Prosím o kontrolu

[Rubec]

Prosím o preventivní kontrolu, dnes se mi začal zasekávat Google chrome a s ním i trochu PC. Po vypnutí chromu se už nechce zapnout. Zkoušel jsem restart pc, reinstalaci chromu a všechno co znám, ale nepomáhá... asi tam bude nějakej hnus, co dělá neplechu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Rubec at 2014-05-24 20:17:34
Microsoft Windows 7 Home Premium
System drive C: has 359 GB (51%) free of 701 GB
Total RAM: 8136 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:39, on 24.5.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Rubec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-270100528-1877774927-3815561456-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-270100528-1877774927-3815561456-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9456 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 24751712
\??\C:\windows\system32\conhost.exe
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 624
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5428.0.2118393933\840217158" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2342 --ignored=" --type=renderer " /prefetch:822062411
taskeng.exe {770CD723-8CFA-415F-85DB-745C94169D40}
C:\windows\system32\msiexec.exe /V
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Rubec\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Rubec\AppData\Roaming\Mozilla\Firefox\Profiles\b5el81x0.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-07 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-07 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-30 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-30 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-30 418840]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-18 11779176]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-05 1933584]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2531624]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2013-11-05 789920]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-11-05 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-11-05 5908928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2014-04-01 399224]
"PeerBlock"=C:\Program Files\PeerBlock\peerblock.exe [2014-01-14 2513992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-07 3873704]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-26 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-05-24 20:17:34 ----D---- C:\rsit
2014-05-24 20:17:34 ----D---- C:\Program Files\trend micro
2014-05-24 20:11:19 ----D---- C:\Program Files (x86)\Google
2014-05-24 19:19:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-12 10:37:41 ----D---- C:\ProgramData\PopCap Games
2014-05-12 10:37:39 ----D---- C:\ProgramData\EA Core
2014-05-12 10:37:38 ----D---- C:\ProgramData\EA Logs
2014-05-12 10:37:29 ----A---- C:\windows\SYSWOW64\XAudio2_7.dll
2014-05-12 10:37:29 ----A---- C:\windows\SYSWOW64\XAPOFX1_5.dll
2014-05-12 10:37:29 ----A---- C:\windows\system32\XAudio2_7.dll
2014-05-12 10:37:29 ----A---- C:\windows\system32\XAPOFX1_5.dll
2014-05-12 10:37:28 ----A---- C:\windows\SYSWOW64\xactengine3_7.dll
2014-05-12 10:37:28 ----A---- C:\windows\system32\xactengine3_7.dll
2014-05-12 10:37:26 ----A---- C:\windows\SYSWOW64\d3dcsx_43.dll
2014-05-12 10:37:26 ----A---- C:\windows\SYSWOW64\D3DCompiler_43.dll
2014-05-12 10:37:26 ----A---- C:\windows\system32\d3dcsx_43.dll
2014-05-12 10:37:26 ----A---- C:\windows\system32\D3DCompiler_43.dll
2014-05-12 10:37:25 ----A---- C:\windows\SYSWOW64\d3dx11_43.dll
2014-05-12 10:37:25 ----A---- C:\windows\SYSWOW64\d3dx10_43.dll
2014-05-12 10:37:25 ----A---- C:\windows\system32\d3dx11_43.dll
2014-05-12 10:37:25 ----A---- C:\windows\system32\d3dx10_43.dll
2014-05-12 10:37:24 ----A---- C:\windows\SYSWOW64\D3DX9_43.dll
2014-05-12 10:37:24 ----A---- C:\windows\system32\D3DX9_43.dll
2014-05-12 10:37:23 ----A---- C:\windows\SYSWOW64\XAudio2_6.dll
2014-05-12 10:37:23 ----A---- C:\windows\SYSWOW64\XAPOFX1_4.dll
2014-05-12 10:37:23 ----A---- C:\windows\system32\XAudio2_6.dll
2014-05-12 10:37:23 ----A---- C:\windows\system32\XAPOFX1_4.dll
2014-05-12 10:37:16 ----A---- C:\windows\SYSWOW64\xactengine3_6.dll
2014-05-12 10:37:16 ----A---- C:\windows\SYSWOW64\X3DAudio1_7.dll
2014-05-12 10:37:16 ----A---- C:\windows\system32\xactengine3_6.dll
2014-05-12 10:37:16 ----A---- C:\windows\system32\X3DAudio1_7.dll
2014-05-12 10:37:15 ----A---- C:\windows\system32\XAudio2_5.dll
2014-05-12 10:37:14 ----A---- C:\windows\SYSWOW64\xactengine3_5.dll
2014-05-12 10:37:14 ----A---- C:\windows\system32\xactengine3_5.dll
2014-05-12 10:37:13 ----A---- C:\windows\SYSWOW64\d3dcsx_42.dll
2014-05-12 10:37:13 ----A---- C:\windows\SYSWOW64\D3DCompiler_42.dll
2014-05-12 10:37:13 ----A---- C:\windows\system32\d3dcsx_42.dll
2014-05-12 10:37:13 ----A---- C:\windows\system32\D3DCompiler_42.dll
2014-05-12 10:37:12 ----A---- C:\windows\SYSWOW64\d3dx11_42.dll
2014-05-12 10:37:12 ----A---- C:\windows\system32\d3dx11_42.dll
2014-05-12 10:37:04 ----A---- C:\windows\SYSWOW64\D3DX9_42.dll
2014-05-12 10:37:04 ----A---- C:\windows\system32\D3DX9_42.dll
2014-05-12 10:37:02 ----A---- C:\windows\system32\d3dx10_41.dll
2014-05-12 10:37:02 ----A---- C:\windows\system32\D3DCompiler_41.dll
2014-05-12 10:37:00 ----A---- C:\windows\SYSWOW64\D3DX9_41.dll
2014-05-12 10:37:00 ----A---- C:\windows\system32\D3DX9_41.dll
2014-05-12 10:36:56 ----A---- C:\windows\SYSWOW64\XAudio2_4.dll
2014-05-12 10:36:56 ----A---- C:\windows\system32\XAudio2_4.dll
2014-05-12 10:36:56 ----A---- C:\windows\system32\XAPOFX1_3.dll
2014-05-12 10:36:53 ----A---- C:\windows\SYSWOW64\xactengine3_4.dll
2014-05-12 10:36:53 ----A---- C:\windows\system32\xactengine3_4.dll
2014-05-12 10:36:52 ----A---- C:\windows\SYSWOW64\X3DAudio1_6.dll
2014-05-12 10:36:52 ----A---- C:\windows\system32\X3DAudio1_6.dll
2014-05-12 10:36:51 ----A---- C:\windows\SYSWOW64\d3dx10_40.dll
2014-05-12 10:36:51 ----A---- C:\windows\SYSWOW64\D3DCompiler_40.dll
2014-05-12 10:36:51 ----A---- C:\windows\system32\d3dx10_40.dll
2014-05-12 10:36:51 ----A---- C:\windows\system32\D3DCompiler_40.dll
2014-05-12 10:36:50 ----A---- C:\windows\SYSWOW64\XAudio2_3.dll
2014-05-12 10:36:50 ----A---- C:\windows\SYSWOW64\XAPOFX1_2.dll
2014-05-12 10:36:50 ----A---- C:\windows\SYSWOW64\D3DX9_40.dll
2014-05-12 10:36:50 ----A---- C:\windows\system32\XAudio2_3.dll
2014-05-12 10:36:50 ----A---- C:\windows\system32\XAPOFX1_2.dll
2014-05-12 10:36:50 ----A---- C:\windows\system32\D3DX9_40.dll
2014-05-12 10:36:48 ----A---- C:\windows\SYSWOW64\xactengine3_3.dll
2014-05-12 10:36:48 ----A---- C:\windows\SYSWOW64\X3DAudio1_5.dll
2014-05-12 10:36:48 ----A---- C:\windows\system32\xactengine3_3.dll
2014-05-12 10:36:48 ----A---- C:\windows\system32\X3DAudio1_5.dll
2014-05-12 10:36:47 ----A---- C:\windows\SYSWOW64\XAudio2_2.dll
2014-05-12 10:36:47 ----A---- C:\windows\SYSWOW64\XAPOFX1_1.dll
2014-05-12 10:36:47 ----A---- C:\windows\system32\XAudio2_2.dll
2014-05-12 10:36:47 ----A---- C:\windows\system32\XAPOFX1_1.dll
2014-05-12 10:36:45 ----A---- C:\windows\SYSWOW64\xactengine3_2.dll
2014-05-12 10:36:45 ----A---- C:\windows\system32\xactengine3_2.dll
2014-05-12 10:36:44 ----A---- C:\windows\SYSWOW64\d3dx10_39.dll
2014-05-12 10:36:44 ----A---- C:\windows\SYSWOW64\D3DCompiler_39.dll
2014-05-12 10:36:44 ----A---- C:\windows\system32\d3dx10_39.dll
2014-05-12 10:36:44 ----A---- C:\windows\system32\D3DCompiler_39.dll
2014-05-12 10:36:43 ----A---- C:\windows\SYSWOW64\D3DX9_39.dll
2014-05-12 10:36:43 ----A---- C:\windows\system32\D3DX9_39.dll
2014-05-12 10:36:42 ----A---- C:\windows\SYSWOW64\XAudio2_1.dll
2014-05-12 10:36:42 ----A---- C:\windows\SYSWOW64\XAPOFX1_0.dll
2014-05-12 10:36:42 ----A---- C:\windows\system32\XAudio2_1.dll
2014-05-12 10:36:42 ----A---- C:\windows\system32\XAPOFX1_0.dll
2014-05-12 10:36:40 ----A---- C:\windows\SYSWOW64\xactengine3_1.dll
2014-05-12 10:36:40 ----A---- C:\windows\system32\xactengine3_1.dll
2014-05-12 10:36:39 ----A---- C:\windows\SYSWOW64\X3DAudio1_4.dll
2014-05-12 10:36:39 ----A---- C:\windows\system32\X3DAudio1_4.dll
2014-05-12 10:36:24 ----A---- C:\windows\SYSWOW64\d3dx10_38.dll
2014-05-12 10:36:24 ----A---- C:\windows\SYSWOW64\D3DCompiler_38.dll
2014-05-12 10:36:24 ----A---- C:\windows\system32\d3dx10_38.dll
2014-05-12 10:36:24 ----A---- C:\windows\system32\D3DCompiler_38.dll
2014-05-12 10:36:22 ----A---- C:\windows\SYSWOW64\D3DX9_38.dll
2014-05-12 10:36:22 ----A---- C:\windows\system32\D3DX9_38.dll
2014-05-12 10:36:21 ----A---- C:\windows\SYSWOW64\XAudio2_0.dll
2014-05-12 10:36:21 ----A---- C:\windows\system32\XAudio2_0.dll
2014-05-12 10:36:19 ----A---- C:\windows\SYSWOW64\xactengine3_0.dll
2014-05-12 10:36:19 ----A---- C:\windows\system32\xactengine3_0.dll
2014-05-12 10:36:18 ----A---- C:\windows\SYSWOW64\X3DAudio1_3.dll
2014-05-12 10:36:18 ----A---- C:\windows\system32\X3DAudio1_3.dll
2014-05-12 10:36:17 ----A---- C:\windows\SYSWOW64\d3dx10_37.dll
2014-05-12 10:36:17 ----A---- C:\windows\SYSWOW64\D3DCompiler_37.dll
2014-05-12 10:36:17 ----A---- C:\windows\system32\d3dx10_37.dll
2014-05-12 10:36:17 ----A---- C:\windows\system32\D3DCompiler_37.dll
2014-05-12 10:36:16 ----A---- C:\windows\SYSWOW64\D3DX9_37.dll
2014-05-12 10:36:16 ----A---- C:\windows\system32\D3DX9_37.dll
2014-05-12 10:36:14 ----A---- C:\windows\SYSWOW64\xactengine2_10.dll
2014-05-12 10:36:14 ----A---- C:\windows\system32\xactengine2_10.dll
2014-05-12 10:36:10 ----A---- C:\windows\SYSWOW64\d3dx10_36.dll
2014-05-12 10:36:10 ----A---- C:\windows\SYSWOW64\D3DCompiler_36.dll
2014-05-12 10:36:10 ----A---- C:\windows\system32\d3dx10_36.dll
2014-05-12 10:36:10 ----A---- C:\windows\system32\D3DCompiler_36.dll
2014-05-12 10:36:08 ----A---- C:\windows\SYSWOW64\d3dx9_36.dll
2014-05-12 10:36:08 ----A---- C:\windows\system32\d3dx9_36.dll
2014-05-12 10:36:06 ----A---- C:\windows\SYSWOW64\xactengine2_9.dll
2014-05-12 10:36:06 ----A---- C:\windows\system32\xactengine2_9.dll
2014-05-12 10:36:04 ----A---- C:\windows\SYSWOW64\d3dx9_35.dll
2014-05-12 10:36:04 ----A---- C:\windows\SYSWOW64\d3dx10_35.dll
2014-05-12 10:36:04 ----A---- C:\windows\SYSWOW64\D3DCompiler_35.dll
2014-05-12 10:36:04 ----A---- C:\windows\system32\d3dx9_35.dll
2014-05-12 10:36:04 ----A---- C:\windows\system32\d3dx10_35.dll
2014-05-12 10:36:04 ----A---- C:\windows\system32\D3DCompiler_35.dll
2014-05-12 10:36:03 ----A---- C:\windows\SYSWOW64\xactengine2_8.dll
2014-05-12 10:36:03 ----A---- C:\windows\SYSWOW64\X3DAudio1_2.dll
2014-05-12 10:36:03 ----A---- C:\windows\system32\xactengine2_8.dll
2014-05-12 10:36:03 ----A---- C:\windows\system32\X3DAudio1_2.dll
2014-05-12 10:36:02 ----A---- C:\windows\SYSWOW64\d3dx9_34.dll
2014-05-12 10:36:02 ----A---- C:\windows\SYSWOW64\d3dx10_34.dll
2014-05-12 10:36:02 ----A---- C:\windows\SYSWOW64\D3DCompiler_34.dll
2014-05-12 10:36:02 ----A---- C:\windows\system32\d3dx9_34.dll
2014-05-12 10:36:02 ----A---- C:\windows\system32\d3dx10_34.dll
2014-05-12 10:36:02 ----A---- C:\windows\system32\D3DCompiler_34.dll
2014-05-12 10:36:01 ----A---- C:\windows\SYSWOW64\xinput1_3.dll
2014-05-12 10:36:01 ----A---- C:\windows\system32\xinput1_3.dll
2014-05-12 10:35:57 ----A---- C:\windows\SYSWOW64\xactengine2_7.dll
2014-05-12 10:35:57 ----A---- C:\windows\system32\xactengine2_7.dll
2014-05-12 10:35:56 ----A---- C:\windows\SYSWOW64\d3dx10_33.dll
2014-05-12 10:35:56 ----A---- C:\windows\SYSWOW64\D3DCompiler_33.dll
2014-05-12 10:35:56 ----A---- C:\windows\system32\d3dx10_33.dll
2014-05-12 10:35:56 ----A---- C:\windows\system32\D3DCompiler_33.dll
2014-05-12 10:35:55 ----A---- C:\windows\SYSWOW64\d3dx9_33.dll
2014-05-12 10:35:55 ----A---- C:\windows\system32\d3dx9_33.dll
2014-05-12 10:35:54 ----A---- C:\windows\SYSWOW64\xactengine2_6.dll
2014-05-12 10:35:54 ----A---- C:\windows\system32\xactengine2_6.dll
2014-05-12 10:35:51 ----A---- C:\windows\SYSWOW64\xactengine2_5.dll
2014-05-12 10:35:51 ----A---- C:\windows\system32\xactengine2_5.dll
2014-05-12 10:35:50 ----A---- C:\windows\SYSWOW64\d3dx10.dll
2014-05-12 10:35:50 ----A---- C:\windows\system32\d3dx10.dll
2014-05-12 10:35:47 ----A---- C:\windows\SYSWOW64\xactengine2_4.dll
2014-05-12 10:35:47 ----A---- C:\windows\SYSWOW64\x3daudio1_1.dll
2014-05-12 10:35:47 ----A---- C:\windows\system32\xactengine2_4.dll
2014-05-12 10:35:47 ----A---- C:\windows\system32\x3daudio1_1.dll
2014-05-12 10:35:46 ----A---- C:\windows\SYSWOW64\d3dx9_31.dll
2014-05-12 10:35:46 ----A---- C:\windows\system32\d3dx9_31.dll
2014-05-12 10:35:45 ----A---- C:\windows\SYSWOW64\xactengine2_3.dll
2014-05-12 10:35:45 ----A---- C:\windows\system32\xactengine2_3.dll
2014-05-12 10:35:44 ----A---- C:\windows\SYSWOW64\xinput1_2.dll
2014-05-12 10:35:44 ----A---- C:\windows\system32\xinput1_2.dll
2014-05-12 10:35:42 ----A---- C:\windows\SYSWOW64\xactengine2_2.dll
2014-05-12 10:35:42 ----A---- C:\windows\system32\xactengine2_2.dll
2014-05-12 10:35:41 ----A---- C:\windows\SYSWOW64\xinput1_1.dll
2014-05-12 10:35:41 ----A---- C:\windows\system32\xinput1_1.dll
2014-05-12 10:35:40 ----A---- C:\windows\SYSWOW64\xactengine2_1.dll
2014-05-12 10:35:40 ----A---- C:\windows\system32\xactengine2_1.dll
2014-05-12 10:35:21 ----A---- C:\windows\SYSWOW64\d3dx9_30.dll
2014-05-12 10:35:21 ----A---- C:\windows\system32\d3dx9_30.dll
2014-05-12 10:35:15 ----A---- C:\windows\SYSWOW64\xactengine2_0.dll
2014-05-12 10:35:15 ----A---- C:\windows\SYSWOW64\x3daudio1_0.dll
2014-05-12 10:35:15 ----A---- C:\windows\SYSWOW64\d3dx9_29.dll
2014-05-12 10:35:15 ----A---- C:\windows\system32\xactengine2_0.dll
2014-05-12 10:35:15 ----A---- C:\windows\system32\x3daudio1_0.dll
2014-05-12 10:35:15 ----A---- C:\windows\system32\d3dx9_29.dll
2014-05-12 10:35:11 ----A---- C:\windows\SYSWOW64\d3dx9_28.dll
2014-05-12 10:35:11 ----A---- C:\windows\system32\d3dx9_28.dll
2014-05-12 10:35:10 ----A---- C:\windows\SYSWOW64\d3dx9_27.dll
2014-05-12 10:35:10 ----A---- C:\windows\SYSWOW64\d3dx9_26.dll
2014-05-12 10:35:10 ----A---- C:\windows\system32\d3dx9_27.dll
2014-05-12 10:35:10 ----A---- C:\windows\system32\d3dx9_26.dll
2014-05-12 10:35:09 ----A---- C:\windows\SYSWOW64\d3dx9_25.dll
2014-05-12 10:35:09 ----A---- C:\windows\system32\d3dx9_25.dll
2014-05-12 10:35:08 ----A---- C:\windows\SYSWOW64\d3dx9_24.dll
2014-05-12 10:35:08 ----A---- C:\windows\system32\d3dx9_24.dll
2014-05-12 10:30:17 ----D---- C:\Program Files (x86)\Origin Games
2014-05-12 10:26:52 ----D---- C:\Users\Rubec\AppData\Roaming\Origin
2014-05-12 10:23:19 ----D---- C:\ProgramData\Origin
2014-05-12 10:23:18 ----D---- C:\ProgramData\Electronic Arts
2014-05-12 10:22:52 ----D---- C:\Program Files (x86)\Origin
2014-05-07 21:08:23 ----A---- C:\windows\system32\drivers\aswHwid.sys
2014-05-07 21:08:20 ----A---- C:\windows\avastSS.scr
2014-05-07 21:08:14 ----A---- C:\windows\system32\drivers\aswndisflt.sys
2014-05-06 08:14:02 ----D---- C:\ProgramData\EPSON
2014-05-06 08:11:36 ----D---- C:\Program Files (x86)\Adobe
2014-05-06 08:11:25 ----D---- C:\ProgramData\Adobe
2014-05-05 13:33:13 ----D---- C:\ProgramData\YTD Video Downloader
2014-05-05 13:32:59 ----D---- C:\Program Files (x86)\GreenTree Applications
2014-05-05 13:15:08 ----D---- C:\Program Files\Microsoft Silverlight
2014-05-05 13:15:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-05-05 12:49:54 ----D---- C:\hudba
2014-05-05 12:42:22 ----D---- C:\Users\Rubec\AppData\Roaming\ProgSense
2014-05-05 12:42:22 ----D---- C:\Downloads
2014-05-05 12:37:05 ----D---- C:\Program Files (x86)\Orbitdownloader
2014-05-05 12:36:06 ----D---- C:\Users\Rubec\AppData\Roaming\Orbit
2014-05-05 00:22:07 ----D---- C:\Users\Rubec\AppData\Roaming\Macromedia
2014-05-05 00:22:07 ----D---- C:\Users\Rubec\AppData\Roaming\Adobe
2014-05-05 00:11:26 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-05-05 00:11:24 ----D---- C:\windows\system32\Macromed
2014-05-02 15:55:57 ----D---- C:\Program Files (x86)\MyPC Backup
2014-05-02 15:38:25 ----D---- C:\windows\Minidump
2014-04-26 22:10:12 ----D---- C:\Users\Rubec\AppData\Roaming\Unity
2014-04-25 22:21:41 ----D---- C:\ProgramData\Oracle
2014-04-25 20:47:02 ----D---- C:\ProgramData\Sun
2014-04-25 20:46:53 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-04-25 20:46:49 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-04-25 20:46:49 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-04-25 20:46:49 ----A---- C:\windows\SYSWOW64\java.exe
2014-04-25 20:46:44 ----D---- C:\Program Files (x86)\Java
2014-04-25 20:43:17 ----D---- C:\Users\Rubec\AppData\Roaming\.minecraft

======List of files/folders modified in the last 1 month======

2014-05-24 20:17:39 ----D---- C:\windows\Prefetch
2014-05-24 20:17:37 ----D---- C:\windows\Temp
2014-05-24 20:17:34 ----RD---- C:\Program Files
2014-05-24 20:17:24 ----D---- C:\Users\Rubec\AppData\Roaming\uTorrent
2014-05-24 20:16:06 ----SHD---- C:\windows\Installer
2014-05-24 20:14:40 ----D---- C:\windows\System32
2014-05-24 20:14:40 ----D---- C:\windows\inf
2014-05-24 20:14:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-05-24 20:12:42 ----RD---- C:\Program Files (x86)
2014-05-24 20:11:27 ----D---- C:\windows\Tasks
2014-05-24 20:11:27 ----D---- C:\windows\system32\Tasks
2014-05-24 20:10:26 ----A---- C:\windows\SYSWOW64\log.txt
2014-05-24 20:08:27 ----D---- C:\windows\system32\config
2014-05-24 20:08:24 ----D---- C:\Windows
2014-05-24 20:08:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-23 20:07:45 ----D---- C:\The KMPlayer
2014-05-21 23:32:22 ----D---- C:\Games - instal
2014-05-21 22:44:29 ----D---- C:\serialy
2014-05-20 19:02:32 ----D---- C:\windows\SysWOW64
2014-05-18 22:14:19 ----D---- C:\windows\system32\drivers
2014-05-15 09:39:11 ----D---- C:\windows\Logs
2014-05-12 10:37:41 ----HD---- C:\ProgramData
2014-05-12 10:37:32 ----D---- C:\Program Files (x86)\Common Files
2014-05-12 10:35:40 ----RSD---- C:\windows\assembly
2014-05-12 10:35:22 ----D---- C:\windows\Microsoft.NET
2014-05-07 21:09:17 ----D---- C:\windows\system32\DriverStore
2014-05-07 21:09:17 ----D---- C:\windows\system32\catroot
2014-05-07 21:08:20 ----A---- C:\windows\system32\aswBoot.exe
2014-05-05 00:22:07 ----SD---- C:\Users\Rubec\AppData\Roaming\Microsoft
2014-05-03 09:11:50 ----D---- C:\windows\system32\NDF
2014-04-26 09:03:52 ----D---- C:\windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\windows\system32\DRIVERS\aswNdisFlt.sys [2014-05-15 447888]
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-05-07 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-05-07 208416]
R0 HybridDisk;HybridDisk; C:\windows\System32\DRIVERS\HybridDiskX64.sys [2010-03-02 38496]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2013-11-05 39008]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2011-01-19 25960]
R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2014-04-03 28184]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-05-07 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-01 283064]
R1 hybridcfile;hybridcfile; C:\windows\system32\DRIVERS\HybridCFileX64.sys [2010-03-02 13920]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R1 winioex;winioex; C:\windows\system32\drivers\winioex.sys [2013-11-05 15456]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-05-07 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-05-07 79184]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-05-15 85328]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2013-11-05 29792]
R3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 DelayMan;ACPI DelayMan Filter Service; C:\windows\system32\DRIVERS\delayman.sys [2013-11-05 20064]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12262336]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-02-22 2750312]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2010-12-13 174168]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2011-01-06 411688]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtsuvc;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2011-02-23 8199016]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-12-17 1404464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wdkmd;Intel WiDi KMD; C:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-07 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-05-07 109048]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-01-19 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-19 2009704]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-24 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-24 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-24 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Roli]

Zdravím, smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !

[Rubec]

AdwCleaner log:

# AdwCleaner v3.210 - Report created 25/05/2014 at 19:42:33
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Rubec - RUBEC-PC
# Running from : C:\Users\Rubec\Desktop\adwcleaner_3.210.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
Folder Found : C:\Program Files (x86)\GreenTree Applications
Folder Found : C:\Program Files (x86)\MyPC Backup
Folder Found : C:\Program Files (x86)\orbitdownloader
Folder Found : C:\Users\Rubec\AppData\Local\NativeMessaging
Folder Found : C:\Users\Rubec\AppData\Local\Tbccint

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Rubec\AppData\Roaming\Mozilla\Firefox\Profiles\b5el81x0.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Rubec\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1302 octets] - [25/05/2014 19:42:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1362 octets] ##########

[Rubec]

Mbam log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25.5.2014
Čas skenování: 19:45:24
Protokol: nevim.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.05.25.04
Databáze rootkitů: v2014.05.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7
CPU: x64
Souborový systém: NTFS
Uživatel: Rubec

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 283884
Uplynulý čas: 4 min, 21 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-270100528-1877774927-3815561456-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [5741d0857902999dcb29d6befd0507f9],

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 3
HackTool.Wpakill, C:\Users\Rubec\Desktop\RemoveWAT21.rar, , [85136aebe49758de315dd37829d79f61],
PUP.Optional.Spigot.A, C:\Users\Rubec\Downloads\YTDSetup.exe, , [514765f0c8b31a1c89f657cf6e92a25e],
PUP.Optional.OpenCandy, C:\Users\Rubec\Downloads\DTLite4491-0356.exe, , [9ff985d03c3f1f17580d3348d62ee719],

Fyzické sektory: 0
(No malicious items detected)


(end)

[Roli]

Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.


To co Mbam našel nech vše smazat.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[Rubec]

ADWcleaner log:

# AdwCleaner v3.211 - Report created 26/05/2014 at 19:54:56
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Rubec - RUBEC-PC
# Running from : C:\Users\Rubec\Downloads\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\orbitdownloader
Folder Deleted : C:\Users\Rubec\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Rubec\AppData\Local\Tbccint
Folder Deleted : C:\Users\Rubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnelgfmpooffemibikhmcklfnnimgijo
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\fnelgfmpooffemibikhmcklfnnimgijo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fnelgfmpooffemibikhmcklfnnimgijo
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Rubec\AppData\Roaming\Mozilla\Firefox\Profiles\b5el81x0.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Rubec\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1446 octets] - [25/05/2014 19:42:33]
AdwCleaner[R1].txt - [1846 octets] - [26/05/2014 19:54:07]
AdwCleaner[S0].txt - [1693 octets] - [26/05/2014 19:54:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1753 octets] ##########

[Rubec]

ComboFix log:

ComboFix 14-05-26.02 - Rubec 26.05.2014 20:11:49.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.8136.6037 [GMT 2:00]
Spuštěný z: c:\users\Rubec\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Roaming
c:\windows\s.bat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-26 do 2014-05-26 )))))))))))))))))))))))))))))))
.
.
2014-05-26 18:16 . 2014-05-26 18:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-05-26 18:16 . 2014-05-26 18:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-25 17:42 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-25 17:42 . 2014-05-26 17:55 -------- d-----w- C:\AdwCleaner
2014-05-25 17:39 . 2014-05-26 18:07 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-25 17:38 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-25 17:38 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-25 17:38 . 2014-05-25 17:38 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-25 17:38 . 2014-05-25 17:38 -------- d-----w- c:\programdata\Malwarebytes
2014-05-25 17:38 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-24 18:17 . 2014-05-24 18:17 -------- d-----w- C:\rsit
2014-05-24 18:17 . 2014-05-24 18:17 -------- d-----w- c:\program files\trend micro
2014-05-24 18:11 . 2014-05-24 18:12 -------- d-----w- c:\program files (x86)\Google
2014-05-24 18:11 . 2014-05-24 18:12 -------- d-----w- c:\users\Rubec\AppData\Local\Google
2014-05-23 06:01 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2DA6486D-11E0-4C7F-AE3D-1D76D48E8BEB}\mpengine.dll
2014-05-12 08:36 . 2009-09-04 15:44 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2014-05-12 08:35 . 2007-04-04 16:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2014-05-12 08:30 . 2014-05-12 08:30 -------- d-----w- c:\program files (x86)\Origin Games
2014-05-12 08:26 . 2014-05-12 08:30 -------- d-----w- c:\users\Rubec\AppData\Roaming\Origin
2014-05-12 08:26 . 2014-05-12 08:37 -------- d-----w- c:\users\Rubec\AppData\Local\Origin
2014-05-12 08:23 . 2014-05-12 08:30 -------- d-----w- c:\programdata\Origin
2014-05-12 08:23 . 2014-05-12 08:37 -------- d-----w- c:\programdata\Electronic Arts
2014-05-12 08:22 . 2014-05-12 08:29 -------- d-----w- c:\program files (x86)\Origin
2014-05-07 19:08 . 2014-05-07 19:08 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-07 19:08 . 2014-05-07 19:08 43152 ----a-w- c:\windows\avastSS.scr
2014-05-07 19:08 . 2014-05-15 19:08 447888 ----a-w- c:\windows\system32\drivers\aswndisflt.sys
2014-05-06 06:14 . 2014-05-06 06:14 -------- d-----w- c:\programdata\EPSON
2014-05-06 06:11 . 2014-05-06 06:11 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-05-06 06:10 . 2014-05-06 06:12 -------- d-----w- c:\users\Rubec\AppData\Local\Adobe
2014-05-05 11:33 . 2014-05-05 11:33 -------- d-----w- c:\programdata\YTD Video Downloader
2014-05-05 11:15 . 2014-05-05 11:15 -------- d-----w- c:\program files\Microsoft Silverlight
2014-05-05 11:15 . 2014-05-05 11:15 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-05-05 10:49 . 2014-05-05 19:24 -------- d-----w- C:\hudba
2014-05-05 10:42 . 2014-05-05 10:42 -------- d-----w- c:\users\Rubec\AppData\Roaming\ProgSense
2014-05-05 10:42 . 2014-05-05 10:42 -------- d-----w- C:\Downloads
2014-05-05 10:36 . 2014-05-05 11:10 -------- d-----w- c:\users\Rubec\AppData\Roaming\Orbit
2014-05-04 22:22 . 2014-05-04 22:22 -------- d-----w- c:\users\Rubec\AppData\Local\Macromedia
2014-05-04 22:11 . 2014-05-14 18:32 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-04 22:11 . 2014-05-14 18:32 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-04 22:11 . 2014-05-04 22:11 -------- d-----w- c:\windows\system32\Macromed
2014-05-02 21:42 . 2014-05-06 07:33 -------- d-----w- c:\users\Rubec\AppData\Local\ElevatedDiagnostics
2014-05-02 21:42 . 2014-05-02 21:42 -------- d-----w- c:\users\Rubec\AppData\Local\Diagnostics
2014-04-26 20:10 . 2014-04-26 20:10 -------- d-----w- c:\users\Rubec\AppData\Roaming\Unity
2014-04-26 19:38 . 2014-04-26 19:38 -------- d-----w- c:\users\Rubec\AppData\Local\Unity
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 19:08 . 2014-04-01 20:34 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-15 19:08 . 2014-04-01 20:34 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-15 19:08 . 2014-04-01 20:34 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-07 19:08 . 2014-04-01 20:34 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-07 19:08 . 2014-04-01 20:34 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-07 19:08 . 2014-04-01 20:34 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-07 19:08 . 2014-04-01 20:34 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-07 19:08 . 2014-04-01 20:34 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-25 18:46 . 2014-04-25 18:46 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-02 22:21 . 2014-04-01 20:34 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-04-01 16:08 . 2010-06-24 11:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-04-01 16:04 . 2014-04-01 16:04 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-03-31 07:35 . 2014-04-01 16:23 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2014-04-01 399224]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2014-01-14 2513992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-26 3888648]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridDiskX64.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridCFileX64.sys [x]
S1 winioex;winioex;c:\windows\system32\drivers\winioex.sys;c:\windows\SYSNATIVE\drivers\winioex.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 DelayMan;ACPI DelayMan Filter Service;c:\windows\system32\DRIVERS\delayman.sys;c:\windows\SYSNATIVE\DRIVERS\delayman.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-24 18:12 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-04 18:32]
.
2014-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-24 18:11]
.
2014-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-24 18:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-07 19:08 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-18 11779176]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2013-11-05 789920]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-11-05 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-11-05 5908928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 88.103.252.2 194.228.2.1
FF - ProfilePath - c:\users\Rubec\AppData\Roaming\Mozilla\Firefox\Profiles\b5el81x0.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-05-26 20:19:05
ComboFix-quarantined-files.txt 2014-05-26 18:19
.
Před spuštěním: Volných bajtů: 376 149 889 024
Po spuštění: Volných bajtů: 376 024 625 152
.
- - End Of File - - F65D9113CBCC3CA2837E2E0A2401EC6D
131324C4A886BCFCF46949DE8E4DE619

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::  
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[Rubec]

ComboFix 14-05-26.02 - Rubec 27.05.2014 22:21:19.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.8136.6460 [GMT 2:00]
Spuštěný z: c:\users\Rubec\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Rubec\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-27 do 2014-05-27 )))))))))))))))))))))))))))))))
.
.
2014-05-27 20:25 . 2014-05-27 20:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-05-27 20:25 . 2014-05-27 20:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-27 12:24 . 2014-05-27 12:24 -------- d-----w- c:\users\Rubec\AppData\Roaming\4Media
2014-05-27 12:21 . 2014-05-27 12:21 -------- d-----w- c:\programdata\4Media
2014-05-27 12:21 . 2014-05-27 12:21 -------- d-----w- c:\program files (x86)\4Media
2014-05-27 08:44 . 2014-05-27 08:44 -------- d-----w- c:\program files (x86)\GreenTree Applications
2014-05-27 08:26 . 2014-05-27 08:26 -------- d-----w- c:\users\Rubec\AppData\Local\Skype
2014-05-27 08:26 . 2014-05-27 20:12 -------- d-----w- c:\users\Rubec\AppData\Roaming\Skype
2014-05-27 08:26 . 2014-05-27 08:26 -------- d-----r- c:\program files (x86)\Skype
2014-05-27 08:26 . 2014-05-27 08:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-27 08:26 . 2014-05-27 08:26 -------- d-----w- c:\programdata\Skype
2014-05-25 17:42 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-25 17:42 . 2014-05-26 17:55 -------- d-----w- C:\AdwCleaner
2014-05-25 17:39 . 2014-05-26 18:07 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-25 17:38 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-25 17:38 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-25 17:38 . 2014-05-25 17:38 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-25 17:38 . 2014-05-25 17:38 -------- d-----w- c:\programdata\Malwarebytes
2014-05-25 17:38 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-24 18:17 . 2014-05-24 18:17 -------- d-----w- C:\rsit
2014-05-24 18:17 . 2014-05-24 18:17 -------- d-----w- c:\program files\trend micro
2014-05-24 18:11 . 2014-05-24 18:12 -------- d-----w- c:\program files (x86)\Google
2014-05-24 18:11 . 2014-05-24 18:12 -------- d-----w- c:\users\Rubec\AppData\Local\Google
2014-05-23 06:01 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2DA6486D-11E0-4C7F-AE3D-1D76D48E8BEB}\mpengine.dll
2014-05-12 08:36 . 2009-09-04 15:44 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2014-05-12 08:35 . 2007-04-04 16:55 403304 ----a-w- c:\windows\system32\xactengine2_7.dll
2014-05-12 08:30 . 2014-05-12 08:30 -------- d-----w- c:\program files (x86)\Origin Games
2014-05-12 08:26 . 2014-05-12 08:30 -------- d-----w- c:\users\Rubec\AppData\Roaming\Origin
2014-05-12 08:26 . 2014-05-12 08:37 -------- d-----w- c:\users\Rubec\AppData\Local\Origin
2014-05-12 08:23 . 2014-05-12 08:30 -------- d-----w- c:\programdata\Origin
2014-05-12 08:23 . 2014-05-12 08:37 -------- d-----w- c:\programdata\Electronic Arts
2014-05-12 08:22 . 2014-05-12 08:29 -------- d-----w- c:\program files (x86)\Origin
2014-05-07 19:08 . 2014-05-07 19:08 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-07 19:08 . 2014-05-07 19:08 43152 ----a-w- c:\windows\avastSS.scr
2014-05-07 19:08 . 2014-05-15 19:08 447888 ----a-w- c:\windows\system32\drivers\aswndisflt.sys
2014-05-06 06:14 . 2014-05-06 06:14 -------- d-----w- c:\programdata\EPSON
2014-05-06 06:11 . 2014-05-06 06:11 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-05-06 06:10 . 2014-05-06 06:12 -------- d-----w- c:\users\Rubec\AppData\Local\Adobe
2014-05-05 11:33 . 2014-05-27 08:44 -------- d-----w- c:\programdata\YTD Video Downloader
2014-05-05 11:15 . 2014-05-05 11:15 -------- d-----w- c:\program files\Microsoft Silverlight
2014-05-05 11:15 . 2014-05-05 11:15 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-05-05 10:49 . 2014-05-27 13:21 -------- d-----w- C:\hudba
2014-05-05 10:42 . 2014-05-05 10:42 -------- d-----w- c:\users\Rubec\AppData\Roaming\ProgSense
2014-05-05 10:42 . 2014-05-05 10:42 -------- d-----w- C:\Downloads
2014-05-05 10:36 . 2014-05-05 11:10 -------- d-----w- c:\users\Rubec\AppData\Roaming\Orbit
2014-05-04 22:22 . 2014-05-04 22:22 -------- d-----w- c:\users\Rubec\AppData\Local\Macromedia
2014-05-04 22:11 . 2014-05-14 18:32 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-04 22:11 . 2014-05-14 18:32 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-04 22:11 . 2014-05-04 22:11 -------- d-----w- c:\windows\system32\Macromed
2014-05-02 21:42 . 2014-05-06 07:33 -------- d-----w- c:\users\Rubec\AppData\Local\ElevatedDiagnostics
2014-05-02 21:42 . 2014-05-02 21:42 -------- d-----w- c:\users\Rubec\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 19:08 . 2014-04-01 20:34 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-15 19:08 . 2014-04-01 20:34 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-15 19:08 . 2014-04-01 20:34 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-07 19:08 . 2014-04-01 20:34 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-07 19:08 . 2014-04-01 20:34 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-07 19:08 . 2014-04-01 20:34 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-07 19:08 . 2014-04-01 20:34 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-07 19:08 . 2014-04-01 20:34 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-25 18:46 . 2014-04-25 18:46 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-02 22:21 . 2014-04-01 20:34 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-04-01 16:08 . 2010-06-24 11:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-04-01 16:04 . 2014-04-01 16:04 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-03-31 07:35 . 2014-04-01 16:23 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2014-04-01 399224]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2014-01-14 2513992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-26 3888648]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"20140526"="c:\program files\AVAST Software\Avast\setup\emupdate\c0c0ee45-2903-430c-8b7b-e728ebf74df7.exe" [2014-05-27 182720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridDiskX64.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridCFileX64.sys [x]
S1 winioex;winioex;c:\windows\system32\drivers\winioex.sys;c:\windows\SYSNATIVE\drivers\winioex.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 DelayMan;ACPI DelayMan Filter Service;c:\windows\system32\DRIVERS\delayman.sys;c:\windows\SYSNATIVE\DRIVERS\delayman.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-24 18:12 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-04 18:32]
.
2014-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-24 18:11]
.
2014-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-24 18:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-07 19:08 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-18 11779176]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2013-11-05 789920]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-11-05 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-11-05 5908928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 158.194.128.3 158.194.128.123
FF - ProfilePath - c:\users\Rubec\AppData\Roaming\Mozilla\Firefox\Profiles\b5el81x0.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
Celkový čas: 2014-05-27 22:26:39
ComboFix-quarantined-files.txt 2014-05-27 20:26
ComboFix2.txt 2014-05-26 18:19
.
Před spuštěním: Volných bajtů: 374 261 006 336
Po spuštění: Volných bajtů: 374 241 587 200
.
- - End Of File - - 755C797D743F73E493DD5E60FFA86B1E
131324C4A886BCFCF46949DE8E4DE619

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.

[Rubec]

Zdravím a omlouvám se za pozdní odpověd.. byl jsem mimo PC. Jinak, počítač už šlape dobře, chrome začal fungovat, jak má a vůbec se nezasekává Jediný problém co se objevil je, že mi v pravo v liště zmizeli programky, jako je antivir, atd.. a nejdou nahodit zpět (vypínat šťíty antviru tím, že ho musím zapnout a najet do nastavení, atd.. je otrava ) a ještě, kdyź tam rozkliknu " Zobrazit skryté ikony " tak se misto nápisu CS klávesnice zobrazí bílí odélník Snad to půjde nějak lehce opravit.
PS: během psaní jsem zjistil ještě jeden problém, bohužel na tom samém místě, jak všechny ostatní Ohlašování problémů ve winů.. jakmile win začne hlásit nějaký problém např. vypnutý antivir tak ta hláška tam bliká jak blázen dokud nezmizí po nějaké době.. je to docela dost otravné, jak to bliká... :/

Díky.
Rubec

[Roli]

Antivir a ty ostatní ikony by měli jít nastavit ve Vlastnostech oznamovací oblasti.

Sedmičky tu nemám, ale tak nějak to bude, myslím že by to mělo jít i přes tu vlaječku.

[Rubec]

Tam jsem to právě zkoušel... naběhlo mi akorát Bluetooth a ovladač grafiky... ten avast nenaběhl.. navíc v těch upozorněních windows (vlaječka) mi to furt háže dialogové okno, že je antivirus vypnutý a přitom vše běží... Zkusím se v tom ještě nějak porýpat, snad na něco přijdu, ale moc tomu nedávám.. Jinak díky za pomoc, PC teď šlape suprově. Zachránil jste mě před reinstalací winu

[Roli]

... ten avast nenaběhl..

Tak ho reinstaluj, tím nic nepokazíš a mrkni také do Centra akcí nebo jak se to jmenuje.

Než to tu zamknu dej vědět

[Rubec]

Opět trochu se spožděním... Nebyl jsem dostupný.. Ten Avast už je OK a naběhli i další věci.. všechno nějak spravila náhlá modrá smrt.. Hleděl jsem jak blběj, ale poprvé jsem ji měl rád. Akorát mi kvůli ní zase nefunguje chrome.. ale to už bude problém jinde, ikdyž to dělá to samé, co předtím. Tak tedy díky za pomoc a vyčištění PC a můžete to tu asi LOCK