VIRY.CZ

Dobrý den,

prosím o kontrolu logu.
Start počítače do přihlášení trvá 3 minuty, po přihlášení do použitelného stavu dalších pět minut. IE po spuštění načítá pofidérní stránku, které se nejde zbavit. Celková pomalost počítače.

Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by v at 2015-07-21 13:46:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 38 GB (18%) free of 211 GB
Total RAM: 3060 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:46:51, on 21.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\SFK\SFKEX.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Model\cmssservice\cmssservice.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\Model\java\bin\java.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K63R67U1\RSIT.exe
C:\Program Files\trend micro\v.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts ... S2615S2615
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=dsp ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=dsp ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hppp&ts ... S2615S2615
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hppp&ts ... S2615S2615
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [RotateImage] C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [HP LaserJet 400 MFP M425 Series Fax] C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet 400 MFP M425 Series Fax"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: addToTrustedSites.vbs
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: cmssservice.lnk = C:\Model\cmssservice\cmssservice.exe
O4 - Global Startup: runModel.vbs
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.http://127.0.0.1
O15 - Trusted Zone: *.http://localhost
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: IHProtect Service - XTab system - C:\Program Files\MiuiTab\ProtectService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SSFK - TODO: <???> - C:\Program Files\SFK\SSFK.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 13024 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverNavigator Scheduled Scan.job - C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe --scan
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\uaclauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\Windows\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\uaclauncher.exe -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-21 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-24 2221352]
"IMSS"=C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2010-05-03 112152]
"RotateImage"=C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe [2008-10-31 31744]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2010-07-02 337256]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2010-07-27 69560]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-15 307768]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2011-01-15 54632]
"Lenovo Registration"=C:\Program Files\Lenovo Registration\LenovoReg.exe [2011-02-09 4309184]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [2011-04-14 31592]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"StatusAlerts"=C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [2012-07-18 313248]
"HP LaserJet 400 MFP M425 Series Fax"=C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [2014-08-14 2459888]
"gmsd_re_120"= []
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-21 6109776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2015-03-18 720064]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-06-01 6405912]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
addToTrustedSites.vbs
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
cmssservice.lnk - C:\Model\cmssservice\cmssservice.exe
runModel.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"msacm.ulmp3acm"=ulmp3acm.acm
"msacm.mpegacm"=mpegacm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2015-07-21 13:25:23 ----D---- C:\Users\v\AppData\Roaming\AVAST Software
2015-07-21 13:24:04 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-07-21 13:24:04 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-07-21 13:24:03 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-07-21 13:24:03 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-07-21 13:24:03 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-07-21 13:24:03 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-07-21 13:24:03 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-07-21 13:24:02 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-07-21 13:24:01 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-07-21 13:23:43 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-21 13:23:21 ----A---- C:\Windows\avastSS.scr
2015-07-21 13:22:30 ----D---- C:\Program Files\AVAST Software
2015-07-21 13:21:59 ----D---- C:\ProgramData\AVAST Software
2015-07-21 13:05:15 ----D---- C:\Program Files\CCleaner
2015-07-21 12:56:04 ----D---- C:\Program Files\trend micro
2015-07-21 12:56:03 ----D---- C:\rsit
2015-07-21 10:33:08 ----D---- C:\ProgramData\Symantec
2015-07-21 10:31:27 ----D---- C:\ProgramData\Norton
2015-07-21 10:14:02 ----A---- C:\Program Files\SSFK.exe
2015-07-21 09:34:05 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 09:34:05 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 09:34:05 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 09:34:05 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 09:34:05 ----A---- C:\Windows\system32\atmfd.dll
2015-07-20 03:33:33 ----D---- C:\93dec2fdce063c6d67c950b9
2015-07-20 03:25:15 ----A---- C:\Windows\system32\perf-MSSQL$ELISKA4CLIENT-sqlctr10.52.4042.0.dll
2015-07-20 01:30:25 ----D---- C:\Program Files\SFK
2015-07-19 23:57:16 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-19 23:57:14 ----A---- C:\Windows\system32\win32k.sys
2015-07-19 23:56:58 ----A---- C:\Windows\system32\kerberos.dll
2015-07-19 23:56:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-19 23:56:57 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-19 23:56:56 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-19 23:56:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-19 23:56:55 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-19 23:56:55 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-19 23:56:55 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-19 23:56:54 ----A---- C:\Windows\system32\wdigest.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\sspicli.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\schannel.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\secur32.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\msobjs.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\msaudite.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\lsass.exe
2015-07-19 23:56:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-19 23:56:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\credssp.dll
2015-07-19 23:56:54 ----A---- C:\Windows\system32\auditpol.exe
2015-07-19 23:56:54 ----A---- C:\Windows\system32\adtschema.dll
2015-07-19 23:56:35 ----A---- C:\Windows\system32\msi.dll
2015-07-19 23:56:35 ----A---- C:\Windows\system32\authui.dll
2015-07-19 23:56:34 ----A---- C:\Windows\system32\msimsg.dll
2015-07-19 23:56:34 ----A---- C:\Windows\system32\msihnd.dll
2015-07-19 23:56:34 ----A---- C:\Windows\system32\msiexec.exe
2015-07-19 23:56:34 ----A---- C:\Windows\system32\consent.exe
2015-07-19 23:56:34 ----A---- C:\Windows\system32\appinfo.dll
2015-07-19 23:56:07 ----A---- C:\Windows\system32\ole32.dll
2015-07-19 23:56:04 ----A---- C:\Windows\system32\appraiser.dll
2015-07-19 23:56:04 ----A---- C:\Windows\system32\aeinv.dll
2015-07-19 23:56:03 ----A---- C:\Windows\system32\invagent.dll
2015-07-19 23:56:03 ----A---- C:\Windows\system32\generaltel.dll
2015-07-19 23:56:01 ----A---- C:\Windows\system32\devinv.dll
2015-07-19 23:56:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-19 23:56:01 ----A---- C:\Windows\system32\acmigration.dll
2015-07-19 23:56:00 ----A---- C:\Windows\system32\aepdu.dll
2015-07-19 23:55:58 ----A---- C:\Windows\system32\gdi32.dll
2015-07-19 23:55:49 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-19 23:55:49 ----A---- C:\Windows\system32\crypt32.dll
2015-07-19 23:55:48 ----A---- C:\Windows\system32\wintrust.dll
2015-07-19 23:55:48 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-19 23:55:27 ----A---- C:\Windows\system32\wuapp.exe
2015-07-19 23:55:27 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-19 23:55:26 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-19 23:55:26 ----A---- C:\Windows\system32\wups2.dll
2015-07-19 23:55:26 ----A---- C:\Windows\system32\wups.dll
2015-07-19 23:55:26 ----A---- C:\Windows\system32\wudriver.dll
2015-07-19 23:55:26 ----A---- C:\Windows\system32\wucltux.dll
2015-07-19 23:55:26 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-19 23:55:26 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-19 23:55:26 ----A---- C:\Windows\system32\wuapi.dll
2015-07-19 23:55:26 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-19 23:55:13 ----A---- C:\Windows\system32\jscript9.dll
2015-07-19 23:55:12 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-19 23:55:10 ----A---- C:\Windows\system32\urlmon.dll
2015-07-19 23:55:09 ----A---- C:\Windows\system32\ieui.dll
2015-07-19 23:55:09 ----A---- C:\Windows\system32\ieframe.dll
2015-07-19 23:55:08 ----A---- C:\Windows\system32\mshtml.dll
2015-07-19 23:55:07 ----A---- C:\Windows\system32\iertutil.dll
2015-07-19 23:54:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-19 23:54:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-19 23:54:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-19 23:54:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-19 23:54:58 ----A---- C:\Windows\system32\iernonce.dll
2015-07-19 23:54:58 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-19 23:54:58 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-19 23:54:57 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-19 23:54:57 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-19 23:54:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-19 23:54:56 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-19 23:54:56 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-19 23:54:55 ----A---- C:\Windows\system32\msrating.dll
2015-07-19 23:54:55 ----A---- C:\Windows\system32\iesetup.dll
2015-07-19 23:54:54 ----A---- C:\Windows\system32\wininet.dll
2015-07-19 23:54:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-19 23:54:53 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-19 23:54:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-19 23:54:50 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-19 23:54:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-19 23:54:46 ----A---- C:\Windows\system32\vbscript.dll
2015-07-19 23:54:46 ----A---- C:\Windows\system32\jscript.dll
2015-06-30 09:46:08 ----D---- C:\0ee66f0ee239e4a1cd4a4db45a18e6
2015-06-24 01:29:00 ----A---- C:\Windows\system32\FM20.DLL
2015-06-16 22:28:26 ----D---- C:\Program Files\MiuiTab
2015-06-10 10:43:51 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 10:43:46 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 10:42:51 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 10:42:44 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 10:42:43 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-06-10 10:42:42 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 10:42:41 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 10:42:39 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 10:42:38 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 10:42:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 10:42:36 ----A---- C:\Windows\system32\logman.exe
2015-06-10 10:42:35 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 10:42:35 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 10:42:34 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 10:42:34 ----A---- C:\Windows\system32\smss.exe
2015-06-10 10:42:33 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 10:42:33 ----A---- C:\Windows\system32\relog.exe
2015-06-10 10:42:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 10:42:32 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 10:42:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 10:42:28 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 10:42:05 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 10:42:04 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 10:42:04 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 10:42:03 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 10:42:02 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 10:42:01 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 10:42:00 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:42:00 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:42:00 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:42:00 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:42:00 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:42:00 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:42:00 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:42:00 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:42:00 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 10:42:00 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:41:59 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:41:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:41:57 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:41:43 ----A---- C:\Windows\system32\comctl32.dll
2015-05-24 19:31:41 ----D---- C:\Drivers
2015-05-24 19:23:06 ----SHD---- C:\Config.Msi
2015-05-19 20:12:55 ----D---- C:\Program Files\Mozilla Thunderbird
2015-05-14 03:27:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:51:10 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 10:50:29 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 10:50:29 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 10:50:25 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 10:50:11 ----A---- C:\Windows\system32\services.exe
2015-05-13 10:49:37 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 10:49:37 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 10:49:37 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 10:49:37 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-13 10:49:34 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 10:49:33 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 10:49:28 ----A---- C:\Windows\system32\poqexec.exe

======List of files/folders modified in the last 3 months======

2015-07-21 13:46:47 ----D---- C:\Windows\Temp
2015-07-21 13:33:03 ----SHD---- C:\$Recycle.Bin
2015-07-21 13:29:15 ----A---- C:\Windows\system32\log.txt
2015-07-21 13:28:41 ----D---- C:\Windows\System32
2015-07-21 13:28:33 ----D---- C:\Windows\system32\config
2015-07-21 13:28:22 ----D---- C:\Windows\system32\Tasks
2015-07-21 13:26:52 ----RD---- C:\Program Files
2015-07-21 13:26:51 ----SHD---- C:\System Volume Information
2015-07-21 13:26:51 ----D---- C:\Program Files\Common Files
2015-07-21 13:26:50 ----D---- C:\Windows
2015-07-21 13:26:50 ----D---- C:\Program Files\Pismo File Mount Audit Package
2015-07-21 13:26:48 ----HD---- C:\Program Files\InstallShield Installation Information
2015-07-21 13:26:05 ----D---- C:\Windows\system32\catroot
2015-07-21 13:24:04 ----D---- C:\Windows\system32\drivers
2015-07-21 13:23:58 ----D---- C:\Windows\winsxs
2015-07-21 13:21:59 ----HD---- C:\ProgramData
2015-07-21 13:18:43 ----SHD---- C:\Windows\Installer
2015-07-21 13:16:46 ----D---- C:\Program Files\CONEXANT
2015-07-21 13:16:41 ----D---- C:\Program Files\ThinkPad
2015-07-21 13:16:30 ----D---- C:\Windows\system32\DriverStore
2015-07-21 13:16:30 ----D---- C:\Windows\inf
2015-07-21 13:10:37 ----D---- C:\Windows\Panther
2015-07-21 13:10:37 ----D---- C:\Windows\Logs
2015-07-21 13:10:36 ----D---- C:\Windows\debug
2015-07-21 12:13:21 ----A---- C:\Windows\win.ini
2015-07-21 10:57:55 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-21 10:51:27 ----D---- C:\ProgramData\PCDr
2015-07-21 10:33:10 ----RSD---- C:\Windows\assembly
2015-07-21 10:30:54 ----A---- C:\Windows\NISPERM.TXT
2015-07-21 10:21:04 ----D---- C:\Windows\SoftwareDistribution
2015-07-21 09:28:48 ----D---- C:\Program Files\eLiska4
2015-07-21 09:24:39 ----SD---- C:\ProgramData\Microsoft
2015-07-21 09:24:39 ----D---- C:\Program Files\Microsoft
2015-07-20 19:34:17 ----D---- C:\Windows\system32\cs-CZ
2015-07-20 19:34:10 ----SD---- C:\Windows\system32\CompatTel
2015-07-20 19:34:10 ----D---- C:\Windows\system32\wbem
2015-07-20 19:34:10 ----D---- C:\Windows\system32\appraiser
2015-07-20 19:34:10 ----D---- C:\Windows\AppPatch
2015-07-20 19:34:07 ----D---- C:\Windows\PolicyDefinitions
2015-07-20 19:34:06 ----D---- C:\Windows\system32\en-US
2015-07-20 19:34:06 ----D---- C:\Program Files\Internet Explorer
2015-07-20 03:33:54 ----D---- C:\Windows\system32\MRT
2015-07-20 03:31:00 ----D---- C:\ProgramData\Microsoft Help
2015-07-20 03:28:50 ----D---- C:\Windows\Microsoft.NET
2015-07-20 03:25:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-20 03:14:30 ----D---- C:\Program Files\Microsoft.NET
2015-07-20 03:08:11 ----D---- C:\Program Files\Microsoft SQL Server
2015-07-20 03:07:02 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-07-19 23:53:58 ----D---- C:\Windows\system32\catroot2
2015-07-19 23:38:04 ----SD---- C:\Windows\system32\GWX
2015-07-13 13:59:31 ----D---- C:\Windows\Prefetch
2015-07-11 01:38:52 ----D---- C:\Users\v\AppData\Roaming\vlc
2015-07-03 08:49:12 ----A---- C:\Windows\system32\MRT.exe
2015-06-28 16:11:31 ----D---- C:\Windows\Tasks
2015-06-26 09:01:24 ----D---- C:\Program Files\ModelSS
2015-06-23 13:27:10 ----N---- C:\Windows\system32\MpSigStub.exe
2015-06-21 00:50:01 ----D---- C:\Windows\system32\NDF
2015-06-16 22:44:21 ----D---- C:\swshare
2015-06-16 22:29:25 ----D---- C:\Program Files\XTab
2015-06-11 04:16:42 ----D---- C:\Windows\rescache
2015-06-11 03:35:21 ----D---- C:\Program Files\Windows Media Player
2015-06-02 09:00:26 ----D---- C:\Users\v\AppData\Roaming\HpUpdate
2015-05-24 21:36:33 ----D---- C:\ProgramData\HP
2015-05-24 19:10:02 ----SD---- C:\Users\v\AppData\Roaming\Microsoft
2015-05-14 03:46:16 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-14 03:46:12 ----D---- C:\Program Files\Windows Journal
2015-05-14 03:46:02 ----D---- C:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-21 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-21 208664]
R0 DozeHDD;DozeHDD; C:\Windows\System32\DRIVERS\DozeHDD.sys [2010-08-24 24304]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-03-03 435736]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-21 95112]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [2010-06-16 120432]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM86.sys [2010-06-16 20592]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-21 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-21 788784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-21 433264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2010-08-24 11552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-21 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-21 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-21 113592]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-09-30 13752]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-21 220752]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-05-24 132864]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2010-08-25 486016]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6232.sys [2009-12-10 214696]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-11-18 26608]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
R3 LenovoRd;LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [2009-05-11 88832]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-07-02 33088]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-24 1334448]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 38336]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pmxdrv;pmxdrv; \??\C:\Windows\system32\drivers\pmxdrv.sys [2015-01-09 816792]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S4 RsFx0153;RsFx0153 Driver; C:\Windows\system32\DRIVERS\RsFx0153.sys [2015-03-30 250152]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2011-04-14 124264]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2011-04-14 263528]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-21 146600]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2009-08-12 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-07-20 866576]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2012-05-02 164864]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-11-18 38248]
R2 IHProtect Service;IHProtect Service; C:\Program Files\MiuiTab\ProtectService.exe [2015-06-16 125056]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2011-01-15 41320]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-01-15 65896]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-05-03 325656]
R2 MSSQL$ELISKA4CLIENT;SQL Server (ELISKA4CLIENT); c:\Program Files\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\sqlservr.exe [2015-03-30 43130032]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-28 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-07-20 477456]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]
R2 SSFK;SSFK; C:\Program Files\SFK\SSFK.exe [2015-07-21 459464]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2010-02-11 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-29 1019904]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2008-01-10 61440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-03 2533400]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-21 3218624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-21 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2010-08-24 132456]
S3 HP DS Service;HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-16 149616]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-08-24 75112]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2010-06-16 40048]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-09-30 99768]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2009-09-04 1474560]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 SQLAgent$ELISKA4CLIENT;SQL Server Agent (ELISKA4CLIENT); c:\Program Files\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\SQLAGENT.EXE [2015-03-30 381104]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2015-03-30 278704]

-----------------EOF-----------------

Zdravím,

stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21.7.2015
Čas skenování: 19:00
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.21.05
Databáze rootkitů: v2015.07.17.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: v

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 316246
Uplynulý čas: 24 min, 45 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 7
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [3138c3217d0d64d2de8a9278d330f808],
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18\SOFTWARE\Mediaplayersversion2.4-nv-ie, , [2b3e8262a5e5da5c7a6cb85b29da21df],
PUP.Optional.ShopUp.A, HKU\S-1-5-18\SOFTWARE\Shoppy-Up.2.7-nv-ie, , [51180cd8bfcbe94d5e9ed647d52ea15f],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [f871727272180c2ab5d594fca163e61a],
PUP.Optional.MediaPlayer.A, HKU\S-1-5-21-4055966057-4005001248-3146983390-1000\SOFTWARE\Mediaplayersversion2.4-nv-ie, , [79f038ac503a58de05e1080bea1907f9],
PUP.Optional.PCHelper.A, HKU\S-1-5-21-4055966057-4005001248-3146983390-1000\SOFTWARE\PC Helper-nv-ie, , [0861657fcac0d85e375871a14db68779],
PUP.Optional.ShopUp.A, HKU\S-1-5-21-4055966057-4005001248-3146983390-1000\SOFTWARE\Shoppy-Up.2.7-nv-ie, , [a0c9f5efb6d4eb4b12eadf3e20e3ff01],

Hodnoty registru: 1
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_re_120, , [f277558f880200361568b16d4db6af51],

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 3
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\net_search, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin, , [3f2a29bb8a000f2726f6df29b64d55ab],

Soubory: 40
PUP.Optional.CrossRider.A, C:\Users\v\Downloads\112f6.exe, , [1e4ba242137759dd856292eb02ff9769],
PUP.Optional.CrossRider.A, C:\Users\v\Downloads\a95e3.exe, , [4326ac3864262f075d8a9edfa65b1de3],
PUP.Optional.DigitalPlugin.C, C:\Users\v\Downloads\Setup.exe, , [abbeebf9078348eeab34a8d7c938de22],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\config.ini, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\everything.dll, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\everything.exe, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\helper.dll, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\Patch.dll, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\SearchBase.db, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\SearchBase.exe, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\SearchHand.dll, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\ServiceEverything.exe, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\SFKEX.dll, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\SFKEX.exe, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\SFKEX64.dll, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\SFKEX64.exe, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\uninst.exe, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\update.exe, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\net_search\bing.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\net_search\google.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\net_search\search_config.ini, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\net_search\SFK.ini, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\net_search\SFKEX.ini, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\net_search\yahoo.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\bing.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\caret.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\FileListItem.xml, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\FileListItem_bing.xml, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\FileListItem_google.xml, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\frame.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\frame2.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\google.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\guide.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\icon_search.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\mainpanel.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\MainPannel.xml, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\panel_base.xml, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\search_content_list.png, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\WndMask.xml, , [3f2a29bb8a000f2726f6df29b64d55ab],
PUP.Optional.Everything.A, C:\Users\v\AppData\Everything\skin\yahoo.png, , [3f2a29bb8a000f2726f6df29b64d55ab],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

# AdwCleaner v4.208 - Log vytvořen 21/07/2015 v 18:46:18
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-15.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x86)
# Uživatelské jméno : v - V-THINK
# Spuštěno z : C:\Users\v\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\975DGP8U\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : IHProtect Service

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\Program Files\globalUpdate
Složka Smazáno : C:\Program Files\predm
Složka Smazáno : C:\Program Files\XTab
Složka Smazáno : C:\Program Files\doctorpclab.com
Složka Smazáno : C:\Program Files\tencent
Složka Smazáno : C:\Program Files\miuitab
Složka Smazáno : C:\Users\v\SupTab
Složka Smazáno : C:\Users\v\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\v\AppData\Roaming\tencent
Složka Smazáno : C:\Users\v\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tencent
Složka Smazáno : C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\g1is0hlt.default\Extensions\faststartff@gmail.com
Složka Smazáno : C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\g1is0hlt.default\Extensions\fftoolbar2014@etech.com
Složka Smazáno : C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\g1is0hlt.default\Extensions\searchengine@gmail.com
Složka Smazáno : C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\g1is0hlt.default\Extensions\{15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed}
Soubor Smazáno : C:\Users\v\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QQPlayer.lnk
Soubor Smazáno : C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\g1is0hlt.default\searchplugins\istartsurf.xml
Soubor Smazáno : C:\Users\v\AppData\Roaming\Mozilla\Firefox\Profiles\g1is0hlt.default\searchplugins\smartbar.xml

***** [ Naplánované úlohy ] *****

Úloha Smazáno : DoctorPC_Popup
Úloha Smazáno : DoctorPC_Start
Úloha Smazáno : LaunchSignup

***** [ Zástupci ] *****

***** [ Registry ] *****

Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchengine@gmail.com]
Klíč Smazáno : HKLM\SOFTWARE\Classes\speedupmypc
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKCU\Software\Mozilla\Extends
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9809370D-829B-4564-8978-E57D01CD9AE5}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\1ClickDownload
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\TutoTag
Klíč Smazáno : HKCU\Software\V9
Klíč Smazáno : HKCU\Software\Crossbrowse
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\Description
Klíč Smazáno : HKLM\SOFTWARE\hdcode
Klíč Smazáno : HKLM\SOFTWARE\istartsurfSoftware
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\Tutorials
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\PicexaSvc
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\QQPlayer
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17909

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.defaultenginename", "istartsurf");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.alias", "istartsurf");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/web/favicon.ico");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.name", "istartsurf");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=dspp&ts=14 ... earchTerms}");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.selectedEngine", "istartsurf");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hppp&ts=142480 ... S2615S2615");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.crossrider.bic", "14bb9ce7056abbcb263c09b011b4fa3e");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.quick_start.enable_search1", false);
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.admin", false);
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.aflt", "orgnl");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.appId", "{C5E5951A-4ADD-4402-8A8E-EF97DCB9D8EC}");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.autoRvrt", "false");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.dfltLng", "");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.excTlbr", false);
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.id", "721f3679000000000000183da22b479d");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.instlDay", "16490");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.instlRef", "");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.newTab", false);
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.prdct", "smartbar");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.prtnrId", "bechiro");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.rvrt", "false");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.smplGrp", "mm");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.tlbrId", "smartbar");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.tlbrSrchUrl", "hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q=");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsn", "1.8.8.12");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsnTs", "1.8.8.1215:13:19");
[g1is0hlt.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsni", "1.8.8.12");

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [9311 bytů] - [21/07/2015 18:45:25]
AdwCleaner[S0].txt - [8576 bytů] - [21/07/2015 18:46:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8634 bytů] ##########

To co Mbam našel nech vše smazat.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

mbam vše smazal.

ComboFix 15-07-23.01 - v 24.07.2015 20:37:33.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3060.1707 [GMT 2:00]
Spuštěný z: c:\users\v\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Q:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-24 do 2015-07-24 )))))))))))))))))))))))))))))))
.
.
2015-07-24 18:46 . 2015-07-24 18:46 -------- d-----w- c:\users\v\AppData\Local\temp
2015-07-24 17:32 . 2015-07-15 01:33 9252608 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B858588-7A8E-4FB1-BD91-B2FA4860246E}\mpengine.dll
2015-07-21 16:59 . 2015-07-24 17:25 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-21 16:59 . 2015-06-18 06:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-21 16:59 . 2015-06-18 06:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-21 16:59 . 2015-06-18 06:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-21 16:59 . 2015-07-21 16:59 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-07-21 16:59 . 2015-07-21 16:59 -------- d-----w- c:\programdata\Malwarebytes
2015-07-21 16:45 . 2015-07-21 16:46 -------- d-----w- C:\AdwCleaner
2015-07-21 12:22 . 2015-07-21 12:22 -------- d-----w- c:\windows\system32\vbox
2015-07-21 11:25 . 2015-07-21 11:25 -------- d-----w- c:\users\v\AppData\Roaming\AVAST Software
2015-07-21 11:24 . 2015-07-21 11:23 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-21 11:24 . 2015-07-21 11:23 113592 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-07-21 11:24 . 2015-07-21 11:23 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-07-21 11:24 . 2015-07-21 11:23 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-21 11:24 . 2015-07-21 11:23 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-21 11:24 . 2015-07-21 11:23 433264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-07-21 11:24 . 2015-07-21 11:23 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-21 11:24 . 2015-07-21 11:23 788784 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-21 11:24 . 2015-07-21 11:23 95112 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-07-21 11:23 . 2015-07-21 11:23 313472 ----a-w- c:\windows\system32\aswBoot.exe
2015-07-21 11:23 . 2015-07-21 11:23 43112 ----a-w- c:\windows\avastSS.scr
2015-07-21 11:22 . 2015-07-21 11:22 -------- d-----w- c:\program files\AVAST Software
2015-07-21 11:21 . 2015-07-21 11:21 -------- d-----w- c:\programdata\AVAST Software
2015-07-21 11:05 . 2015-07-21 11:05 -------- d-----w- c:\program files\CCleaner
2015-07-21 10:56 . 2015-07-21 11:46 -------- d-----w- c:\program files\trend micro
2015-07-21 10:56 . 2015-07-21 10:56 -------- d-----w- C:\rsit
2015-07-21 08:33 . 2015-07-21 08:33 -------- d-----w- c:\programdata\Symantec
2015-07-21 08:31 . 2015-07-21 11:26 -------- d-----w- c:\programdata\Norton
2015-07-21 08:14 . 2015-07-21 08:14 459464 ----a-w- c:\program files\SSFK.exe
2015-07-21 07:34 . 2015-07-15 02:55 26624 ----a-w- c:\windows\system32\lpk.dll
2015-07-21 07:34 . 2015-07-15 02:55 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-07-21 07:34 . 2015-07-15 02:55 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-07-21 07:34 . 2015-07-15 02:55 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-07-21 07:34 . 2015-07-15 01:52 299008 ----a-w- c:\windows\system32\atmfd.dll
2015-07-20 01:33 . 2015-07-20 01:33 -------- d-----w- C:\93dec2fdce063c6d67c950b9
2015-07-20 01:25 . 2015-03-29 22:47 83624 ----a-w- c:\windows\system32\perf-MSSQL$ELISKA4CLIENT-sqlctr10.52.4042.0.dll
2015-07-19 23:30 . 2015-07-24 18:48 -------- d-----w- c:\program files\SFK
2015-07-19 21:57 . 2015-06-01 23:47 210432 ----a-w- c:\windows\system32\cewmdm.dll
2015-07-19 21:57 . 2015-06-25 08:46 2383872 ----a-w- c:\windows\system32\win32k.sys
2015-07-19 21:55 . 2015-06-17 17:39 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-07-19 21:54 . 2015-06-19 18:31 37888 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-06-30 07:46 . 2015-06-30 07:46 -------- d-----w- C:\0ee66f0ee239e4a1cd4a4db45a18e6
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-21 08:57 . 2015-01-09 13:43 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-07-21 08:57 . 2015-01-09 13:43 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-01 20:30 . 2015-07-19 21:56 248832 ----a-w- c:\windows\system32\schannel.dll
2015-06-23 23:29 . 2015-06-23 23:29 1217192 ----a-w- c:\windows\system32\FM20.DLL
2015-06-23 11:27 . 2015-01-08 23:42 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-05-25 18:07 . 2015-06-10 08:42 3989440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 08:42 3934144 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 08:42 1307648 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:01 . 2015-06-10 08:42 853504 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:01 . 2015-06-10 08:42 635392 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:01 . 2015-06-10 08:42 400896 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:01 . 2015-06-10 08:42 43008 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:01 . 2015-06-10 08:42 92160 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:01 . 2015-06-10 08:42 38912 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:01 . 2015-06-10 08:42 641536 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:00 . 2015-06-10 08:42 40448 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:00 . 2015-06-10 08:42 364544 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 08:42 69632 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:00 . 2015-06-10 08:42 262656 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:00 . 2015-06-10 08:42 37888 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:00 . 2015-06-10 08:42 82944 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:00 . 2015-06-10 08:42 17408 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 17:55 . 2015-06-10 08:42 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 16:53 . 2015-06-10 08:42 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-21 13:20 . 2015-06-10 08:43 163840 ----a-w- c:\windows\system32\aepic.dll
2015-05-09 03:14 . 2015-06-10 08:42 169984 ----a-w- c:\windows\system32\winsrv.dll
2015-05-09 03:13 . 2015-06-10 08:42 293376 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-09 03:12 . 2015-06-10 08:42 271360 ----a-w- c:\windows\system32\conhost.exe
2015-05-09 03:08 . 2015-06-10 08:42 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 08:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 08:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-01 13:16 . 2015-05-14 01:27 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:07 . 2015-06-10 08:42 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-04-29 18:07 . 2015-06-10 08:42 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-04-29 18:07 . 2015-06-10 08:42 8192 ----a-w- c:\windows\system32\spwmp.dll
2015-04-29 18:05 . 2015-06-10 08:42 12625408 ----a-w- c:\windows\system32\wmploc.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-21 11:23 692512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2015-03-18 720064]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-03-24 2221352]
"IMSS"="c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-05-03 112152]
"RotateImage"="c:\program files\Integrated Camera Driver\RCIMGDIR.exe" [2008-10-30 31744]
"TpShocks"="TpShocks.exe" [2010-07-02 337256]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2010-07-27 69560]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-15 307768]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-08-24 894312]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-01-14 54632]
"Lenovo Registration"="c:\program files\Lenovo Registration\LenovoReg.exe" [2011-02-09 4309184]
"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2011-04-14 31592]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"StatusAlerts"="c:\program files\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"HP LaserJet 400 MFP M425 Series Fax"="c:\program files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe" [2014-08-13 2459888]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-21 6109776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
addToTrustedSites.vbs [2013-11-4 434]
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-8-12 795936]
cmssservice.lnk - c:\model\cmssservice\cmssservice.exe [2013-10-10 381440]
runModel.vbs [2013-5-15 130]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-08-24 132456]
R3 HP DS Service;HP DS Service;c:\program files\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-06-19 102912]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2015-01-09 816792]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-08-24 75112]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-30 99768]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
R4 RsFx0153;RsFx0153 Driver;c:\windows\system32\DRIVERS\RsFx0153.sys [2015-03-29 250152]
R4 SQLAgent$ELISKA4CLIENT;SQL Server Agent (ELISKA4CLIENT);c:\program files\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\SQLAGENT.EXE [2015-03-29 381104]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-08-24 24304]
S0 ngvss;ngvss; [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2010-06-16 20592]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-07-21 788784]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-07-21 433264]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-07-21 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-07-21 76000]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-07-21 113592]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [2012-05-02 164864]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2011-01-14 41320]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-01-14 65896]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
S2 MSSQL$ELISKA4CLIENT;SQL Server (ELISKA4CLIENT);c:\program files\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\sqlservr.exe [2015-03-29 43130032]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
S2 SSFK;SSFK;c:\program files\SFK\SSFK.exe [2015-07-21 459464]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-09-30 13752]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-03 2533400]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-21 220752]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2011-05-23 132864]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-21 3218624]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2009-12-10 214696]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2009-05-11 88832]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 38336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
utcsvc REG_MULTI_SZ DiagTrack
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-09 08:57]
.
2015-06-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 22:04]
.
2015-07-24 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 22:04]
.
.
------- Doplňkový sken -------
.
uStart Page = about:Tabs
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: csobpoj.cz
Trusted Zone: csobpoj.cz\app2
Trusted Zone: http://127.0.0.1
Trusted Zone: http://localhost
TCP: DhcpNameServer = 192.168.1.1 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlk.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\taskhost.exe
c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlkd.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Lenovo\Access Connections\AcSvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\SFK\SFKEX.exe
c:\program files\eLiska4\eLiska.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files\ThinkPad\Bluetooth Software\btwdins.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-07-24 20:54:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-07-24 18:54
.
Před spuštěním: Volných bajtů: 40 583 532 544
Po spuštění: Volných bajtů: 40 003 248 128
.
- - End Of File - - B178150335821D900B2DC06BCA76B112
4A62ACCD463F9203CF2B2BCF92B1CCED

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::
c:\programdata\Symantec
c:\programdata\Norton

RegLock::  
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

V Knihovně Plánovače úkolů zakaž :

Driver Navigator Scheduled Scan
PCDoctor Background Monitor Task
System Tools Daily Test

Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

IviRegMgr - InterVideo
System Update (SUService)
SSFK - TODO

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

V CCleaneru na kartě Nástroje vyber Start a zakaž :

HKLM:Run: Lenovo Registration
HKLM:Run: BCSSync
HKLM:Run: HP Software Update
HKCU:Run: Office Sync Process

zapomněl jsem v předchozím příspěvku napsat, že po použití prvního čističe - adwcleaner, je počítač pro laika nepoužitelný - po spuštění a zadání hesla se objeví myš na černém pozadí; je třeba ukončit přes správce úloh explorer a znovu ho spustit.

zakázal jsem spuštění PCDoctor Background Monitor Task a System Tools Daily Test, driver navigator scheduled scan jsem v knihovně plánovači úloh nenašel.

v services.msc všechny tři položky nalezeny, zastaveny a zakázány.

v ccleaneru také vše nalezeno a zakázáno.

ComboFix 15-07-23.01 - v 26.07.2015 20:13:36.2.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3060.1399 [GMT 2:00]
Spuštěný z: c:\users\v\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\v\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Norton
c:\programdata\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI
c:\programdata\Norton\00000082\00000114\000004e8\cltLMS1.dat
c:\programdata\Norton\00000082\00000114\000004e8\cltLMS2.dat
c:\programdata\Symantec
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-26 do 2015-07-26 )))))))))))))))))))))))))))))))
.
.
2015-07-26 18:23 . 2015-07-26 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-24 18:54 . 2015-07-26 18:23 -------- d-----w- c:\users\v\AppData\Local\temp
2015-07-24 18:44 . 2015-07-24 18:44 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B858588-7A8E-4FB1-BD91-B2FA4860246E}\offreg.4192.dll
2015-07-24 17:32 . 2015-07-15 01:33 9252608 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B858588-7A8E-4FB1-BD91-B2FA4860246E}\mpengine.dll
2015-07-21 16:59 . 2015-07-24 17:25 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-21 16:59 . 2015-06-18 06:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-21 16:59 . 2015-06-18 06:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-21 16:59 . 2015-06-18 06:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-21 16:59 . 2015-07-21 16:59 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-07-21 16:59 . 2015-07-21 16:59 -------- d-----w- c:\programdata\Malwarebytes
2015-07-21 16:45 . 2015-07-21 16:46 -------- d-----w- C:\AdwCleaner
2015-07-21 12:22 . 2015-07-21 12:22 -------- d-----w- c:\windows\system32\vbox
2015-07-21 11:25 . 2015-07-21 11:25 -------- d-----w- c:\users\v\AppData\Roaming\AVAST Software
2015-07-21 11:24 . 2015-07-21 11:23 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-21 11:24 . 2015-07-21 11:23 113592 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-07-21 11:24 . 2015-07-21 11:23 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-07-21 11:24 . 2015-07-21 11:23 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-21 11:24 . 2015-07-21 11:23 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-21 11:24 . 2015-07-21 11:23 433264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-07-21 11:24 . 2015-07-21 11:23 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-21 11:24 . 2015-07-21 11:23 788784 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-21 11:24 . 2015-07-21 11:23 95112 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-07-21 11:23 . 2015-07-21 11:23 313472 ----a-w- c:\windows\system32\aswBoot.exe
2015-07-21 11:23 . 2015-07-21 11:23 43112 ----a-w- c:\windows\avastSS.scr
2015-07-21 11:22 . 2015-07-21 11:22 -------- d-----w- c:\program files\AVAST Software
2015-07-21 11:21 . 2015-07-21 11:21 -------- d-----w- c:\programdata\AVAST Software
2015-07-21 11:05 . 2015-07-21 11:05 -------- d-----w- c:\program files\CCleaner
2015-07-21 10:56 . 2015-07-21 11:46 -------- d-----w- c:\program files\trend micro
2015-07-21 10:56 . 2015-07-21 10:56 -------- d-----w- C:\rsit
2015-07-21 08:14 . 2015-07-21 08:14 459464 ----a-w- c:\program files\SSFK.exe
2015-07-21 07:34 . 2015-07-15 02:55 26624 ----a-w- c:\windows\system32\lpk.dll
2015-07-21 07:34 . 2015-07-15 02:55 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-07-21 07:34 . 2015-07-15 02:55 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-07-21 07:34 . 2015-07-15 02:55 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-07-21 07:34 . 2015-07-15 01:52 299008 ----a-w- c:\windows\system32\atmfd.dll
2015-07-20 01:33 . 2015-07-20 01:33 -------- d-----w- C:\93dec2fdce063c6d67c950b9
2015-07-20 01:25 . 2015-03-29 22:47 83624 ----a-w- c:\windows\system32\perf-MSSQL$ELISKA4CLIENT-sqlctr10.52.4042.0.dll
2015-07-19 23:30 . 2015-07-26 15:51 -------- d-----w- c:\program files\SFK
2015-07-19 21:57 . 2015-06-01 23:47 210432 ----a-w- c:\windows\system32\cewmdm.dll
2015-07-19 21:57 . 2015-06-25 08:46 2383872 ----a-w- c:\windows\system32\win32k.sys
2015-07-19 21:55 . 2015-06-17 17:39 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-07-19 21:54 . 2015-06-19 18:31 37888 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-06-30 07:46 . 2015-06-30 07:46 -------- d-----w- C:\0ee66f0ee239e4a1cd4a4db45a18e6
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-21 08:57 . 2015-01-09 13:43 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-07-21 08:57 . 2015-01-09 13:43 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-01 20:30 . 2015-07-19 21:56 248832 ----a-w- c:\windows\system32\schannel.dll
2015-06-23 23:29 . 2015-06-23 23:29 1217192 ----a-w- c:\windows\system32\FM20.DLL
2015-06-23 11:27 . 2015-01-08 23:42 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-05-25 18:07 . 2015-06-10 08:42 3989440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 08:42 3934144 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 08:42 1307648 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:01 . 2015-06-10 08:42 853504 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:01 . 2015-06-10 08:42 635392 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:01 . 2015-06-10 08:42 400896 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:01 . 2015-06-10 08:42 43008 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:01 . 2015-06-10 08:42 92160 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:01 . 2015-06-10 08:42 38912 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:01 . 2015-06-10 08:42 641536 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:00 . 2015-06-10 08:42 40448 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:00 . 2015-06-10 08:42 364544 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 08:42 69632 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:00 . 2015-06-10 08:42 262656 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:00 . 2015-06-10 08:42 37888 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:00 . 2015-06-10 08:42 82944 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:00 . 2015-06-10 08:42 17408 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 17:55 . 2015-06-10 08:42 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 16:53 . 2015-06-10 08:42 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-21 13:20 . 2015-06-10 08:43 163840 ----a-w- c:\windows\system32\aepic.dll
2015-05-09 03:14 . 2015-06-10 08:42 169984 ----a-w- c:\windows\system32\winsrv.dll
2015-05-09 03:13 . 2015-06-10 08:42 293376 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-09 03:12 . 2015-06-10 08:42 271360 ----a-w- c:\windows\system32\conhost.exe
2015-05-09 03:08 . 2015-06-10 08:42 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:42 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 08:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 08:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 08:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 08:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-01 13:16 . 2015-05-14 01:27 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:07 . 2015-06-10 08:42 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-04-29 18:07 . 2015-06-10 08:42 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-04-29 18:07 . 2015-06-10 08:42 8192 ----a-w- c:\windows\system32\spwmp.dll
2015-04-29 18:05 . 2015-06-10 08:42 12625408 ----a-w- c:\windows\system32\wmploc.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-21 11:23 692512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2015-03-18 720064]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-03-24 2221352]
"IMSS"="c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-05-03 112152]
"RotateImage"="c:\program files\Integrated Camera Driver\RCIMGDIR.exe" [2008-10-30 31744]
"TpShocks"="TpShocks.exe" [2010-07-02 337256]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2010-07-27 69560]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-15 307768]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-08-24 894312]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-01-14 54632]
"Lenovo Registration"="c:\program files\Lenovo Registration\LenovoReg.exe" [2011-02-09 4309184]
"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2011-04-14 31592]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"StatusAlerts"="c:\program files\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"HP LaserJet 400 MFP M425 Series Fax"="c:\program files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe" [2014-08-13 2459888]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-21 6109776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
addToTrustedSites.vbs [2013-11-4 434]
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-8-12 795936]
cmssservice.lnk - c:\model\cmssservice\cmssservice.exe [2013-10-10 381440]
runModel.vbs [2013-5-15 130]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-07-21 113592]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [2012-05-02 164864]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-08-24 132456]
R3 HP DS Service;HP DS Service;c:\program files\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-06-19 102912]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2015-01-09 816792]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-08-24 75112]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-30 99768]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
R4 RsFx0153;RsFx0153 Driver;c:\windows\system32\DRIVERS\RsFx0153.sys [2015-03-29 250152]
R4 SQLAgent$ELISKA4CLIENT;SQL Server Agent (ELISKA4CLIENT);c:\program files\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\SQLAGENT.EXE [2015-03-29 381104]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-08-24 24304]
S0 ngvss;ngvss; [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2010-06-16 20592]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-07-21 788784]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-07-21 433264]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-07-21 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-07-21 76000]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2011-01-14 41320]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-01-14 65896]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
S2 MSSQL$ELISKA4CLIENT;SQL Server (ELISKA4CLIENT);c:\program files\eLiska4\MSSQL10_50.ELISKA4CLIENT\MSSQL\Binn\sqlservr.exe [2015-03-29 43130032]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
S2 SSFK;SSFK;c:\program files\SFK\SSFK.exe [2015-07-21 459464]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-09-30 13752]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-03 2533400]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-21 220752]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2011-05-23 132864]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-21 3218624]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2009-12-10 214696]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2009-05-11 88832]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 38336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
utcsvc REG_MULTI_SZ DiagTrack
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-09 08:57]
.
2015-06-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 22:04]
.
2015-07-26 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 22:04]
.
.
------- Doplňkový sken -------
.
uStart Page = about:Tabs
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: csobpoj.cz
Trusted Zone: csobpoj.cz\app2
Trusted Zone: http://127.0.0.1
Trusted Zone: http://localhost
TCP: DhcpNameServer = 192.168.1.1 213.46.172.36 213.46.172.37
.
.
Celkový čas: 2015-07-26 20:24:59
ComboFix-quarantined-files.txt 2015-07-26 18:24
ComboFix2.txt 2015-07-24 18:54
.
Před spuštěním: Volných bajtů: 40 423 288 832
Po spuštění: Volných bajtů: 40 146 767 872
.
- - End Of File - - DC1542D2A2686B61D5648243DB4347DD
4A62ACCD463F9203CF2B2BCF92B1CCED

po restartu po provedených změnách už počítač opět nabíhá až na plochu.

bohužel počítač stále není v dobrém stavu. po zapnutí a přihlášení jsem spustil program sledování prostředků. abych zjistil, který program nejvíce vytěžuje disk. nejvíce prostředků vyžadovaly svchost.exe, system, SearchIndexer .exe, SearchFilterHost.exe (v několika chvílích velmi mnoho jeho kopií), SearchprotocolHost.exe, sqlserv.exe, v jednu chvíli se objevilo velmi mnoho kopií programu dw20.exe (což by měl být robot hlásící poruchy systému office - proč se tento program objevil, je mi záhadou).

Disková aktivita nepolevila ani po 15 minutách po naběhnutí plochy a spuštění systému, ani poté, co jsem simuloval činnost (spouštěl jsem IE, Thunderbird a podobně). Po cca 22 minutách od naběhnutí plochy kontrolka využití disku přestala svítit, začala poblikávat, a počítač začal být (relativně) svižnější. Pokud jej ovšem porovnám s počítačem, na kterém píšu tenhle příspěvek (9 let staré lenovo r61 s linuxem mint), je stále beznadějně pomalý.

O&O defrag píše u defragmentace disku estimated time 5 dnů, což přisuzuji vytížení disku běžícími programy v pozadí.

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Co se týče toho vytížení PC, Tebou popisované jsou systémové prostředky anic moc s tím neuděláme vyjma dw20.exe.

Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

Zasílání zpráv o chybách

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

Pak mi sem dej aktuální log z Rsit, podívám se co tam ještě běží.

provedeno dle pokynů. také jsem vypnul službu indexování souborů, to by mohlo trochu pomoci. po startu počítače je stále po dobu přibližně deset minut disk v plném provozu, což práci s počítačem značně brzdí.

majitel počítače odjíždí do zahraničí, já tudíž nemohu dále počítač čistit a optimalizovat. stav není ideální, ale mnohem lepší než na začátku. děkuji za pomoc a pokyny.

funnyman_ píše:majitel počítače odjíždí do zahraničí, já tudíž nemohu dále počítač čistit a optimalizovat. stav není ideální, ale mnohem lepší než na začátku. děkuji za pomoc a pokyny.

Dobře, nechám to tady ještě odemčené a zkusíme doladit po dovče

VIRY.CZ

preventivní kontrola logu

preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu