VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Počítač se dost zahřívá, asi tam běží něco navíc.

https://forum.viry.cz:443/viewtopic.php?t=137271

Stránka 1 z 1

Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 14:44
od -yp-
Dobrý den, mam problém s Notebookem. Nějak se poslední dobou spomalil a navím se začal podezřele často rozjíždět harddsk. Taky mam podezření, že se mi tam oběvil nějakej hlídkovací program.

Tady je to DDS :

Děkuji předem za případnou pomoc.


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.25.2
Run by -izer at 15:34:24 on 2014-04-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2806.307 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\nvvsvc.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\Windows\System32\AsusService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\System32\WUDFHost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\EeePC\CapsHook\CapsHook.exe
C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\DllHost.exe
C:\Program Files\Opera\opera.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Users\-izer\Desktop\dds.exe
C:\Users\-izer\AppData\Local\Temp\nshDF7D.tmp\ns2FDE.tmp
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Users\-izer\AppData\Local\Temp\nshDF7D.tmp\PEV.DAT
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://websearch.searchinweb.info/?pid=1089&r=2014/01/29&hid=11095617174393326465&lg=EN&cc=CZ&unqvl=47
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://websearch.searchinweb.info/?pid=1089&r=2014/01/29&hid=11095617174393326465&lg=EN&cc=CZ&unqvl=47
uURLSearchHooks: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
dURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
dURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files\microsoft\bingbar\7.3.132.0\BingExt.dll
BHO: DEAellExpress: {92406D07-0BEA-6460-127A-98FEA80528CB} - c:\programdata\deaellexpress\r9IaA.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - c:\program files\microsoft\bingbar\7.3.132.0\BingExt.dll
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [NextLive] c:\windows\system32\rundll32.exe "c:\users\-izer\appdata\roaming\newnext.me\nengine.dll",EntryPoint -m l
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SynAsusAcpi] c:\program files\synaptics\syntp\SynAsusAcpi.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [HotkeyMon] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotKeyMon.exe
mRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exe
mRun: [SuperHybridEngine] AsusSender.exe c:\program files\eeepc\she\SuperHybridEngine.exe
mRun: [CapsHook] AsusSender.exe c:\program files\eeepc\capshook\CapsHook.exe
mRun: [GraphicsSwitch] AsusSender.exe c:\program files\asus\graphicsswitch\GPUStatusMonitor.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [iSeriesCharge] c:\program files\asus\usbchargesetting\iSeriesCharge.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [mobilegeni daemon] c:\program files\mobogenie\DaemonProcess.exe
mRun: [Anti-keylogger] c:\program files\anti-keylogger\Anti-keylogger.exe /autorun
dRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\icq7.2\ICQ.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.208.10 192.168.208.131
TCP: Interfaces\{2F891C99-A9A2-4941-BE50-98E542238C14} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{2F891C99-A9A2-4941-BE50-98E542238C14}\0516A616D2235383938373 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{2F891C99-A9A2-4941-BE50-98E542238C14}\350756564674E28363 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{2F891C99-A9A2-4941-BE50-98E542238C14}\4456661657C647 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{AE5761BD-C0E2-492E-8048-8E309FF0C0F2} : DHCPNameServer = 192.168.208.10 192.168.208.131
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\windows\system32\nvinit.dll c:\progra~2\assist~1\assist~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\-izer\appdata\roaming\mozilla\firefox\profiles\vr9oczd7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchinweb.info/?pid=1089&r=2014/01/29&hid=11095617174393326465&lg=EN&cc=CZ&unqvl=47&l=1&q=
FF - prefs.js: browser.search.selectedEngine - WebSearch
FF - prefs.js: browser.startup.homepage - hxxps://www.equabanking.cz/IBS/
FF - prefs.js: keyword.URL - hxxp://websearch.searchinweb.info/?pid=1089&r=2014/01/29&hid=11095617174393326465&lg=EN&cc=CZ&unqvl=47&l=1&q=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\-izer\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiDriver;ASUS Charger Driver;c:\windows\system32\drivers\AiDriver.sys [2011-1-14 13224]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-17 49248]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R0 nvpciflt;nvpciflt;c:\windows\system32\drivers\nvpciflt.sys [2010-9-15 19656]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-9-29 11520]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-4-14 218688]
R1 MpKsl95afcccc;MpKsl95afcccc;c:\programdata\microsoft\microsoft antimalware\definition updates\{f4e24ea7-eb74-48fb-b4b1-d876b3651f4c}\MpKsl95afcccc.sys [2014-4-5 39464]
R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2010-9-29 219136]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 104264]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.3.132.0\SeaPort.EXE [2014-3-12 247968]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-9-29 293928]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-9-29 33320]
R3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-8-23 68208]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-1-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-1-22 139648]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.3.132.0\BBSvc.EXE [2014-3-12 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-17 164736]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-1-17 39272]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-3-13 108032]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-5-28 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-5-28 49664]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-04-05 12:46:09 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4e24ea7-eb74-48fb-b4b1-d876b3651f4c}\offreg.dll
2014-04-05 12:31:57 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4e24ea7-eb74-48fb-b4b1-d876b3651f4c}\MpKsl95afcccc.sys
2014-04-05 12:30:58 59904 ----a-w- c:\windows\system32\akl_svc.exe
2014-04-05 12:30:58 360448 ----a-w- c:\windows\system32\drivers\krnl_akl.sys
2014-04-05 04:25:21 7969936 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f4e24ea7-eb74-48fb-b4b1-d876b3651f4c}\mpengine.dll
2014-04-04 04:00:28 7969936 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-04-03 22:59:54 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9b8b51c7-fec7-4a74-bb9e-1b19f10ceff6}\gapaengine.dll
2014-04-01 14:52:08 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bbf8ed10-3355-4e5e-a495-a29f982de76a}\gapaengine.dll
2014-03-29 21:13:35 -------- d-----w- c:\programdata\Assistant
2014-03-29 03:09:28 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3fe4861c-7514-4dd9-97cb-62807a6ffe7e}\gapaengine.dll
.
==================== Find3M ====================
.
2014-03-12 18:41:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 18:41:27 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-11 08:52:30 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-01 04:11:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-30 01:08:36 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-01-25 00:19:42 231960 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-18 17:15:18 31232 ----a-w- c:\windows\muninst.exe
2013-05-12 00:43:48 44 ---h--w- c:\program files\967868b0.tmp
.
============= FINISH: 15:44:24,22 ===============


Ještě jednou děkuji.

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 16:31
od Rudy
Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 18:24
od -yp-
Zdravím a děkuji.

# AdwCleaner v3.023 - Report created 05/04/2014 at 19:35:24
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : -izer - -IZER-PC
# Running from : C:\Users\-izer\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\grreAtosaver
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Program Files\SNT
Folder Deleted : C:\Program Files\YoutubeAdblocker
Folder Deleted : C:\Program Files\grreAtosaver
Folder Deleted : C:\windows\system32\AI_RecycleBin
Folder Deleted : C:\Users\-izer\AppData\Local\genienext
Folder Deleted : C:\Users\-izer\AppData\Local\Mobogenie
Folder Deleted : C:\Users\-izer\AppData\Local\torch
Folder Deleted : C:\Users\-izer\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default\Extensions\9gdgwd@fagqkp.co.uk
Folder Deleted : C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default\Extensions\jhny3j@ec-cji.edu
Folder Deleted : C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default\Extensions\oay2dogg@aioyao-.org
Folder Deleted : C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default\Extensions\u4dcakmd@ieyyohmdxgm.com
Folder Deleted : C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default\Extensions\xcuuy_v@umkb-oouybpj.edu
File Deleted : C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default\searchplugins\bingp.xml
File Deleted : C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default\searchplugins\WebSearch.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\and
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchinweb.info/?pid=1089&r=2014/01/29&hid=11095617174393326465&lg=EN&cc=CZ&unqvl=47&l=1&q=");
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("extensions.LuKsYVy8FzTs.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf([...]
Line Deleted : user_pref("extensions.OlLADJ7v.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"su[...]
Line Deleted : user_pref("extensions._Q4s2X8x.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.in[...]
Line Deleted : user_pref("extensions.crossrider.bic", "1410d060925e2408e33015248d1d56f8");
Line Deleted : user_pref("extensions.lAI9E.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumor[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Deleted : user_pref("extensions.zjhJXiM.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.ind[...]
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.searchinweb.info/?pid=1089&r=2014/01/29&hid=11095617174393326465&lg=EN&cc=CZ&unqvl=47&l=1&q=");

*************************

AdwCleaner[R0].txt - [9136 octets] - [05/04/2014 19:15:14]
AdwCleaner[R1].txt - [9196 octets] - [05/04/2014 19:33:47]
AdwCleaner[S0].txt - [7533 octets] - [05/04/2014 19:35:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7593 octets] ##########

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 19:09
od Rudy
Dejte nový log RSIT.

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 19:35
od -yp-
Je to tu, trochu mu to trvalo.

Předem děkuji za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by -izer at 2014-04-05 20:29:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (32%) free of 102 GB
Total RAM: 2806 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:08, on 5.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\windows\System32\mobsync.exe
C:\Users\-izer\Desktop\RSIT.exe
C:\Program Files\trend micro\-izer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: DEAellExpress - {92406D07-0BEA-6460-127A-98FEA80528CB} - C:\ProgramData\DEAellExpress\r9IaA.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [GraphicsSwitch] AsusSender.exe C:\Program Files\Asus\GraphicsSwitch\GPUStatusMonitor.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [iSeriesCharge] C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Anti-keylogger] C:\Program Files\Anti-keylogger\Anti-keylogger.exe /autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\system32\nvinit.dll c:\progra~2\assist~1\assist~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7924 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\WS-Enabler-S-1404196680.job

=========Mozilla firefox=========

ProfilePath - C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default

prefs.js - "browser.startup.homepage" - "https://www.equabanking.cz/IBS/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92406D07-0BEA-6460-127A-98FEA80528CB}]
DEAellExpress - C:\ProgramData\DEAellExpress\r9IaA.dll [2014-02-28 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"CapsHook"=AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe []
"GraphicsSwitch"=AsusSender.exe C:\Program Files\Asus\GraphicsSwitch\GPUStatusMonitor.exe []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-08-24 9722472]
"iSeriesCharge"=C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe [2010-08-18 96176]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Anti-keylogger"=C:\Program Files\Anti-keylogger\Anti-keylogger.exe /autorun []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\windows\AsScrPro.exe [2010-09-29 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-06-10 414384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeSplendidAgent]
C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2010-10-25 173592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2010-10-25 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\windows\inf\ntvdm.vbe [2013-06-20 1219]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE]
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOBESetup]
C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe [2009-12-11 334848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2010-10-25 150552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [2013-05-01 543]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncables]
C:\Program Files\syncables\syncables desktop\Syncables.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UfSeAgnt.exe]
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-05-21 828704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\windows\system32\nvinit.dll c:\progra~2\assist~1\assist~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-10-25 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll
"VIDC.CFHD"=cfhd.dll
"VIDC.IV41"=IR41_32.AX

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-05 20:29:55 ----D---- C:\Program Files\trend micro
2014-04-05 20:29:54 ----D---- C:\rsit
2014-04-05 19:15:05 ----D---- C:\AdwCleaner
2014-04-05 14:30:58 ----A---- C:\windows\system32\drivers\krnl_akl.sys
2014-04-05 14:30:58 ----A---- C:\windows\system32\akl_svc.exe
2014-03-29 23:13:35 ----D---- C:\ProgramData\Assistant
2014-03-19 22:56:15 ----D---- C:\Program Files\Google
2014-03-13 01:48:54 ----A---- C:\windows\system32\qedit.dll
2014-03-13 01:48:53 ----A---- C:\windows\system32\jsproxy.dll
2014-03-13 01:48:53 ----A---- C:\windows\system32\iernonce.dll
2014-03-13 01:48:53 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-03-13 01:48:53 ----A---- C:\windows\system32\ieetwcollector.exe
2014-03-13 01:48:52 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-13 01:48:52 ----A---- C:\windows\system32\jscript9diag.dll
2014-03-13 01:48:52 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-03-13 01:48:51 ----A---- C:\windows\system32\ieapfltr.dll
2014-03-13 01:48:50 ----A---- C:\windows\system32\wininet.dll
2014-03-13 01:48:48 ----A---- C:\windows\system32\ieui.dll
2014-03-13 01:48:47 ----A---- C:\windows\system32\ieUnatt.exe
2014-03-13 01:48:46 ----A---- C:\windows\system32\iertutil.dll
2014-03-13 01:48:44 ----A---- C:\windows\system32\jscript9.dll
2014-03-13 01:48:42 ----A---- C:\windows\system32\mshtml.dll
2014-03-13 01:48:40 ----A---- C:\windows\system32\urlmon.dll
2014-03-13 01:48:38 ----A---- C:\windows\system32\msfeeds.dll
2014-03-13 01:48:36 ----A---- C:\windows\system32\msrating.dll
2014-03-13 01:48:35 ----A---- C:\windows\system32\iesetup.dll
2014-03-13 01:48:35 ----A---- C:\windows\system32\ie4uinit.exe
2014-03-13 01:48:34 ----A---- C:\windows\system32\ieframe.dll
2014-03-13 01:48:23 ----A---- C:\windows\system32\wwansvc.dll
2014-03-13 01:48:20 ----A---- C:\windows\system32\win32k.sys
2014-03-13 01:48:19 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-03-13 01:48:18 ----A---- C:\windows\system32\wer.dll

======List of files/folders modified in the last 1 month======

2014-04-05 20:30:07 ----D---- C:\windows\Prefetch
2014-04-05 20:29:55 ----RD---- C:\Program Files
2014-04-05 19:47:07 ----D---- C:\windows\system32\config
2014-04-05 19:46:55 ----D---- C:\windows\Temp
2014-04-05 19:41:04 ----D---- C:\windows\System32
2014-04-05 19:41:04 ----D---- C:\windows\inf
2014-04-05 19:41:04 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-04-05 19:35:56 ----D---- C:\windows\tracing
2014-04-05 19:35:26 ----HD---- C:\ProgramData
2014-04-05 19:15:21 ----D---- C:\ProgramData\97db70cb2d78aa8c
2014-04-05 18:22:17 ----SHD---- C:\windows\Installer
2014-04-05 18:22:16 ----D---- C:\ProgramData\Microsoft Help
2014-04-05 15:20:32 ----D---- C:\Users\-izer\AppData\Roaming\vlc
2014-04-05 15:19:10 ----D---- C:\windows\system32\Tasks
2014-04-05 15:19:09 ----D---- C:\windows\Tasks
2014-04-05 15:17:39 ----D---- C:\windows\system32\catroot2
2014-04-05 15:17:37 ----SHD---- C:\System Volume Information
2014-04-05 15:09:12 ----D---- C:\windows\winsxs
2014-04-05 15:05:25 ----D---- C:\windows\system32\catroot
2014-04-05 14:30:59 ----AD---- C:\windows\system32\drivers
2014-04-03 18:29:38 ----D---- C:\Users\-izer\AppData\Roaming\Skype
2014-04-01 07:21:29 ----D---- C:\windows\system32\NDF
2014-03-29 23:13:34 ----D---- C:\Program Files\WS-Enabler
2014-03-29 18:10:29 ----D---- C:\Windows
2014-03-29 18:10:25 ----D---- C:\Program Files\Microsoft Security Client
2014-03-29 16:54:34 ----D---- C:\Users\-izer\AppData\Roaming\BSplayer
2014-03-29 11:49:51 ----D---- C:\Program Files\Google SketchUp 8
2014-03-29 10:13:49 ----D---- C:\windows\system32\drivers\etc
2014-03-28 03:06:24 ----D---- C:\windows\system32\wfp
2014-03-28 03:06:24 ----D---- C:\windows\system32\DriverStore
2014-03-28 03:06:24 ----D---- C:\windows\system32\drivers\UMDF
2014-03-28 03:06:23 ----D---- C:\windows\system32\wbem
2014-03-28 03:06:22 ----D---- C:\windows\AppCompat
2014-03-28 03:06:13 ----D---- C:\windows\registration
2014-03-28 03:00:11 ----D---- C:\windows\system32\LogFiles
2014-03-19 06:12:41 ----D---- C:\windows\system32\MRT
2014-03-19 06:06:54 ----A---- C:\windows\system32\MRT.exe
2014-03-13 04:21:40 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 04:20:41 ----D---- C:\Program Files\Internet Explorer
2014-03-12 20:41:27 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-03-06 21:39:21 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiDriver;ASUS Charger Driver; C:\windows\system32\DRIVERS\AiDriver.sys [2010-05-20 13224]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-05 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2010-08-04 19656]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-03-30 431672]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-14 218688]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-05-08 2710592]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-05-21 293928]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-05-21 88104]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2010-05-21 111144]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 33320]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-05-21 18728]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-08-24 3178472]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-07-29 68208]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2011-03-13 47360]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a35j2fsg;a35j2fsg; C:\windows\system32\drivers\a35j2fsg.sys []
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;Android USB Driver; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-05-21 652576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2010-07-30 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2011-03-19 66872]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-12 247968]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 699fd52f;Assistant; c:\progra~2\assist~1\AssistantSvc.dll [2014-04-01 177488]
S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-12 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-20 118896]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 20:09
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files\Microsoft\BingBar
C:\ProgramData\DEAellExpress
C:\windows\AutoKMS.exe
C:\windows\inf\ntvdm.vbe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92406D07-0BEA-6460-127A-98FEA80528CB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

:services
BBUpdate
BBSvc
699fd52f

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 20:44
od -yp-
Je to tady :

Logfile of random's system information tool 1.09 (written by random/random)
Run by -izer at 2014-04-05 21:50:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (32%) free of 102 GB
Total RAM: 2806 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:22, on 5.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\windows\system32\Dwm.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\windows\System32\mobsync.exe
C:\Users\-izer\Desktop\RSIT.exe
C:\Program Files\trend micro\-izer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [GraphicsSwitch] AsusSender.exe C:\Program Files\Asus\GraphicsSwitch\GPUStatusMonitor.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [iSeriesCharge] C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Anti-keylogger] C:\Program Files\Anti-keylogger\Anti-keylogger.exe /autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\system32\nvinit.dll c:\progra~2\assist~1\assist~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7600 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\WS-Enabler-S-1404196680.job

=========Mozilla firefox=========

ProfilePath - C:\Users\-izer\AppData\Roaming\Mozilla\Firefox\Profiles\vr9oczd7.default

prefs.js - "browser.startup.homepage" - "https://www.equabanking.cz/IBS/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"CapsHook"=AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe []
"GraphicsSwitch"=AsusSender.exe C:\Program Files\Asus\GraphicsSwitch\GPUStatusMonitor.exe []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-08-24 9722472]
"iSeriesCharge"=C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe [2010-08-18 96176]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Anti-keylogger"=C:\Program Files\Anti-keylogger\Anti-keylogger.exe /autorun []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\windows\AsScrPro.exe [2010-09-29 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-06-10 414384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeSplendidAgent]
C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2010-10-25 173592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2010-10-25 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE]
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOBESetup]
C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe [2009-12-11 334848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2010-10-25 150552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [2013-05-01 543]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncables]
C:\Program Files\syncables\syncables desktop\Syncables.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UfSeAgnt.exe]
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-05-21 828704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\windows\system32\nvinit.dll c:\progra~2\assist~1\assist~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-10-25 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll
"VIDC.CFHD"=cfhd.dll
"VIDC.IV41"=IR41_32.AX

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-05 21:33:12 ----D---- C:\_OTM
2014-04-05 20:29:55 ----D---- C:\Program Files\trend micro
2014-04-05 20:29:54 ----D---- C:\rsit
2014-04-05 19:15:05 ----D---- C:\AdwCleaner
2014-04-05 14:30:58 ----A---- C:\windows\system32\drivers\krnl_akl.sys
2014-04-05 14:30:58 ----A---- C:\windows\system32\akl_svc.exe
2014-03-29 23:13:35 ----D---- C:\ProgramData\Assistant
2014-03-19 22:56:15 ----D---- C:\Program Files\Google
2014-03-13 01:48:54 ----A---- C:\windows\system32\qedit.dll
2014-03-13 01:48:53 ----A---- C:\windows\system32\jsproxy.dll
2014-03-13 01:48:53 ----A---- C:\windows\system32\iernonce.dll
2014-03-13 01:48:53 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-03-13 01:48:53 ----A---- C:\windows\system32\ieetwcollector.exe
2014-03-13 01:48:52 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-13 01:48:52 ----A---- C:\windows\system32\jscript9diag.dll
2014-03-13 01:48:52 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-03-13 01:48:51 ----A---- C:\windows\system32\ieapfltr.dll
2014-03-13 01:48:50 ----A---- C:\windows\system32\wininet.dll
2014-03-13 01:48:48 ----A---- C:\windows\system32\ieui.dll
2014-03-13 01:48:47 ----A---- C:\windows\system32\ieUnatt.exe
2014-03-13 01:48:46 ----A---- C:\windows\system32\iertutil.dll
2014-03-13 01:48:44 ----A---- C:\windows\system32\jscript9.dll
2014-03-13 01:48:42 ----A---- C:\windows\system32\mshtml.dll
2014-03-13 01:48:40 ----A---- C:\windows\system32\urlmon.dll
2014-03-13 01:48:38 ----A---- C:\windows\system32\msfeeds.dll
2014-03-13 01:48:36 ----A---- C:\windows\system32\msrating.dll
2014-03-13 01:48:35 ----A---- C:\windows\system32\iesetup.dll
2014-03-13 01:48:35 ----A---- C:\windows\system32\ie4uinit.exe
2014-03-13 01:48:34 ----A---- C:\windows\system32\ieframe.dll
2014-03-13 01:48:23 ----A---- C:\windows\system32\wwansvc.dll
2014-03-13 01:48:20 ----A---- C:\windows\system32\win32k.sys
2014-03-13 01:48:19 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-03-13 01:48:18 ----A---- C:\windows\system32\wer.dll

======List of files/folders modified in the last 1 month======

2014-04-05 21:48:25 ----D---- C:\windows\System32
2014-04-05 21:48:25 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-04-05 21:48:24 ----D---- C:\windows\inf
2014-04-05 21:44:54 ----D---- C:\windows\Temp
2014-04-05 21:44:08 ----D---- C:\windows\system32\config
2014-04-05 21:43:01 ----D---- C:\windows\Prefetch
2014-04-05 21:42:47 ----D---- C:\Windows
2014-04-05 21:35:18 ----HD---- C:\ProgramData
2014-04-05 21:35:01 ----D---- C:\Program Files\Microsoft
2014-04-05 21:33:15 ----D---- C:\windows\tracing
2014-04-05 20:29:55 ----RD---- C:\Program Files
2014-04-05 19:15:21 ----D---- C:\ProgramData\97db70cb2d78aa8c
2014-04-05 18:22:17 ----SHD---- C:\windows\Installer
2014-04-05 18:22:16 ----D---- C:\ProgramData\Microsoft Help
2014-04-05 15:20:32 ----D---- C:\Users\-izer\AppData\Roaming\vlc
2014-04-05 15:19:10 ----D---- C:\windows\system32\Tasks
2014-04-05 15:19:09 ----D---- C:\windows\Tasks
2014-04-05 15:17:39 ----D---- C:\windows\system32\catroot2
2014-04-05 15:17:37 ----SHD---- C:\System Volume Information
2014-04-05 15:09:12 ----D---- C:\windows\winsxs
2014-04-05 15:05:25 ----D---- C:\windows\system32\catroot
2014-04-05 14:30:59 ----AD---- C:\windows\system32\drivers
2014-04-03 18:29:38 ----D---- C:\Users\-izer\AppData\Roaming\Skype
2014-04-01 07:21:29 ----D---- C:\windows\system32\NDF
2014-03-29 23:13:34 ----D---- C:\Program Files\WS-Enabler
2014-03-29 18:10:25 ----D---- C:\Program Files\Microsoft Security Client
2014-03-29 16:54:34 ----D---- C:\Users\-izer\AppData\Roaming\BSplayer
2014-03-29 11:49:51 ----D---- C:\Program Files\Google SketchUp 8
2014-03-29 10:13:49 ----D---- C:\windows\system32\drivers\etc
2014-03-28 03:06:24 ----D---- C:\windows\system32\wfp
2014-03-28 03:06:24 ----D---- C:\windows\system32\DriverStore
2014-03-28 03:06:24 ----D---- C:\windows\system32\drivers\UMDF
2014-03-28 03:06:23 ----D---- C:\windows\system32\wbem
2014-03-28 03:06:22 ----D---- C:\windows\AppCompat
2014-03-28 03:06:13 ----D---- C:\windows\registration
2014-03-28 03:00:11 ----D---- C:\windows\system32\LogFiles
2014-03-19 06:12:41 ----D---- C:\windows\system32\MRT
2014-03-19 06:06:54 ----A---- C:\windows\system32\MRT.exe
2014-03-13 04:21:40 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 04:20:41 ----D---- C:\Program Files\Internet Explorer
2014-03-12 20:41:27 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-03-06 21:39:21 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiDriver;ASUS Charger Driver; C:\windows\system32\DRIVERS\AiDriver.sys [2010-05-20 13224]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-05 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2010-08-04 19656]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-03-30 431672]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-14 218688]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-05-08 2710592]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-05-21 293928]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-05-21 88104]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2010-05-21 111144]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 33320]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-05-21 18728]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-08-24 3178472]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-07-29 68208]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
R3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2011-03-13 47360]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 afg4gvuy;afg4gvuy; C:\windows\system32\drivers\afg4gvuy.sys []
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;Android USB Driver; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-05-21 652576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2010-07-30 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2011-03-19 66872]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-20 118896]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 21:16
od Rudy
Dvouklikem na soubor C:\Program Files\trend micro\-izer.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
R3 - URLSearchHook: (no name) - - (no file)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 05 dub 2014 21:41
od -yp-
Děkuji vám moc, co tam prosim Vás bylo? Že se to muselo takhle šíleně odbourávat?

Ještě jednou děkuji -izi-

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 06 dub 2014 06:59
od -yp-
Zahlídl jsem totiž mezi logy něco ohledně firefoxu, přes který se připojuji na banku. Ovšem samo s sebou kulový tomu rozumim a tak jen spekuluju, co že to mohlo bejt.

Toto se mi vůbec nelíbí, že nejsem ve vobraze. Počkám a až budu mít dostatečnej "rank" pokusím se zařadit mezi "nováčky". Nesnesu pocit, že se mi v pc děje něco, co nejsem schopnej určit. :roll:


Ještě jednou dík.

Re: Počítač se dost zahřívá, asi tam běží něco navíc.

Napsal: 06 dub 2014 10:17
od Rudy
Byl tam rootkit. Kromě něj už jen AdWary a zbytečnosti. Vše by mělo být pryč.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz