427 [GMT 2:00]
Spuštěný z: c:\users\Simona\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-27 do 2014-04-27 )))))))))))))))))))))))))))))))
.
.
2014-04-27 08:50 . 2014-04-27 08:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-27 08:15 . 2014-04-27 08:15 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{58DCB83B-5FA2-449A-97AF-90BFB0FF3EDB}\offreg.dll
2014-04-27 07:29 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-04-27 07:28 . 2014-04-27 07:51 -------- d-----w- C:\AdwCleaner
2014-04-27 07:11 . 2014-04-27 08:02 -------- d-----w- c:\program files\trend micro
2014-04-27 07:11 . 2014-04-27 07:11 -------- d-----w- C:\rsit
2014-04-26 23:57 . 2014-04-26 23:57 -------- d-----w- c:\program files\CCleaner
2014-04-26 23:31 . 2014-04-26 23:42 -------- d-----w- c:\programdata\IObit
2014-04-26 23:31 . 2014-04-26 23:31 -------- d-----w- c:\programdata\ProductData
2014-04-26 23:31 . 2014-04-26 23:31 -------- d-----w- c:\program files\IObit
2014-04-26 22:10 . 2014-04-26 22:10 -------- d-----w- c:\program files\Speccy
2014-04-26 21:19 . 2014-04-26 21:19 -------- d-----w- c:\users\Simi
2014-04-26 20:39 . 2014-04-26 20:40 -------- d-----w- c:\users\Simona
2014-04-26 13:46 . 2014-04-26 13:46 -------- d-----w- c:\program files\AGEIA Technologies
2014-04-26 13:46 . 2014-03-04 11:32 599840 ----a-w- c:\windows\system32\nvStreaming.exe
2014-04-26 13:40 . 2014-03-04 14:29 9728064 ----a-w- c:\windows\system32\nvcuda.dll
2014-04-26 13:40 . 2014-03-04 14:29 9690424 ----a-w- c:\windows\system32\nvopencl.dll
2014-04-26 13:40 . 2014-03-04 14:29 894296 ----a-w- c:\windows\system32\nvdispgenco3233523.dll
2014-04-26 13:40 . 2014-03-04 14:29 865224 ----a-w- c:\windows\system32\NvIFR.dll
2014-04-26 13:40 . 2014-03-04 14:29 847136 ----a-w- c:\windows\system32\NvFBC.dll
2014-04-26 13:40 . 2014-03-04 14:29 2956632 ----a-w- c:\windows\system32\nvcuvid.dll
2014-04-26 13:40 . 2014-03-04 14:29 2411976 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-04-26 13:40 . 2014-03-04 14:29 23716640 ----a-w- c:\windows\system32\nvoglv32.dll
2014-04-26 13:40 . 2014-03-04 14:29 10523480 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-04-26 13:40 . 2014-03-04 14:29 1049888 ----a-w- c:\windows\system32\nvdispco3233523.dll
2014-04-26 13:40 . 2014-03-04 14:29 17559384 ----a-w- c:\windows\system32\nvcompiler.dll
2014-04-26 13:31 . 2014-03-21 19:43 34080 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2014-04-25 15:40 . 2014-04-27 07:54 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-25 15:37 . 2014-04-25 15:37 -------- d-----w- c:\programdata\Malwarebytes
2014-04-25 12:52 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{58DCB83B-5FA2-449A-97AF-90BFB0FF3EDB}\mpengine.dll
2014-04-23 15:29 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-04-20 12:57 . 2014-04-20 12:57 -------- d-----w- c:\programdata\MediaMonkey
2014-04-20 12:50 . 2014-04-20 12:50 -------- d-----w- c:\programdata\Ashampoo
2014-04-09 12:03 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 12:03 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 12:03 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 12:03 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 12:03 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-02 13:27 . 2014-01-13 09:44 1081112 ----a-w- c:\windows\system32\nvspcap.dll
2014-03-31 07:35 . 2012-08-03 05:37 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-21 19:43 . 2014-01-13 09:32 33568 ----a-w- c:\windows\system32\nvaudcap32v.dll
2014-03-12 13:20 . 2012-08-03 05:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 13:20 . 2012-08-03 05:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-04 14:29 . 2013-02-25 22:22 2715264 ----a-w- c:\windows\system32\nvapi.dll
2014-03-04 14:29 . 2013-02-25 22:22 15783992 ----a-w- c:\windows\system32\nvwgf2um.dll
2014-03-04 14:29 . 2013-02-25 22:22 14709720 ----a-w- c:\windows\system32\nvd3dum.dll
2014-03-04 12:34 . 2012-11-18 23:16 4348704 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 12:34 . 2012-11-18 23:16 3044696 ----a-w- c:\windows\system32\nvsvc.dll
2014-03-04 12:34 . 2012-11-18 23:16 663896 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 12:34 . 2012-11-18 23:16 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 12:34 . 2012-11-18 23:16 2556360 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 12:34 . 2012-11-18 23:16 375128 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-07 01:07 . 2014-03-12 12:22 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-12 12:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 12:22 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-12 12:22 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07 . 2014-03-12 12:22 185344 ----a-w- c:\windows\system32\wwansvc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-03-11 689744]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-04-02 1081112]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 2201032]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-02-21 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-2-6 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2014-04-26 2153792]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2012-07-28 904192]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-04-27 107736]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-03 1343400]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-01 37352]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-03-11 440400]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-02 1615192]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-02 19405768]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-03-21 34080]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 13:34 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 13:20]
.
2014-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-04 07:36]
.
2014-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-04 07:36]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-04-27 10:55:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-27 08:54
.
Před spuštěním: Volných bajtů: 453 906 427 904
Po spuštění: Volných bajtů: 453 688 115 200
.
- - End Of File - - 5C36224B4C69D347ED2B7A95108F3FFC
A36C5E4F47E84449FF07ED3517B43A31

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 10:11
od Márty84
:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Folder::
c:\programdata\IObit
c:\program files\IObit

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=-
"Adobe ARM"=-
"ShadowPlay"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
LiveUpdateSvc
SkypeUpdate

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 10:26
od slecna_sy
ComboFix 14-04-26.01 - Simona 27.04.2014 11:15:54.2.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3327.2213 [GMT 2:00]
Spuštěný z: c:\users\Simona\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Simona\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit
c:\program files\IObit\IObit Uninstaller\LiveUpdate.log
c:\program files\IObit\LiveUpdate\Language\Arabic.lng
c:\program files\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files\IObit\LiveUpdate\Language\Czech.lng
c:\program files\IObit\LiveUpdate\Language\Dutch.lng
c:\program files\IObit\LiveUpdate\Language\English.lng
c:\program files\IObit\LiveUpdate\Language\Finnish.lng
c:\program files\IObit\LiveUpdate\Language\German.lng
c:\program files\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files\IObit\LiveUpdate\Language\Japanese.lng
c:\program files\IObit\LiveUpdate\Language\Polish.lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files\IObit\LiveUpdate\Language\Romanian.lng
c:\program files\IObit\LiveUpdate\Language\Russian.lng
c:\program files\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files\IObit\LiveUpdate\Language\Spanish.lng
c:\program files\IObit\LiveUpdate\Language\Swedish.lng
c:\program files\IObit\LiveUpdate\Language\Turkish.lng
c:\program files\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files\IObit\LiveUpdate\LiveUpdate.exe
c:\program files\IObit\LiveUpdate\LiveUpdate.log
c:\program files\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files\IObit\LiveUpdate\ProductStatistics.dll
c:\program files\IObit\LiveUpdate\ProductUpt.log
c:\program files\IObit\LiveUpdate\system.ini
c:\program files\IObit\LiveUpdate\update\update.spt
c:\programdata\IObit
c:\programdata\IObit\ASCDownloader\Downloader.log
c:\programdata\IObit\Install.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_LiveUpdateSvc
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-27 do 2014-04-27 )))))))))))))))))))))))))))))))
.
.
2014-04-27 09:20 . 2014-04-27 09:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-27 08:15 . 2014-04-27 08:15 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{58DCB83B-5FA2-449A-97AF-90BFB0FF3EDB}\offreg.dll
2014-04-27 07:29 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-04-27 07:28 . 2014-04-27 07:51 -------- d-----w- C:\AdwCleaner
2014-04-27 07:11 . 2014-04-27 08:02 -------- d-----w- c:\program files\trend micro
2014-04-27 07:11 . 2014-04-27 07:11 -------- d-----w- C:\rsit
2014-04-26 23:57 . 2014-04-26 23:57 -------- d-----w- c:\program files\CCleaner
2014-04-26 23:31 . 2014-04-26 23:31 -------- d-----w- c:\programdata\ProductData
2014-04-26 22:10 . 2014-04-26 22:10 -------- d-----w- c:\program files\Speccy
2014-04-26 21:19 . 2014-04-26 21:19 -------- d-----w- c:\users\Simi
2014-04-26 20:39 . 2014-04-26 20:40 -------- d-----w- c:\users\Simona
2014-04-26 13:46 . 2014-04-26 13:46 -------- d-----w- c:\program files\AGEIA Technologies
2014-04-26 13:46 . 2014-03-04 11:32 599840 ----a-w- c:\windows\system32\nvStreaming.exe
2014-04-26 13:40 . 2014-03-04 14:29 9728064 ----a-w- c:\windows\system32\nvcuda.dll
2014-04-26 13:40 . 2014-03-04 14:29 9690424 ----a-w- c:\windows\system32\nvopencl.dll
2014-04-26 13:40 . 2014-03-04 14:29 894296 ----a-w- c:\windows\system32\nvdispgenco3233523.dll
2014-04-26 13:40 . 2014-03-04 14:29 865224 ----a-w- c:\windows\system32\NvIFR.dll
2014-04-26 13:40 . 2014-03-04 14:29 847136 ----a-w- c:\windows\system32\NvFBC.dll
2014-04-26 13:40 . 2014-03-04 14:29 2956632 ----a-w- c:\windows\system32\nvcuvid.dll
2014-04-26 13:40 . 2014-03-04 14:29 2411976 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-04-26 13:40 . 2014-03-04 14:29 23716640 ----a-w- c:\windows\system32\nvoglv32.dll
2014-04-26 13:40 . 2014-03-04 14:29 10523480 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-04-26 13:40 . 2014-03-04 14:29 1049888 ----a-w- c:\windows\system32\nvdispco3233523.dll
2014-04-26 13:40 . 2014-03-04 14:29 17559384 ----a-w- c:\windows\system32\nvcompiler.dll
2014-04-26 13:31 . 2014-03-21 19:43 34080 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2014-04-25 15:40 . 2014-04-27 07:54 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-25 15:37 . 2014-04-25 15:37 -------- d-----w- c:\programdata\Malwarebytes
2014-04-25 12:52 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{58DCB83B-5FA2-449A-97AF-90BFB0FF3EDB}\mpengine.dll
2014-04-23 15:29 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-04-20 12:57 . 2014-04-20 12:57 -------- d-----w- c:\programdata\MediaMonkey
2014-04-20 12:50 . 2014-04-20 12:50 -------- d-----w- c:\programdata\Ashampoo
2014-04-09 12:03 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 12:03 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 12:03 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 12:03 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 12:03 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-02 13:27 . 2014-01-13 09:44 1081112 ----a-w- c:\windows\system32\nvspcap.dll
2014-03-31 07:35 . 2012-08-03 05:37 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-21 19:43 . 2014-01-13 09:32 33568 ----a-w- c:\windows\system32\nvaudcap32v.dll
2014-03-12 13:20 . 2012-08-03 05:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 13:20 . 2012-08-03 05:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-04 14:29 . 2013-02-25 22:22 2715264 ----a-w- c:\windows\system32\nvapi.dll
2014-03-04 14:29 . 2013-02-25 22:22 15783992 ----a-w- c:\windows\system32\nvwgf2um.dll
2014-03-04 14:29 . 2013-02-25 22:22 14709720 ----a-w- c:\windows\system32\nvd3dum.dll
2014-03-04 12:34 . 2012-11-18 23:16 4348704 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 12:34 . 2012-11-18 23:16 3044696 ----a-w- c:\windows\system32\nvsvc.dll
2014-03-04 12:34 . 2012-11-18 23:16 663896 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 12:34 . 2012-11-18 23:16 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 12:34 . 2012-11-18 23:16 2556360 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 12:34 . 2012-11-18 23:16 375128 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-07 01:07 . 2014-03-12 12:22 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-12 12:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 12:22 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-12 12:22 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07 . 2014-03-12 12:22 185344 ----a-w- c:\windows\system32\wwansvc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-03-11 689744]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 2201032]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-02-21 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-2-6 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2012-07-28 904192]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-04-27 107736]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-03 1343400]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-01 37352]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-03-11 440400]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-02 1615192]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-02 19405768]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-03-21 34080]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 13:34 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 13:20]
.
2014-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-04 07:36]
.
2014-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-04 07:36]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2284)
c:\windows\System32\bthprops.cpl
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-04-27 11:25:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-27 09:25
ComboFix2.txt 2014-04-27 08:55
.
Před spuštěním: Volných bajtů: 453 723 914 240
Po spuštění: Volných bajtů: 453 205 905 408
.
- - End Of File - - 1B0A96C663ED2BA3CE4E5A9EF0ADF986
A36C5E4F47E84449FF07ED3517B43A31

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 10:33
od Márty84
Dejte novy log z RSIT

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 10:34
od slecna_sy
Logfile of random's system information tool 1.09 (written by random/random)
Run by Simona at 2014-04-27 11:34:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 432 GB (91%) free of 477 GB
Total RAM: 3327 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:34:08, on 27.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Simona\Downloads\RSIT.exe
C:\Program Files\trend micro\Simona.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 4715 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-06 43848]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2014-03-11 689744]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-02 2201032]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-02-21 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-04-27 11:25:54 ----D---- C:\Windows\temp
2014-04-27 11:25:53 ----A---- C:\ComboFix.txt
2014-04-27 11:23:24 ----SHD---- C:\$RECYCLE.BIN
2014-04-27 10:44:06 ----A---- C:\Windows\zip.exe
2014-04-27 10:44:06 ----A---- C:\Windows\SWSC.exe
2014-04-27 10:44:06 ----A---- C:\Windows\SWREG.exe
2014-04-27 10:44:06 ----A---- C:\Windows\sed.exe
2014-04-27 10:44:06 ----A---- C:\Windows\PEV.exe
2014-04-27 10:44:06 ----A---- C:\Windows\NIRCMD.exe
2014-04-27 10:44:06 ----A---- C:\Windows\MBR.exe
2014-04-27 10:44:06 ----A---- C:\Windows\grep.exe
2014-04-27 10:43:55 ----D---- C:\Qoobox
2014-04-27 10:43:45 ----D---- C:\Windows\erdnt
2014-04-27 09:29:04 ----A---- C:\Windows\system32\sqlite3.dll
2014-04-27 09:28:42 ----D---- C:\AdwCleaner
2014-04-27 09:11:01 ----D---- C:\Program Files\trend micro
2014-04-27 09:11:00 ----D---- C:\rsit
2014-04-27 01:57:39 ----D---- C:\Program Files\CCleaner
2014-04-27 01:31:46 ----D---- C:\Users\Simona\AppData\Roaming\ProductData
2014-04-27 01:31:33 ----D---- C:\Users\Simona\AppData\Roaming\IObit
2014-04-27 01:31:33 ----D---- C:\ProgramData\ProductData
2014-04-27 01:08:41 ----D---- C:\Users\Simona\AppData\Roaming\NVIDIA
2014-04-27 00:10:05 ----D---- C:\Program Files\Speccy
2014-04-26 22:45:43 ----D---- C:\Users\Simona\AppData\Roaming\Avira
2014-04-26 22:40:36 ----D---- C:\Users\Simona\AppData\Roaming\Apple Computer
2014-04-26 22:40:14 ----D---- C:\Users\Simona\AppData\Roaming\Identities
2014-04-26 22:40:04 ----D---- C:\Users\Simona\AppData\Roaming\Adobe
2014-04-26 22:39:51 ----SD---- C:\Users\Simona\AppData\Roaming\Microsoft
2014-04-26 22:39:51 ----D---- C:\Users\Simona\AppData\Roaming\Media Center Programs
2014-04-26 22:39:51 ----D---- C:\Users\Simona\AppData\Roaming\Macromedia
2014-04-26 15:46:55 ----D---- C:\Program Files\AGEIA Technologies
2014-04-26 15:46:14 ----A---- C:\Windows\system32\nvStreaming.exe
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvopencl.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvoglv32.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\NvIFR.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\NvFBC.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvdispgenco3233523.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvdispco3233523.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvcuvid.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\nvcuda.dll
2014-04-26 15:40:55 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-04-26 15:40:52 ----A---- C:\Windows\system32\nvcompiler.dll
2014-04-26 15:31:29 ----A---- C:\Windows\system32\drivers\nvvad32v.sys
2014-04-25 20:40:28 ----RASH---- C:\MSDOS.SYS
2014-04-25 20:40:28 ----RASH---- C:\IO.SYS
2014-04-25 17:40:27 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-25 17:37:13 ----D---- C:\ProgramData\Malwarebytes
2014-04-25 14:48:40 ----A---- C:\Windows\system32\vbscript.dll
2014-04-25 14:48:39 ----A---- C:\Windows\system32\ieui.dll
2014-04-25 14:48:36 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-25 14:48:35 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-25 14:48:34 ----A---- C:\Windows\system32\msrating.dll
2014-04-25 14:48:34 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-25 14:48:34 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-25 14:48:33 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-25 14:48:32 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-25 14:48:31 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-25 14:48:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-25 14:48:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-25 14:48:30 ----A---- C:\Windows\system32\iesetup.dll
2014-04-25 14:48:30 ----A---- C:\Windows\system32\iernonce.dll
2014-04-25 14:48:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-25 14:48:29 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-25 14:48:29 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-25 14:48:29 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-25 14:48:25 ----A---- C:\Windows\system32\iertutil.dll
2014-04-25 14:48:24 ----A---- C:\Windows\system32\wininet.dll
2014-04-25 14:48:24 ----A---- C:\Windows\system32\urlmon.dll
2014-04-25 14:48:17 ----A---- C:\Windows\system32\ieframe.dll
2014-04-25 14:48:16 ----A---- C:\Windows\system32\mshtml.dll
2014-04-25 14:48:16 ----A---- C:\Windows\system32\jscript9.dll
2014-04-23 17:29:23 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-04-20 14:57:21 ----D---- C:\ProgramData\MediaMonkey
2014-04-20 14:50:55 ----D---- C:\ProgramData\Ashampoo
2014-04-09 14:03:57 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 14:03:57 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 14:03:57 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 14:03:57 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 14:03:55 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 14:03:55 ----A---- C:\Windows\system32\drivers\ntfs.sys

======List of files/folders modified in the last 1 month======

2014-04-27 11:25:55 ----D---- C:\Windows\system32\drivers
2014-04-27 11:25:54 ----D---- C:\Windows
2014-04-27 11:23:22 ----A---- C:\Windows\system.ini
2014-04-27 11:22:04 ----D---- C:\ProgramData\NVIDIA
2014-04-27 11:20:21 ----RD---- C:\Program Files
2014-04-27 11:20:21 ----D---- C:\ProgramData
2014-04-27 11:18:07 ----D---- C:\Windows\System32
2014-04-27 11:18:07 ----D---- C:\Windows\AppPatch
2014-04-27 11:18:06 ----D---- C:\Program Files\Common Files
2014-04-27 10:50:06 ----D---- C:\Windows\system32\drivers\etc
2014-04-27 10:06:51 ----D---- C:\Windows\system32\config
2014-04-27 09:44:51 ----D---- C:\Windows\system32\Tasks
2014-04-27 08:58:40 ----D---- C:\Windows\inf
2014-04-27 03:00:32 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2014-04-27 02:58:20 ----D---- C:\Windows\Prefetch
2014-04-27 02:49:04 ----D---- C:\Windows\Microsoft.NET
2014-04-27 02:49:03 ----RSD---- C:\Windows\assembly
2014-04-27 01:59:40 ----D---- C:\Windows\Panther
2014-04-27 01:59:39 ----D---- C:\Windows\Logs
2014-04-27 01:59:39 ----D---- C:\Windows\debug
2014-04-27 01:42:51 ----SHD---- C:\System Volume Information
2014-04-27 01:34:17 ----SHD---- C:\Windows\Installer
2014-04-27 01:23:49 ----D---- C:\ProgramData\BlueStacksSetup
2014-04-27 01:16:13 ----D---- C:\ProgramData\BlueStacks
2014-04-27 00:40:57 ----D---- C:\Windows\system32\catroot2
2014-04-26 23:19:08 ----RD---- C:\Users
2014-04-26 20:43:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-26 15:46:55 ----D---- C:\Program Files\NVIDIA Corporation
2014-04-26 15:46:09 ----D---- C:\Windows\system32\catroot
2014-04-26 15:46:08 ----D---- C:\Windows\system32\DriverStore
2014-04-26 15:32:11 ----D---- C:\ProgramData\NVIDIA Corporation
2014-04-26 14:47:55 ----D---- C:\Windows\rescache
2014-04-25 20:43:27 ----D---- C:\Program Files\Common Files\Apple
2014-04-25 20:43:01 ----D---- C:\Windows\winsxs
2014-04-25 20:37:17 ----HD---- C:\Program Files\InstallShield Installation Information
2014-04-25 20:37:17 ----D---- C:\Program Files\Electronic Arts
2014-04-25 20:34:07 ----RSD---- C:\Windows\Fonts
2014-04-25 20:24:37 ----D---- C:\Program Files\Google
2014-04-25 18:41:48 ----D---- C:\Windows\Minidump
2014-04-25 15:02:28 ----D---- C:\Windows\system32\en-US
2014-04-25 15:02:28 ----D---- C:\Windows\system32\cs-CZ
2014-04-25 15:02:28 ----D---- C:\Windows\PolicyDefinitions
2014-04-25 15:02:27 ----D---- C:\Program Files\Internet Explorer
2014-04-25 15:01:05 ----D---- C:\Program Files\Opera
2014-04-23 10:49:23 ----D---- C:\Windows\system32\NDF
2014-04-10 00:44:21 ----D---- C:\Windows\system32\MRT
2014-04-10 00:42:27 ----A---- C:\Windows\system32\MRT.exe
2014-04-02 15:27:17 ----A---- C:\Windows\system32\nvspcap.dll
2014-03-31 09:35:10 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-18 135648]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-01 37352]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-18 90400]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-03-21 34080]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 AIRPLUS;D-Link AirPlus Wireless Adapter; C:\Windows\system32\DRIVERS\airplus.sys [2003-06-05 155776]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2012-07-28 904192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-04-27 107736]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2014-03-11 440400]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2014-03-11 440400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-02 1615192]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-02 19405768]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 663896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-04 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-04 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 553288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-03 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Velké využití fyzické paměti od startu PC

Napsal: 27 dub 2014 10:37
od Márty84
Jeste jeden sken a budem mazat.


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz